The US Senate passed the The National Defense Authorization Act (NDAA) on Wednesday, approving the $768 billion annual defense spending bill that was packed with cybersecurity provisions. The bill now heads to the desk of President Joe Biden.
In an explainer document released alongside the text of the bill, the US House of representatives armed services committee said the cyber provisions in the bill would initiate “the widest empowerment and expansion of CISA through legislation since the SolarWinds incident.”
In addition to significantly more cybersecurity investments, the bill gives greater budget authority to the Commander of US Cyber Command, “modernizes” the relationship between the Department of Defense Chief Information Officer and the National Security Agency’s components responsible for cybersecurity while also establishing a program office within Joint Forces Headquarters-DODIN to centralize the management of cyber threat information products across the Defense Department.
The bill also mandates the first taxonomy of cyber weapons and cyber capabilities and requires the Defense Secretary to create a software development and acquisition cadre to assist with developing and acquiring software by providing expert advice, assistance, and resources. A grant program created by Congress will fund cybersecurity research in coordination with Israel.
A National Cyber Exercise program is also outlined in