In case you missed this piece of news over your extended holiday break, it looks like cyber security will play a larger role in the National Defense Authorization Act (NDAA) for fiscal year 2013. The bill will include IT guidelines citing new provisions for dealing with cyber security and cyber warfare, according to an Information Week article by J. Nicolas Hoover. As the military increasingly relies on IT to deal with cyber attacks, Congress apparently also expects to be briefed more widely on the DoD’s Cyber Command activities. The NDAA will also require the DoD to submit a plan to Congress for a more ‘consolidated IT infrastructure’ known as the Joint Information Environment. DoD contractors will even be required to submit reports it seems.
Interestingly enough, Congress killed the Cyber Security bill (CyberSecurity Act 2012) last year from even coming to the Senate floor. The Obama Administration subsequently drafted an executive order (classified of course) in response to this inaction, citing cyber attacks from China, among other things, in their report: ‘U.S. industry and a range of government and military targets face repeated exploitation attempts by Chinese hackers.’
These actions from the executive branch combined with the new NDAA bill, which focus on DoD-wide IT initiatives, seem to show the government’s increased awareness for cyber defense standards for its agencies. Of course the question still remains – will these new reports, standards, and measures in the NDAA be effective in increasing defense against new cyber attacks and cyber warfare, especially as Congress increases its involvement in DoD activities?
Source: “New Defense Budget Aims to Improve CyberSecurity” – InformationWeek.com
What do you think? Does the NDAA bill show a general increased awareness for effective IT and cyber security measures?