DoD Spending Bill for 2021 Seeks to Create New National Cybersecurity Czar
Funding for the creation of a new national cybersecurity director post within the Executive Office of the President is a key part of the latest spending authorization bill for the U.S. Defense Department for fiscal 2021.
The first-ever national cybersecurity director position, which is being proposed to strengthen an important cyber division within the Department of Homeland Security (DHS), is included in the massive, 4,500-page bill known as the National Defense Authorization Act. The 2021 NDAA authorizes $740.5 billion for national defense and includes more than two dozen legislative proposals by the U.S. Cyberspace Solarium Commission, which was authorized as part of the fiscal 2019 NDAA.
“From the first day we embarked on crafting America’s cyber doctrine, we were determined to create a plan of action, not a report collecting dust on a shelf,” U.S. Rep. Mike Gallagher, R-Wis., who co-chairs the commission, said on Thursday (Dec. 3) as the budget proposal were released. Gallagher co-chairs the commission with U.S. Sen. Angus King, Jr., I-Maine.
The creation of the new post in the fiscal 2021 spending bill is the commission’s highest priority. The high-profile position would require Senate confirmation and would serve as “the nexus for cybersecurity leadership in the White House,” the commission said.
The provision also would consolidate U.S. cyber security branches scattered across the federal government.
Among them is the Cybersecurity and Infrastructure Security Agency (CISA), which played a pivotal role in securing the 2020 presidential elections. Another commission recommendation incorporated into the defense authorization bill would strengthen the position of CISA director.
Along with protecting U.S. critical infrastructure, the commission recommends CISA should “serve as the central coordinating element to support federal, state and local and private-sector cybersecurity efforts.” The cyber commission also called for increased funding for CISA as it develops a “more secure cyber ecosystem.”
Budget conferees also endorsed a proposal to create an “integrated cybersecurity center” within CISA. Another provision directs DHS to review CISA’s ability to fulfill its current mission, then implement the commission’s recommendations for expanding CISA’s role in hardening critical infrastructure in the U.S.
The commission’s overarching approach, dubbed “Layered Cyber Deterrence,” is based on three tenets: shaping behavior in cyberspace; denying benefits to those seeking to exploit cyberspace; and imposing “costs against those who target America’s economic and democratic institutions in and through cyberspace,” according to the group.
“The status quo of adversaries increasing their cyber capabilities while America’s vulnerabilities continue to grow is unacceptable,” King said in releasing the commission’s recommendations.
Must-pass budget provisions are generally folded into the NDAA funding bill, which contribute to its massive size. Unlike departmental budget requests, Congress has approved the NDAA consecutively over six decades. This year’s bill, which also includes federal incentives for semiconductor R&D and securing technology supply chains, faces a veto threat from President Trump.
Given bipartisan support for approving the massive spending bill, which often contains pet projects, observers predict the NDAA will likely be approved by lawmakers by a veto-proof majority.