Yesterday there were a total of 75 additional amendments proposed for S 2943, the FY 2017 National Defense Authorization Act (NDAA). Of those five may be of specific interest to readers of this blog:
• SA 4392. Ms. CANTWELL (D,WA) - SEC. 1641. Training for member of the armed forces on cyber skills for the protection of industrial control systems. Pgs S3440-1
• SA 4399. Mr. DAINES (R,MT) - SEC. 1655. Upgrades to the nuclear command, control, and communications system. Pg S3442
• SA 4413. Mr. CARPER (R,DE) - Subtitle J—Preventing Dirty Bomb Terrorism. Pgs S3449-50
• SA 4423. Mr. PORTMAN (R,OH) - SEC. 526. Plan to meet demand for cyberspace career fields in the reserve components of the armed forces. Pgs S3445-6
• SA 4430. Mr. CARPER - SEC. 1097. Renaming the national protection and programs directorate. Pgs S3458-9
The Cantwell and Portman amendments are pretty generic requirements to develop plans for training cybersecurity personnel. The Daines amendment includes specific (if brief) mention of including cybersecurity in the required upgrades for nuclear weapon command and control systems.
The Carper dirty bomb prevention amendment is mentioned here solely because it adds yet another security program to the list of those that require employee vetting against the Terrorist Screening Database (TSDB). This new requirement would be applied to organizations that were holders of Nuclear Regulatory Agency industrial and commercial licenses under 42 USC 2133. It does not specifically address similar medial licenses under §2134(a).
The Carper NPPD amendment would authorize the planned reorganization of the DHS National Protections and Programs Directorate as the new ‘United States Agency for Cyber and Infrastructure Security’. This is very similar to the as of yet unintroduced bill that the House Homeland Security Committee will be marking up tomorrow.