The legislation includes some recommendations from the Cyberspace Solarium Commission, but not the main one.
Text of the fiscal 2021 National Defense Authorization Act passed unopposed through the House Armed Services’ panel on intelligence and emerging threats and capabilities with no mention of the need for a national cybersecurity coordinator.
Establishing a national cybersecurity director with access to the president is a top-line recommendation of the national Cyberspace Solarium Commission and enjoys support from leading Republicans. Members of the bipartisan commission said they were working to include their recommendations in the NDAA.
The Senate Armed Services Committee approved its version of the new National Defense Authorization Act with language calling for a study on the benefits of the role, rather than for the position to be established, according to a summary the committee released.
Rep. Jim Langevin, D-R.I., chairman of the congressional cybersecurity caucus and a member of the commission, said his understanding is that the language in the Senate Committee’s summary was just a “placeholder.” His office did not respond to a request for comment on the exclusion of the topic altogether in the House subcommittee’s markup of the legislation.
Langevin, who chairs the subcommittee, highlighted the bill’s inclusion of other recommendations from the commission.
“I will note that the mark contains provisions from the Cyber Solarium Commission that Mr. [Mike] Gallagher and I served on, including an assessment on the promise of partnerships with critical infrastructure owners and operators, a review of alternative Reserve Component models for support to cyber operations; and a mandate to the Department of Defense to clarify cybersecurity capabilities and authorities with respect to the National Guard,” he said.
Langevin and subcommittee ranking member Elise Stefanik, R-NY, both lauded the bill’s inclusion of measures to leverage artificial intelligence for cybersecurity beyond the Defense Department by elevating the Joint Artificial Intelligence Center.
“In line with the recommendations from the National Security Commission on AI, we make substantial improvements to the Joint Artificial Intelligence Center, or JAIC, by bringing responsibility for it up to the Deputy Secretary of Defense and establishing a Board of Directors over it, comprised of both civilian and military leaders, as well as experts from academia and the private sector,” Langevin said.
Stefanik added the move would be especially important for keeping pace with Russia and China.
“This mark also addresses the importance of the broader national security innovation base through the formalization of programs like hacking for defense and the national security innovation network and the maturation of the Joint Artificial Intelligence Center,” she said, noting the activities of the JAIC must urgently be “integrated into not only our weapons systems, but our healthcare systems, our predictive maintenance efforts, our humanitarian assistance missions and our cybersecurity.”