NDAA and Cybersecurity Continue Relation in 2013 in New Provision

image
Terri HarelTerri Harel
Published: 23 Dec, 2012
3 min read

It’s no hidden truth that cybersecurity is becoming an increasingly important issue for the U.S. government to address. It is listed as a top issue concerning the Department of Defense, with extensive resources dedicated to cyber-defense. On Thursday, Armed Services Committee Chairman Carl Levin (D-MI) addressed the Senate floor revealing the most recent conference report, which is approving significant increases in funding for the Pentagon’s cybersecurity endeavors. NDAA for the 2013 fiscal year also includes a new provision sponsored by the Senator, Section 936, which will implement an extensive cybersecurity reporting process for private defense contractors.

In his address to the floor, Levin said of the newest NDAA and cybersecurity:

"The conference report requires the Secretary of Defense to create a process requiring defense contractors that use or possess classified or sensitive DOD information to report successful cyber penetrations of their networks or information systems. Additionally, if the Department is concerned about a particular event and feels the need to determine what DOD information may have been lost, the provision would authorize DOD to conduct its own forensic analysis, upon request, and subject to limitations. This represents a major breakthrough in the Nation’s cybersecurity. However, other sensitive areas where we are threatened with cyber attacks, such as the financial, police and transportation sectors, need similar action."

The initiative was met with resistance from the tech industry, many companies of which believe the new requirements will be too costly and could detract money from other important cybersecurity programs and research. The intense backlash was addressed by amending some of the section’s language, prompting some flexibility from the private contractors. However, they make clear that their official position on the requirements can only be determined once the Pentagon actually writes the specific rules for reporting implementation and develop baseline software assurance standards.

Previous to Thursday’s statement, little had been said of the NDAA and cybersecurity, in particular Section 936's sneaky appearance. (Although, it is noteworthy to mention this isn't its first appearance. NDAA of 2012 allotted generous funds to the Dept. of Defense's Cyber Command and other research and development programs). The details of Sec. 936, now enumerated 941, popped up on several law blogs in the first half of December, however. A blog called Lawfare, expressed concern about the provision’s meaning. The author of the post, Mr. Paul Rosenzweig, who heads homeland security consulting company Red Branch Consulting, wrote of Section 936:

Almost seems the worst of both worlds — mandatory disclosure without any liability protection for the contractors AND no comprehensive improvement in information sharing about threats and vulnerabilities by keeping the information stove-piped.
Sec. 936,d,4

A previous House initiative sponsored by Rep. Mac Thomberry (R-TX) additionally attempted to detail the Pentagon's distinct role and power in cyberspace in the NDAA, but this was met with resistance and the White House had promised to veto such a bill. Such detail has been removed from the bill.

Essentially, the government is hanging in an interesting limbo regarding cybersecurity; they try navigating protecting against increased threats of security breaches by hackers via cyberspace, addressing concerns of classified information leaks, while maintaining an important sense of freedom, independence, and discretion online. The result of Sec. 936 (941) remains to be seen, both in its efficacy in curbing hackers' activities within classified realms and in its procurement of further government control on cyber-processes.

You Might Also Like

National Reform Organizations Condemn Texas and California Over Gerrymandering
National Reform Organizations Condemn Texas and California Over Gerrymandering
The United States has passed the point of no return in the unprecedented mid-cycle redistricting fight between Texas and California, which threatens to expand to other states like Republican-controlled Florida and Democratic-controlled New York....
25 Aug, 2025
-
6 min read
Gerrymandering Wars Escalate Beyond Texas and California: A National Race to the Bottom?
Gerrymandering Wars Escalate Beyond Texas and California: A National Race to the Bottom?
Republicans currently hold a narrow 219 to 212 edge over Democrats in the U.S. House of Representatives, with four vacancies: three from Democratic members who have died and one from a Republican who has resigned. This is the smallest House majority held by either party in nearly a century. The razor-thin margin means the stakes in the 2026 midterms could not be higher. With so few competitive seats left nationwide, both parties are turning to mid-decade redistricting as a way to secure advantages....
27 Aug, 2025
-
10 min read
Hand in ballot that says independent on it.
Why 1.2 Million California Independents Are The Biggest Wild Card in American Politics Today
The fate of Proposition 50, California’s proposed redistricting measure, may come down to voters who have declined to join one of the two major political parties....
22 Aug, 2025
-
5 min read