Correction: An earlier version of this story misstated the percentage increase in CYBERCOM’s budget and priorities for that increase.
U.S. Cyber Command is requesting $647 million in President Donald Trump’s budget, roughly a 16 percent jump from the prior year, CYBERCOM Chief Adm. Michael Rogers told lawmakers Tuesday.
That funding hike will go to readying CYBERCOM’s elevation to a full combatant command, which was authorized in a recent major defense policy bill, as well as cyber operations against ISIS and other priorities, Rogers told members of a House Armed Services panel.
Currently, CYBERCOM is officially a sub-unified command of U.S. Strategic Command.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
Rogers declined to speculate on precisely when that elevation will happen, saying it should be left to the president who will make the final decision. He did say CYBERCOM has been preparing for the transition.
CYBERCOM is on track to reach its full operating capability of roughly 6,200 troops across the four services by late 2018, he said.
As CYBERCOM develops its capabilities, top cyber leaders in the House want to increase congressional oversight of sensitive military cyber operations, panel Chairwoman Elise Stefanik, R-N.Y., said.
Stefanik is preparing draft legislation that would strengthen that oversight, including requiring the Defense Department notify Congress when information is disclosed without proper authorization, she said.
The panel’s ranking member Rep. Jim Langevin, D-R.I., and Armed Services Chairman Mac Thornberry, R-Texas, and ranking member Adam Smith, D-Wash., are also sponsors of the draft bill, she said.
CYBERCOM has not yet begun using an expanded authority granted by Congress to buy top-shelf cyber tools, Rogers said. The command expects to start using that authority in the next few months to begin strategically buying cyber defense tools from some Silicon Valley firms, Rogers said.
CYBERCOM consulted with Special Operations Command as it developed that capability, Rogers said, and hired two officials recommended by SOCOM to manage the process.
Congress granted CYBERCOM $75 million per year for cyber acquisitions over the next five years in the 2016 National Defense Authorization Act.
Outdated computer and technology systems across DOD and the services make the military vulnerable to cyberattacks, Rogers said, partly because defense acquisition has historically prioritized purchasing new weapons systems, ships, planes and other hardware over shoring up cyber vulnerabilities in existing systems.
“In a world of finite resources, you’ve got to make those resource tradeoffs,” Rogers said, “and in general, the acquisition world hasn’t historically always been incentivized for cybersecurity outcomes as its primary metric.”