2023 NDAA Has Cybersecurity Features
For the last several years the National Defense Authorization Act has contained a number of cybersecurity features, including some recommendations from the cyberspace solarium commission. This year’s bill includes:
- $44 million more for Cybercom’s ‘Hunt Forward’ operations. Hunt forward means offensive cyber operations and Cybercom has conducted several dozens operations in the last year.
- $168 million more for Cyber Mission Force, which includes intelligence operations.
- $56 million more for Cybercom’s Joint Warfighting Architecture development, which is an effort to synchronize cyberspace operations.
- The bill codifies and updates FedRAMP, which is a standardized approach to certifying system cybersecurity in the government.
- Protection of critical infrastructure allows the military to perform defensive cyber on critical infrastructure if approved by the President.
- Requires the DoD to create a five year roadmap to integrate AI into warfighter cyber missions.
- Requires a biennial, unclassified report to be produced through 2032 describing Cybercom’s efforts to ensure election security and counter election threats.
- Establishes a pilot program to share cyber capabilities with foreign partners.
- Requires the Secretary of Defense, on March 1st every year, to brief Congress on the relationship between NSA and Cybercom.
- Requires cyber protection for members of the intelligence community who are vulnerable to cyberattack.
- Requires the CIO of the intelligence community to conduct a yearly survey of each element of the IC on the use of proactive cybersecurity initiatives, active defense techniques and continuous activity security testing.
- And finally, it requires a study to understand if foreign built cranes at U.S. ports represents a threat and deliver that report to Congress.
Since the NDAA is a must pass bill every year, there is a lot of stuff that gets put into it and cybersecurity gets some of the benefits of that. Credit: CSO Online