Rep. Jim Langevin suggested in a hearing the Defense Department has not elevated its focus on the cyber domain enough.
The chairman of the House Armed Services Committee’s cyber subcommittee suggested the Defense Department is not making securing the cyber domain enough of a priority in a Friday hearing that came on the heels of yet another high-profile intrusion.
As Colonial Pipeline resumes shipping fuel following a ransomware attack, Rep. Jim Langevin, D-R.I., opened the hearing by expressing his frustration that lawmakers and the witnesses alike—two top DOD cyber officials—face an “uphill battle to put cyber front and center in the Department.” Lawmakers heard testimony from Gen. Paul Nakasone, head of U.S. Cyber Command and the National Security Agency, and Mieke Eoyang, deputy assistant of Defense for cyber policy.
“Out of five officially recognized warfighting domains, the senior civilian official for the air, sea, land, and space domains are military service secretaries,” Langevin said in his opening statement. “Yet—and with all due respect to Ms. Eoyang and her spectacularly overworked team—the senior civilian for cyber is four rungs lower than her counterparts overseeing other domains.”
Issues around personnel, authorities and resources dominated the hearing. In his questioning, Langevin probed Eoyang and Nakasone on responsibilities, asking why information operations and cyberspace operations are overseen by two different officials. He also asked whether Nakasone has the numbers he needs to carry out his mission.
“If our adversaries are operating below the level of armed conflict every single day, what type of force do we need to be able to ensure that we can counteract that, much in the same way that we have done in our support to the national elections,” Nakasone said, outlining a question needed to inform decision-making on force size. He later emphasized that adversaries are “increasing their scope, scale and sophistication” to steal intellectual property, steal personal identification, and conduct interference and influence operations.
While the hearing was bookended by major cyber incidents on one end, looming just around the corner is President Joe Biden’s first budget request to Congress, which is expected May 27. Biden released a skinny version last month. Rep. Mike Gallagher, R-Wisc., ranking member of the subcommittee, called directly for budget investments to deal with what he called “the critical domain to every facet of our national security.”
“The President’s budget must focus on modernizing DOD’s platforms, we must consider cutting legacy platforms out of date for modern conflict and investing in emerging technologies in cyber,” Gallgher said “and I believe I speak for everyone here when I say I hope to see a budget that recognizes the importance of our cyber mission force, invests in necessary cyber infrastructure—including technology and human capital—highlights necessary cyber authorities and really pushes the department, out of its silos and into a streamlined structure that prioritizes cyber agility and responsiveness.”
Rep. Elissa Slotkin, D-Mich., also told the witnesses she’s hoping for a “truly transformational budget on cyber.”
“We know that that will come at the expense of older systems, legacy systems, pork, and that Congress has a responsibility to help you with that which we don't always live up to,” Slotkin said. “But I just want to encourage you to be bold and provide something that really helps move us into the 21st century so we can maintain our military edge.”