S 70 Introduced - National Guard Cybersecurity Support Act

Last month Sen Hassan (D,NH) introduced S 70, the National Guard Cybersecurity Support Act. The bill would specifically allow members of the Army and Air Force National Guard to conduct ‘cybersecurity operations’ to protect critical infrastructure.

The Authority

The bill would amend 32 USC 502(f)(1) to add the following language at the end of the paragraph:

“Such training or other duty may include cybersecurity operations or missions undertaken by the member's unit at the request of the Governor of the State concerned to protect critical infrastructure (as that term is defined in the Critical Infrastructures Protection Act of 2001 (42 U.S.C. 5195c)).” {§2}.

Sub-section 502(f) provides authorization for DOD to prescribe regulations for requiring National Guard members to perform duties in addition to monthly and annual drills required by §502(a).

Moving Forward

Neither Hassan, nor her cosponsor {Rep Cornyn (R,TX)} are members of the Senate Armed Services Committee to which this bill was assigned for consideration. This means that they are unlikely to have sufficient influence to have the Committee consider the bill.

I see nothing in this bill that would draw specific opposition if it were considered in Committee or brought to the floor of the Senate. I suspect that the bill would receive strong bipartisan support.

Commentary

The first odd thing about this bill is that it looks like it amends the wrong paragraph in §502(f). Paragraph (1) provides the general authorization and paragraph (2) provides a listing of the types of training or duty that could be included under (f).

The second odd thing about the language in this bill is that §502 applies to regulations for federal service {“operations or missions undertaken by the member’s unit at the request of the President or Secretary of Defense” §503(f)(2)(A)}, not service under State control. If the language were added (in either paragraph), it would require DOD to establish regulations allowing Governors to request to use their National Guard troops under these provisions.

The only reason that I could see for doing this would be to require DOD to fund the cybersecurity operations and assume responsibility for the logistical and administrative support for those units (and/or National Guard personnel) ordered to perform the duty requested by Governors who already have operational control of NG units withing thier State.