The Senate Armed Services Committee (SASC) detailed its plan to address concerns over insufficient methods of Department of Defense cyber security management and information technology (IT) acquisition by reorganizing the role of the department’s Chief Information Officer (CIO), according to its version of the fiscal year 2018 defense authorization bill released on Tuesday.
In its completed FY ‘18 National Defense Authorization Act (NDAA), SASC calls for elevating the role of the DoD CIO and separating its responsibilities between the Chief Management Officer (CMO) and a newly-created position, the Chief Information Warfare Officer (CIWO). The current CMO would oversee the DoD’s business systems, while the CIWO would assume responsibility for all defense-wide information warfighting functions.
“The committee believes that the existing authorities of the Chief Information Officer (CIO) are insufficient to address the multitude of management challenges across the Department of Defense information environment,” the committee wrote in its follow-up report on the defense authorization bill. “Countless efforts across the Department of Defense are plagued by poorly enforced standards and a CIO position whose policy and guidance are largely considered as advisory by the Services. As a result, each Service continues to pursue disparate information technology and business systems efforts.”
This new CIWO position would be presidentially-appointed and Senate-confirmed, and would report directly to the secretary of defense. If SASC’s amendments to the FY ‘18 NDAA are approved, the CIWO would have the authority to establish IT, cyber security, electronic warfare and electromagnetic policy directives for military departments and would grant it control over the organizational elements of the National Security Agency’s Information Assurance mission.
More specifically, the CIWO would direct defense secretaries in areas of planning budget requests, approving funding or reprogramming requests, ensuring military units comply with federal cyber standards and participating in all relevant decision-making forums on cyber-related issues. SASC’s bill also includes a provision that the CIWO would serve as the Principal Cyber Advisor to the Secretary of Defense.
“The committee has concerns that the existing organizational construct and resourcing authorities within the Department of Defense for space, cyber, and information are not commensurate with the organizational structure and resourcing required to meet the demands of 21st century warfare,” says the committee’s report. “Information is central to modern warfare, yet it is treated as an afterthought in a Department postured to man, train, and equip forces to operate in the land, air, and sea domains. As a result, the space and cyberspace domains and the overall information environment have failed to receive the dedicated focus and prioritization required to meet the demands of a rapidly changing battlefield centered on the transmittal, surety, exploitation, and dominance of information.”