Cyber Commission pushes defense bill as vehicle for implementation
- By Derek B. Johnson
- Apr 29, 2020
The Co-Chair of the Cyberspace Solarium Commission said that members and staff are targeting the upcoming National Defense Authorization Act as the most likely vehicle to pass a chunk of their final report's recommended policies into law.
"Even in the worst-case scenario as far as coronavirus precluding our ability to convene Congress, we'll still move forward in one way or another," said Rep. Mike Gallagher (R-Wis.) during an Apr. 22 webinar hosted by Palo Alto Networks. "We think there's probably about 30% of our recommendations that could be put into the NDAA process."
Gallagher said the commission had carefully planned the report's rollout to build momentum for the implementation phase, but acknowledged the lockdowns and disruption caused by COVID-19 and its fallout have complicated those efforts.
"We did not intend for [the rollout] to happen in the midst of a pandemic, which has created some problems in terms of our hearing schedule, our whole plan for effectuating some of our plans into legislation," Gallagher said, later adding: "I would say even though coronavirus has complicated some of our commission rollout, we're continuing with the legislative process right now and I'm pretty optimistic about our ability to shape at least this year's NDAA."
According to Gallagher, creating a new Senate-confirmed White House Cybersecurity Director position to coordinate national policy and laying the groundwork for Select Committees in the House and Senate focused on cybersecurity issues are among the priorities the commission hopes to push this year.
Rep. Adam Smith (D-Wash.), chairman of the House Armed Services Committee of which Gallagher is a member, told reporters April 29 agreed that the NDAA would be “a logical vehicle” for some of the commission’s recommendations that can be agreed to, but didn’t elaborate on what that would look like.
The commission released its report in early March, detailing 75 recommendations to overhaul how the U.S. government, private industry and other stakeholders approach a broad range of strategic and tactical cybersecurity threats. While COVID-19 response and mass unemployment have overtaken Congress, Gallagher believes there is overlap between the problems highlighted by the commission and the current crisis, and said there are lessons to be learned about weaknesses in national coordination and stress points in the U.S. supply chain.
"So many single points of failure have infected our supply chain when it comes to medical devices, testing devices, and pharmaceuticals and most of us were completely unaware of this prior to that crisis moment where we need these things," said Gallagher. "The same can be said of critical components in our defense industrial base, parts that we'll need for the future of the telecommunications industry, particularly for 5G."
Gallagher said another Solarium commissioner, Rep. Jim Langevin (D-R.I.) will be critical to those negotiations because of his cybersecurity policy background and position on the House Armed Services Committee. A staffer from Langevin's office told FCW that virtually all of the recommendations from Pillar Six of the report – which deals with preserving and employing military power – are good fits for the NDAA.
Beyond that, Langevin has targeted four priorities for inclusion this year: creating a national cyber director position at the White House, creating a new Assistant Secretary position and Bureau of Cyberspace Security and Emerging Technologies at the Department of State, continuity of the economy planning, establishing a five-year critical national risk management cycle and infrastructure resilience strategy and further clarifying the roles and responsibilities between the Cybersecurity and Infrastructure Security Agency and sector-specific agencies.
Lauren C. Williams contributed. This article first appeared on FCW, a partner site with Defense Systems.
Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.
Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.
Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at [email protected], or follow him on Twitter @derekdoestech.
Click here for previous articles by Johnson.