Sens. Chris Coons, D-Delaware; Joni Ernst, R-Iowa; Deb Fischer, R-Nebraska; and Kirsten Gillibrand, D-New York, introduced the Department of Defense Emergency Response Capabilities Database Enhancement Act of 2017 on Feb. 7.
This legislation updates current law and adds a requirement for the Department of Defense to track, within one year, the cyber capabilities found in the National Guard and Reserve forces.
A 2016 Government Accountability Office report found that “National Guard units have developed capabilities that could be used, if requested and approved, to support civil authorities in a cyber incident; however, the Department of Defense does not have visibility of all National Guard units' capabilities for this support.”
Specifically, GAO recommended, “To ensure that decision makers have immediate visibility into all capabilities of the National Guard that could support civil authorities in a cyber incident, the Secretary of Defense should maintain a database that can fully and quickly identify the cyber capabilities that the National Guard in the 50 states, three territories and the District of Columbia have and could be used — if requested and approved — to support civil authorities in a cyber incident.”
“Aggressive Russian cyber activities, China’s 2015 hack into the Office of Personnel Management and efforts by Iran and nonstate groups all demonstrate that we must make greater efforts to strengthen our cyber defenses,” said Coons. “The National Guard, including Delaware’s 166th Network Warfare Squadron, is an important reservoir of cyber knowledge and expertise. Yet, the Pentagon does not have adequate understanding of all Guard unit cyber skills, which could inhibit our response to a major cyberattack. This bill will create a database so the Department of Defense can fully and quickly identify National Guard Cyber capabilities, allowing for a prompt response by civil authorities to a future a cyber incident.”
The DoD Emergency Response Capabilities Database Enhancement Act:
— Requires DoD specifically track, within one year, cyber capabilities found in the National Guard and Reserve forces identified by DoD to be important to matters of national security and domestic response.
— Allows DoD to update or utilize existing systems to track the capabilities if it’s faster and more cost effective.