Wednesday, May 7, 2014

HR 4500 Introduced – DOD Cyber Ranges

As I noted earlier Rep. Kilmer (D,WA) introduced HR 4500, the Cyber and Information Technology Ranges. The bill would modify provisions of §932 of the FY 2014 National Defense Authorization Act (PL 113-66) with respect to cyber ranges run by the Department of Defense.

New Cyber Operations Terms

As I noted in that earlier blog, most of this bill would address training for cyber warfare for units of DOD. An interesting part of that is that this bill would specifically acknowledge the dual nature of such training by differentiating between ‘cyber ranges’ and ‘information technology ranges’. No specific definition is provided for these two terms, but the clear implication is that ‘cyber ranges’ would deal with control systems {§932(b)(3)(B)}.

Actually, that provision of the bill would require the DOD’s Principal Cyber Advisor to provide the definitions of the two terms. Section 932(c)(2)(C) would require the Advisor to establish a general lexicon of cyber operations terminology. This lexicology would be used by DOD and other Executive Agencies of the Federal government.

Training Programs

The bill would add §932(b)(5)(A) that would establish an entity to manage the operations of the cyber and information technology ranges. Section 1(c) of the bill would then add a requirement for that entity to “carry out one or more pilot programs to demonstrate commercially available, cloud-based cyber training, exercise, and test environments (both unclassified and classified) that are available to meet the mission of the Department of Defense”.

That pilot program would also be expected to provide access to those training, exercise, and test environments to “defense laboratories, the National Guard, academia, and the private sector”.

The bill then goes on to allow (but not require) the DOD Secretary, once the pilot is completed and evaluated, to”

“Replicate the capability of a pilot program to provide similar high-end training and exercise opportunities for non-Department cyber professionals, including in coordination with the Secretary of Homeland Security.” {§1(c)(4)(D)}

Moving Forward

It is hard to gauge the chances of this bill. Rep. Kilmer is a member of the House Armed Services Committee, but he is a very junior (first term) Democrat so he has very little influence on the Committee. Only one of the two co-sponsors, Rep. Tsongas (D,MA), is a member of the Committee but she is the Ranking Member on the Oversight and Investigations Sub-Committee so there is some influence behind this bill.

If this bill makes it to Committee consideration I would not expect there to be any impediment to its further movement through the legislative process. I would suspect, however, that the bill would have a better chance of consideration and passage if its language were added to the 2015 NDA (HR 4500) currently under consideration. It will be interesting to see if it gets added in today’s full Committee markup. It has not been included in the Chairs proposed new language.

No comments:

/* Use this with templates/template-twocol.html */