U.S. Senate Opens Path For A Cyber-Focused Military Branch
The possibility of a U.S. Cyber Force moved one step closer to reality this last week after the Senate approved its version of a massive defense policy bill.
The $886 billion National Defense Authorization Act passed in an 86-11 vote. The Republican-led House narrowly passed its version of the legislation earlier this month, mostly along party lines. The two chambers will now go to conference to write a final compromise measure.
According to The Record, this was first reported last month that the Senate bill included an amendment by Sen. Kirsten Gillibrand (D-NY) that directs the Defense Department to tap the National Academy of Public Administration to conduct an assessment of establishing a seventh, cyber-specific military service. However, SCARS knew that this was part of the list of cyber-related objectives of the last president.
According to the Academy this new force will “conduct an evaluation regarding the advisability of establishing a separate Armed Force dedicated to operations in the cyber domain” and how it would “compare in performance and efficacy to the current model.”
It also contained a “prohibition against interference” that explicitly warns no DoD personnel “may interfere, exert undue influence, or in any way seek to alter” the study’s findings.
Currently, in the United States, there are almost two dozen agencies that police and defend cyberspace. No one has the principal authority and everyone is looking elsewhere. It is almost exactly like it was in the intelligence and law enforcement communities before 9/11.
Pentagon leaders have resisted the idea of creating an independent cyber service, arguing that U.S. Cyber Command is still maturing and could prompt some of the existing military branches to downgrade the digital mission. But Cyber Command is subordinate and is not looking at the overall conflicts no ongoing from nation-states to major organized crime. Just like with terrorism, major threats are coming from nontraditional hostile actors and with more AI automation these threats are escalating beyond what Cyber Command currently handles.
Yet it is precisely because of the six existing services, and their long-running inability to provide Cyber Command with personnel who are trained and equipped to battle foreign adversaries (nations and criminals) online, that some policymakers and others believe it is time to at least consider a Cyber Force rather than spend more time trying to get them in line via legislation.
The branches were called out for their substandard contributions last week by the leaders of the Senate Armed Services Committee.
According to The Record:
“It is widely understood that our Cyber Mission Forces are struggling with readiness shortfalls caused primarily by difficulties in training and retaining personnel in key positions requiring special skills,” panel chairman Jack Reed (D-RI) said during the confirmation hearing for Air Force Lt. Gen. Timothy Haugh, the administration’s pick to helm Cyber Command and NSA.
“In order to mature the cyber force and advance our nation’s capabilities to conduct cyber operations and support intelligence operations, the military services must provide qualified and trained personnel to your Command on time and at the beginning of their tours.”
Sen. Roger Wicker of Mississippi, the panel’s top Republican, likewise charged the services “are providing personnel to Cybercom who lack necessary cyber skills, technical expertise and training.”
For his part, Haugh, Cyber Command’s deputy chief, said the digital warfighting organization has the resources to boost such training.
“One of the things that we want to ensure as U.S. Cyber Command is that we’re setting that baseline standard, so that we can ensure across the department we get the baseline right and allow the services to do that baseline training,” he testified.
It’s unclear if Gillibrand’s language will survive conference negotiations with the House and ultimately be included in a combined measure. The House bill did not include a similar provision.
One notable amendment to the bill was the fiscal 2024 Intelligence Authorization Act. The measure, which usually has been hitched to the defense roadmap, included provisions focused on China, artificial intelligence, and election security. Specifically, it would require cyber penetration testing of voting machines and establishing a vulnerability disclosure program for these systems.
It is time to establish a single-point defense for the very backbone of all commerce and activity in the United States. This is important not only for national defense but for the defense of business and all residents of the U.S.