The House Armed Services Committee is set to mark up an annual defense policy bill that includes creation of the "Cyber Threat Information Collaboration Environment Program," a reworked version of a Cyberspace Solarium Commission proposal viewed as an important component for government-industry interaction.
The House panel’s upcoming mark-up, scheduled for June 22, follows passage this week of the Senate Armed Services Committee's version of the fiscal year 2023 defense authorization bill, which focused mainly on cyber activities at the Defense Department.
The House proposal “would direct the Secretary of Homeland Security, in coordination with the Secretary of Defense and the Director of National Intelligence, acting through the Director of the National Security Agency, to develop an information collaboration environment that enables entities to identify, mitigate, and prevent malicious cyber activity,” according to the draft House chairman's mark obtained by Inside Defense.
The chairman's mark says, “The collaboration environment would provide limited access to appropriate operationally relevant data about cybersecurity risks and cybersecurity threats, including malware forensics and data from network sensor programs, on a platform that enables query and analysis.”
House Armed Services cyber subcommittee Chairman Jim Langevin (D-RI) identified the creation of the environment, which the Solarium Commission termed the “Joint Collaborative Environment,” as a top legislative priority earlier this year.
“It’s one thing that is lacking right now, the common operating tools for sharing and analyzing the data and threats we see. The JCE would change that and I’m excited about the prospects of getting that passed the finish line,” Langevin said at a U.S. Chamber of Commerce event. The congressman will be retiring at the end of the year.
Other cyber-focused proposals in the bill include giving new authorities to DOD’s principal cyber adviser to certify portions of the Pentagon’s cyberspace activities budget and annual reports on the military’s cyberspace operations requirements.
It leaves out a report on the Pentagon’s Cybersecurity Maturity Model Certification program approved by the cyber subcommittee last week.
The Senate Armed Services Committee approved its version of the authorization bill in a closed meeting on Thursday and released a summary outlining major policy points. Notably, it leaves out the creation of the Cyber Threat Information Collaboration Environment Program.
The Senate summary says, “Under the leadership of Chairman Joe Manchin (D-WV) and Ranking Member Mike Rounds (R-SD), the [cyber] subcommittee continues its efforts to strengthen and support the cybersecurity posture of the DOD and the defense industrial base. The subcommittee emphasizes the need for the DOD to adopt innovative and modern cybersecurity strategies, tools, and technologies. Recognizing the critical role of trained and equipped cyber personnel, the subcommittee also requires the DOD to address readiness challenges and ensure it is ready to meet future operational cyber force requirements.”
The bill “[r]equires a policy and plan, in consultation with commercial industry, on the test and evaluation of the cybersecurity of the clouds of commercial cloud service providers,” according to the summary.
The Senate legislation also does the following:
* Directs a briefing on the workforce pipeline pilot program through certificate-based courses on cybersecurity and artificial intelligence that are offered by National Security Agency Center for Academic Excellence universities.
* Authorizes an increase of $200 million for 5G technology development, experimentation, and transition support, including open radio access network (O-RAN) efforts.
* Authorizes an increase of $25 million to support cyber consortium seedling funding.
* Authorizes an increase of $20 million for the National Security Agency Center of Academic Excellence cybersecurity workforce pilot program.
* Authorizes an increase of $20 million for DARPA’s enhanced non-kinetic/cyber modeling and simulation activities.
* Authorizes an increase of $180 million for Cyber Mission Force operational support, including intelligence support to cyberspace operations.
The Solarium Commission has achieved some major legislative wins over the past two years from authorizations including the creation of the National Cyber Director, establishing the Joint Cyber Planning Office which was turned into the Joint Cyber Defense Collaborative by CISA Director Jen Easterly and mandating continuity of economy planning.