A provision in the House Armed Services Committee’s version of the annual defense policy bill aims to develop a better understanding of redundancies in how U.S. military services train and fund forces for cyber operations.
The specific item, which was included in the chairman’s mark for the fiscal 2024 National Defense Authorization Act, directs the comptroller general and the Government Accountability Office to review the Department of Defense’s management of cyber operations.
The chairman’s mark generally reflects the priorities of the committee’s chairman and includes input from other members as well. It was released Monday ahead of the full committee markup on June 21.
Specifically, the provision seeks an evaluation of:
- The number of commands, organizations, units and personnel responsible for conducting cyberspace operations across the Department of Defense;
- The command and control relationships associated with such commands and organizations;
- The number of command staff with any responsibility for budgetary, personnel, policy, or training matters;
- The ratio of personnel within commands, organizations and units determined to be fully trained and qualified, as defined by the commander of the U.S. Cyber Command, relative to the total number of such personnel assigned to operational billets;
- The ratio of command staff relative to the total number of personnel assigned to billets within the cyber mission force of Cybercom provided by each of the services, and;
- An assessment of potential duplication in effort or cost between the various entities, among others.
“There is a robust infrastructure within each service that establishes curriculums, funding profiles, manning rosters, upon which cyberspace operations are built. In practical terms, that means that there are four independent teams across the Army, Navy, Air Force, and Marines conceiving and implementing cyber training requirements,” a senior House Armed Services Committee aide told DefenseScoop regarding the provision. “The aspect that required the dedicated study by the Comptroller General is the degree of redundancy and unnecessary duplication of effort towards the organize, train, and equip functions for cyberspace operations which exists across the services.”
This provision follows similar proposals in previous years’ bills, most notably last year’s NDAA, which raised issues about how the services present forces to Cybercom to conduct cyber operations.
As it currently stands, the services are responsible to train forces – based on uniform training standards, in principle, provided by Cybercom – and provide a set number of teams to Cybercom as part of the cyber mission force. Cybercom last year was granted enhanced budget authority, which will be effective October 1 and allow it to assume the budgetary responsibility and authority for its programs and operations that previously were provided by the services.
With this unique model for force presentation, Congress has grown concerned recently regarding the state and readiness of teams. A provision in last year’s NDAA required a study, which among many aspects, called for an examination of the current cyber enterprise, requested how the services should man, train and equip for cyber, and inquired if a single military service should be responsible for basic, intermediate and advanced cyber training of the cyber mission force.