Lawmakers promotes cyber education, accountability in defense bill

House defense panels think DOD's cyber recruiting efforts -- and cyber tools -- are too spread out to be effective.

Shutterstock image ID: 569172169 By Zenzen

The Defense Department has struggled with recruiting and retaining cyber workers despite existing rapid-hire authorities. DOD reportedly lost about 4,000 cyber-related personnel in 2018 and Congress is taking notice in the 2020 National Defense Authorization Act, which includes a push for more thorough cyber education and hiring efforts.

The 2020 NDAA provides a glimpse into the Democrats defense tech priorities for the next fiscal year. So far, that means tech recruitment with an emphasis on diversity and inclusion, and getting policy conversations started earlier around emerging technologies, such as 5G, artificial intelligence and software development.

"The mark places substantial emphasis on the maturation of the Department's science and technology initiatives, ranging from requiring studies on the effects of historically under-funded science and technology activities to an assessment of essential STEM skill sets required to support emerging and future warfighter technologies, including an analysis of the recruiting, retention, and representation of minorities and women in the current and projected workforce," Rep. Jim Langevin (D-RI), said on June 4.

The Intelligence and Emerging Threats and Capabilities Subcommittee, which Langevin chairs, approved its markup in a swift voice vote June 4 without amendments to be reported to the full committee for consideration June 12.

Previous defense spending bills have given the Defense Department numerous direct hiring authorities and Congress wants to make sure they're using them. Langevin's panel wants a plan and assessment of current workforce, according to a draft version of the bill.

One provision would require the defense secretary to brief the committee by March 1, 2020 on how the DOD is integrating cyber domain education among leadership and throughout the professional and officer military education courses.

The report would also assess "efforts to recruit and develop career tracks with promotion potential for cyber professionals."

The Intelligence and Emerging Threats and Capabilities Subcommittee wrote that the Defense Department isn't taking adequate advantage of current authorities and programs to speed up cyber workforce hiring.

"The current recruitment efforts by the military services do not appear calibrated for the needs of the Department in building its cyberspace force," the draft states.

As a result, the committee wants a hearing by March 31, 2020, on DOD's plan to recruit for skills in cyber, AI, software engineering, data sciences and quantum sciences. 

Spotlight on Cyber Command

The committee wrote there was "potential that the nation's cyber force could be hindered with tools and accesses being developed and stored by different components of the services and Department of Defense agencies and elements" and proposed that CYBERCOM should maintain a comprehensive inventory of subordinate elements' accesses and tools, while emphasizing sustainment for cyber capabilities.

If adopted, the defense secretary would have to brief HASC by Feb. 1, 2020, on the DOD's strategy for acquisition, development, and sustainment of cyber-specific accesses and tools, including how tools, capabilities, and accesses from non-governmental sources should be acquired.

The bill also seeks to incentivize cyber accountability with the DOD with a proposal that would limit funding from the White House Communications Agency if U.S. Cyber Command fails to complete a Tier 1 test in fiscal year 2019.

A HASC staffer told reporters June 3 the provision was not intended to be punitive because a test is already planned and if they do it, it will have no impact on 2020 funding.