Once passed, the National Defense Authorization Act will create a White House cybersecurity director role, expand CISA’s capabilities, and create a K-12 security education assistance program.
This year’s National Defense Authorization Act (NDAA), the annual “must-pass” spending bill that ensures the continued funding of the nation’s military, has a wealth of information security recommendations that come from the bi-partisan, bi-cameral, public-private initiative known as the Cyberspace Solarium Commission (CSC). The CSC was itself established in 2019’s NDAA bill and was asked to come up with a new strategic approach to cybersecurity.
Last spring, the CSC issued a report that offered 82 policy and legislative recommendations to improve cybersecurity. Of those, 26 will likely become law given that both the House and Senate last week passed the bill by overwhelming margins. The veto-proof vote count is needed given that President Donald Trump has repeatedly vowed to veto this year’s NDAA unless it also contains provisions that strip internet companies of legal liability protections granted them in Section 230 of the Communications Decency Act of 1996. Over the weekend, Trump reiterated via Tweet his intention to veto the NDAA.
Solarium co-chairs Senator Angus King (I-ME) and Representative Mike Gallagher (R-WI) expressed their delight in turning substantive cybersecurity recommendations into legislative provisions. “From the first day we embarked on crafting America’s cyberdoctrine, we were determined to create a plan of action, not a report collecting dust on a shelf. It is only because of the hard work and commitment of our commissioners and tireless staff that we were able to create such a robust report earlier this year. It is due to them that we were able to inform national policy on such a remarkable level,” the pair said in a statement.
The Commission’s top accomplishment in the bill is the reestablishment of cybersecurity leadership in the White House by creating a national cyber director position. Senator Mike Rounds (R-SD) garners much of the credit for this achievement. “The creation of a national cyber director position in this year’s NDAA was the result of years of hard work,” Rounds said in a statement.
This article appeared in CSO Online. To read the rest of the article please visit here.