Law Homework Help

discusses the “How to” Process of making National Defense Authorization Action process work and use some of the information that Rob Fago provides as an example of Congressional direction to the Department of Defense.

Summary (from previous NDAAs which are public release):

Congress directed the Department to evaluate the cyber vulnerabilities of major weapon systems in Section 1647 of the National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2016. This section, as well as Section 1640 of the FY 2018 NDAA on the Strategic Cybersecurity Program (SCP), were further amended by Section 1633 of the FY 2020 NDAA and Section 1712 of the FY 2021 NDAA. The latter directed the Department to identify and designate for inclusion in the SCP any systems, critical infrastructure, kill chains, and processes that comprise the following missions: (a) nuclear deterrence and strike, (b) select long-range conventional strike, (c) offensive cyber operations, and (d) homeland missile defense.

In accordance with Section 1712 of the National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2021, the Office of the Under Secretary of Defense for Acquisition and Sustainment serves as the office of primary responsibility with respect to providing policy, direction, and oversight of the National Security Agency in its execution of the Strategic Cybersecurity Program (SCP). The SCP is focused on conducting cyber vulnerability assessments of major weapon systems with a focus on systems, critical infrastructure, kill chains, and processes that support the following missions:

Subset of references (public release)

National Defense Authorization Act for Fiscal Year 2016 – https://www.congress.gov/114/plaws/publ92/PLAW-114… (full text, see next page for S1647 excerpt)

FY2021 NDAA Section 1712 https://www.congress.gov/bill/116th-congress/house…

FY2020 NDAA Section 1633 https://www.congress.gov/bill/116th-congress/senat…

FY2018 NDAA Section 1640 https://www.congress.gov/115/plaws/publ91/PLAW-115publ91.pdf 

NDAA Background Information — · NDAA Primer – https://fas.org/sgp/crs/natsec/IF10515.pdf (2 pages, good background) · Defense Authorization and Appropriations Bills: FY1961-FY2021 – https://fas.org/sgp/crs/natsec/98-756.pdf

GAO Publications

· Weapon Systems Cybersecurity, DOD Just Beginning to Grapple with Scale of Vulnerabilities – https://www.gao.gov/assets/gao-19-128.pdf

· Updated GAO – Weapon Systems Cybersecurity Guidance Would Help DOD Programs Better Communicate Requirements to Contractors – https://www.gao.gov/assets/gao-21-179.pdf · Weapon Systems Annual Assessment – https://www.gao.gov/assets/gao-21-222.pdf

Miscellaneous DoD Briefings / Reports

· New DoD Approaches on the Cyber Survivability of Weapon Systems – https://www.itea.org/wp-content/uploads/2019/03/Pi…

· New DoD Approaches on the Cyber Survivability of Weapon Systems – https://cdn.ymaws.com/www.alamoace.org/resource/re…

· DOT&E FY 2020 Annual Report – https://www.dote.osd.mil/Publications/Annual-Repor…

· Mission Assurance Strategy 2012 – https://policy.defense.gov/Portals/11/Documents/MA…

Abstract:

Congress directs the DoD to complete activities of national importance. We’ll briefly discuss the National Defense Authorization Action process and provide an example of Congressional direction to the Department of Defense. As an example, we’ll discuss FY16 NDAA S1647 that required DoD to complete Cyber Vulnerability Assessments of all Major Weapon Systems.

BioRob Fago is a retired Army Colonel with a Cyber and Communications background. Rob’s military experiences included program manager for DoD’s execution for FY16 NDAA S1647 that required the DoD to complete Cyber Vulnerability Assessments of all Major Weapon Systems. Rob has been involved in Hacking for Defense at CU Boulder since 2019. Rob currently works as a Positioning, Navigation, and Timing Business Development Manager for BAE’s Navigation and Sensor Systems