US lawmakers have introduced a bipartisan bill designed to ensure the Department of Defense knows the exact cybersecurity capabilities of the National Guard and reserve forces, so that the government is better prepared to deal with a possible future incident.
The proposed DoD Emergency Response Capabilities Database Enhancement Act of 2017 will update current law, forcing the Pentagon to gain full visibility within a year.
The legislation follows a 2016 Government Accountability Office (GAO) report which highlighted the potentially significant cyber capabilities lying dormant in National Guard units.
It contained the following:
“To ensure that decision makers have immediate visibility into all capabilities of the National Guard that could support civil authorities in a cyber incident, the Secretary of Defense should maintain a database that can fully and quickly identify the cyber capabilities that the National Guard in the 50 states, three territories, and the District of Columbia have and could be used – if requested and approved – to support civil authorities in a cyber incident.”
Senator Joni Ernst, chairman of the Emerging Threats and Capabilities Subcommittee on the Senate Armed Services Committee, and a National guard veteran, argued that may army part-timers work in cyber-related fields in their civilian careers and therefore represent a valuable untapped resource.
“Our National Guard is uniquely positioned to recruit and retain some of our best cyber warriors, and this bill would help make sure that our military is taking advantage of this extraordinary talent,” added report co-sponsor, senator Kirsten Gillibrand.
The third co-sponsor, senator Chris Coons, claimed the lack of DoD visibility into reservist cyber capabilities could hinder a timely response to a nation state attack.
“Aggressive Russian cyber activities, China’s 2015 hack into the Office of Personnel Management, and efforts by Iran and non-state groups all demonstrate that we must make greater efforts to strengthen our cyber defenses,” he argued.