The House passed the FY 2011 defense authorization bill Dec. 17 minus cybersecurity riders that had been attached to the bill earlier in the session. The bill does include provisions requiring the Department of Defense to submit to Congress strategy documents and reports about how it plans to improve cybersecurity, including software assurance, development and acquisition of cyber warfare capabilities, and protective measures to defend the defense industrial base, according to a House Armed Services Committee summary.
The bill also would require DoD to develop a process for continually monitoring its information systems for cybersecurity and managing major automated information systems. It also would require DoD to initiate pilot projects to demonstrate how to integrate commercial capabilities into the DoD’s Global Information Grid.
According to GovInfoSecurity, a number of provisions contained in stand-alone bills were added to the original House defense authorization bill as riders. These provisions included setting up a National Office of Cybersecurity in the White House and a Federal Cybersecurity Practices Board within the office to monitor federal agencies adherence to the Federal Information Security Management Act (FISMA), as well as creating a Chief Technology Officer in the White House to work with the private sector in improving the government’s use of information technology.
These provisions were not included in the stripped down version of the bill that passed the House on Friday. The Senate plans to consider the House version of the bill this week, according to Sen. Carl Levin (D-MI), chairman of the armed services committee, and Sen. John McCain (R-AZ), ranking Republican on the committee, although the Senate has a lot on its plate this week.