Just before the Memorial Day Weekend, during a proforma session, Rep. Young (R-FL) introduced HR 5856, the Department of Defense Appropriations Act, 2013. While DOD has a major measure of responsibility for cybersecurity actions, there is nothing in the bill that mentions cybersecurity or cyber operations.
Last year we saw a number of items in the Appropriations Committee report on that DOD appropriations bill, but there are no programs mentioned in the report for HR 5856. Interestingly though, there is a rather lengthy comment about the lack of mention found in the Committee report (pg 208 – Adobe 218):
“The Committee acknowledges the threat to and from the cyber realm and believes it has been well documented; however, the resources being expended against the threat have not. In order to better evaluate the planning and resourcing for Department of Defense cyber activities, the Committee directs the Commander, United States Cyber Command, in coordination with the Secretary of Defense and each of the Service Secretaries, to provide the congressional defense committees separate budget justification material, in the form of budget documents as defined in the Department’s financial management regulation, that details the year-toyear budgets, schedule, and milestone goals over the Future Years Defense Program for the individual programs that support the goals of cyber initiatives. The programs detailed must include cyberspace operations, computer network operations, information assurance, and full spectrum cyber operations for the Department of Defense and the Services. Further, the Committee suggests that the Department continue to refine what activities, budget lines, and programs should be considered cyber in order to better coordinate and track these budgets.”
With the level of DOD responsibility for defending against cyber-attacks and conducting cyber-operations, this is certainly something that should show up in the documentation for both the President’s budget request, but also in the appropriations bills written by Congress.
It still wouldn’t be surprising to see amendments offered to this bill that address specific cybersecurity or cyber operations when it comes to the floor of the House next month.