Senate opens path for a cyber-focused military branch

The possibility of a U.S. Cyber Force moved one step closer to reality on Thursday after the Senate approved its version of a massive defense policy bill.

The $886 billion National Defense Authorization Act passed in a 86-11 vote. The Republican-led House narrowly passed its version of the legislation earlier this month, mostly along party lines. The two chambers will now go to conference to write a final compromise measure.

The Record first reported last month that the Senate bill included an amendment by Sen. Kirsten Gillibrand (D-NY) that directs the Defense Department to tap the National Academy of Public Administration to conduct an assessment of establishing a seventh, cyber-specific military service.

The measure said the Academy will “conduct an evaluation regarding the advisability of establishing a separate Armed Force dedicated to operations in the cyber domain” and how it would “compare in performance and efficacy to the current model.”

It also contained a “prohibition against interference” that explicitly warns no DoD personnel “may interfere, exert undue influence, or in any way seek to alter” the study’s findings.

Pentagon leaders have resisted the idea of creating an independent cyber service, arguing that U.S. Cyber Command is still maturing and could prompt some of the existing military branches to downgrade the digital mission.

Yet it is precisely because of the six existing services, and their long-running inability to provide Cyber Command with personnel who are trained and equipped to battle foreign adversaries online, that some policymakers and others believe it is time to at least consider a Cyber Force rather than spend more time trying to get them in line via legislation.

The branches were called out for their substandard contributions last week by the leaders of the Senate Armed Services Committee.

“It is widely understood that our Cyber Mission Forces are struggling with readiness shortfalls caused primarily by difficulties in training and retaining personnel in key positions requiring special skills,” panel chairman Jack Reed (D-RI) said during the confirmation hearing for Air Force Lt. Gen. Timothy Haugh, the administration’s pick to helm Cyber Command and NSA.

“In order to mature the cyber force and advance our nation’s capabilities to conduct cyber operations and support intelligence operations, the military services must provide qualified and trained personnel to your Command on time and at the beginning of their tours.”

Sen. Roger Wicker of Mississippi, the panel’s top Republican, likewise charged the services “are providing personnel to Cybercom who lack necessary cyber skills, technical expertise and training.”

For his part, Haugh, Cyber Command’s deputy chief, said the digital warfighting organization has the resources to boost such training.

“One of the things that we want to ensure as U.S. Cyber Command is that we’re setting that baseline standard, so that we can ensure across the department we get the baseline right and allow the services to do that baseline training,” he testified.

It’s unclear if Gillibrand’s language will survive conference negotiations with the House and ultimately be included in a combined measure. The House bill did not include a similar provision.

One notable amendment to the bill was the fiscal 2024 Intelligence Authorization Act. The measure, which usually has been hitched to the defense roadmap, included provisions focused on China, artificial intelligence and election security. Specifically, it would require cyber penetration testing of voting machines and establish a vulnerability disclosure program for these systems.