Policy Bill Includes Cyber Investments -- Security Today

Policy Bill Includes Cyber Investments

Congress agrees on 2020 National Defense Authorization Act

By Lauren C. Williams
Mar 01, 2020

Defense committees in Congress have come to an agreement on the 2020 National Defense Authorization Act that features a $738 billion topline budget with $71.5 billion for overseas operations. In its report released late Dec. 9, Congress homes in on other transaction authorities (OTAs), drones and cybersecurity investments. Here’s a breakdown of a few provisions in the bill the House plans to vote on Dec. 11:

Data on OTAs and prototypes. The House proposed an annual reporting requirement on how the Defense Department is using OTAs. The final amendment revises section 873 of the 2019 NDAA to extend such reporting until 2023. Ellen Lord, DOD acquisition head, told reporters Dec. 10 that OTA use for prototyping has nearly tripled from $1.7 billion in 2016 to $3.7 billion in 2018, with 88% of OTAs awarded to companies that haven’t previously worked with the government, Lord said.

Microelectronics under the scope. One of several supply chainrelated provisions requires DOD to establish “supply chain and operational security standards and requirements for microelectronics” by Jan. 1, 2021. The conferees intend that “by incorporating and standardizing best practices the Department will improve its acquisition of securely manufactured, commerciallyavailable products and ensure that a growing industrial base is more resilient to a variety of risks in the supply chain,” they wrote in the legislative explanation.

Additionally, conferees request the undersecretary of defense acquisition and sustainment brief Congress by Aug. 31, 2020, on the military’s reliance on foreign sources for microelectronics used in precision-guided munitions. They also want more information on cybersecurity risk, including whether contractors are singleor sole-source providers and which subcontractors supply them. This was in lieu of a separate provision that wasn’t adopted.

Foreign influence. A provision directs the defense secretary to modify current policies and regulations to increase scrutiny of contractors for foreign influence, hacking or access to sensitive defense assets. “The acquisition community must have greater visibility into all cleared and uncleared potential contractors and subcontractors seeking to do business with the Department” to ensure they “do not pose a risk to the security of sensitive data, systems, or processes such as personally identifiable information, cybersecurity, or national security systems,” the conferees wrote.

Drone ban. If the bill passes, DOD will be prohibited from buying or renewing contracts to acquire foreign-made unmanned aircraft systems except when used for counter-UAS activities. The Defense Department is already working to expand the U.S.-based drone manufacturing to combat foreign dominance in the drone industry.

IT and cyber investment management. DOD’s chief information and data officers would be required to “account for, manage, and report its information technology and cyberspace investments” and make any legislative suggestions by Feb. 3, 2020.

The conferees call DOD’s current accounting process for its $50 billion in IT and cyber spending “inefficient,” adding that it creates “unnecessary delays in preparing the annual budget.”

New software chief? The conference report includes a provision that would create a “Chief Digital Engineering Recruitment and Management Officer” who would implement policy and help “maintain digital expertise and software development as core competencies of the civilian and military workforce.”

Another provision requires the undersecretary of defense for research and engineering to “designate a senior official or existing entity” to guide next-generation software and software-intensive systems development via a new strategy due to Congress next year.

Cybersecurity for all. The report also contains a provision requiring DOD’s CIO to ensure an enterprisewide cybersecurity infrastructure and make mission data accessible to other DOD components. A separate provision tasks the National Security Agency as a cyber advisor to the DOD CIO when evaluating the security of commercial products.

Moreover, the bill calls for a cybersecurity framework, such as the Cybersecurity Maturity Model Certification, for the defense industrial base. The provision notes CMMC as a third-party certification pilot program that could be used “as the basis for a mandatory Department standard.

CYBERCOM’s acquisition authority. U.S. Cyber Command’s acquisition authority is amended to not permit spending more than $75 million on new contract efforts.

This article originally appeared in the March 2020 issue of Security Today.

HID Signs Agreement to Acquire Calmell Group
07/10/2025
HID and ASSA ABLOY Recognized with Renowned Red Dot Award for Innovative Biometric eGate Design
07/09/2025
Security Industry Association Announces Program for 2025 AcceleRISE Conference
07/07/2025
SIA Opens Applications for 2025 Denis R. Hébert Identity Management Scholarship
07/07/2025
Honeywell Makes Strategic Tuck-in Acquisition of Li-ion Tamer
07/01/2025
Defining SASE at the Largest Consumer Electronics Chain in the Nordics
06/26/2025
Elite Interactive Receives Strategic Investment from CIVC Partners
06/26/2025
ProdataKey’s Emergency Response Integrations: Integrated Access Control Made Easy
06/25/2025

Featured

Sustainable Video Solution Delivered for Landmark City of London Office Development

An advanced, end-to-end video solution from IDIS, with a focus on reducing waste and costs, has helped a major office development in the City of London align its security with sustainability objectives. Read Now
- Facility Security
DHS to End ‘Shoes-Off’ Travel Policy

Homeland Security Secretary Kristi Noem announced a new policy today which will allow passengers traveling through domestic airports to keep their shoes on while passing through security screening at TSA checkpoints. Read Now
- Airport Security
AI to Help Resolve Non-Emergency Calls Across Utah and Decrease 911 Caller Wait Times

The Utah Communications Authority (UCA), which oversees the state’s next generation 911 technology services, recently announced that public safety answering points (PSAPs) throughout the state plan to implement Motorola Solutions’ Virtual Response technology to automate the receipt and resolution of 10-digit non-emergency line calls in Utah with the help of AI. Read Now
- Government
Report: 2025 Video Surveillance Market Set to Grow After Small Decline in 2024

Novaira Insights has unveiled its latest report, “World Market for Video Surveillance Hardware and Software – 2025 Edition.” The research indicates that the global market for video surveillance hardware and software experienced a slight decline of 0.3% in 2024. This performance fell short of previous forecasts, primarily due to a significant decrease of 7.8% in the Chinese market. Conversely, the rest of the world saw a growth of 4.9%. The global market for video surveillance equipment was estimated to be worth $25.0 billion in 2024. Read Now
- Video Surveillance
Report Reveals Local Governments Face Surge in Ransomware Attacks with Minimal Resources

KnowBe4, the cybersecurity platform that comprehensively addresses human risk management, recently released new research highlighting the critical cybersecurity challenges facing state, local, tribal, and territorial (SLTT) governments. The report details how government organizations have become prime targets for cybercriminals while simultaneously facing severe resource constraints. Read Now
- Government

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

Compact IP Video Intercom

Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.
Luma x20

Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”
Camden CM-221 Series Switches

Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.