|
|
|
HOME | CONTENTS | DISCUSSIONS | DISCUSSION ARCHIVES | BLOG | QUICK-KITs| STATES |
|
Loading
|
TITLE VIII--ACQUISITION POLICY, ACQUISITION MANAGEMENT, AND RELATED MATTERS Subtitle A--Acquisition Policy and Management |
|
P. L. 114- |
|
SEC. 807. Acquisition authority of the
Commander of United States Cyber Command. (a) Authority.—
(b) Command acquisition executive.—
(c) Acquisition personnel.—
(d) Budget.—In addition to the activities of a combatant command for which funding may be requested under section 166 of title 10, United States Code, the budget proposal of the United States Cyber Command shall include requests for funding for—
(e) Cyber Operations Procurement
Fund.—In exercising the authority granted in subsection (a), the
Commander may not obligate or expend more than $75,000,000 out
of the funds made available in each fiscal year from 2016
through 2021 to support acquisition activities provided for
under this section.
(h) Annual end-of-year assessment.—Each year, the Cyber Investment Management Board shall review and assess the acquisition activities of the United States Cyber Command, including contracting and acquisition documentation, for the previous fiscal year, and provide any recommendations or feedback to the acquisition executive of Cyber Command. (i) Sunset.—
|
Acquisition authority of the Commander
of United States Cyber Command (sec. 807) The Senate amendment contained a provision (sec. 807) that would authorize limited acquisition authority for the Commander of United States Cyber Command (CYBERCOM). The House bill contained no similar provision. The House recedes with an amendment that would clarify that the Commander of CYBERCOM may obligate and expend up to $75.0 million of the funds made available for each fiscal year from 2016 through 2021. The amendment would add a requirement for an implementation plan, the review of programs being acquired under this authority by the Cyber Investment Management Board, and an annual end of year assessment. The amendment would also make a number of technical and conforming edits. The conferees believe the Commander of CYBERCOM should utilize this limited acquisition authority to fulfill cyber operations-peculiar and cyber capability-peculiar requirements the services are unable to meet to ensure the Department of Defense is adequately postured to defend and respond to cyber threats. The conferees maintain that this limited authority should not be construed to replace the acquisition responsibilities of the military services to fulfill their man, train and equip requirements. The conferees believe successful demonstration of these acquisition authorities will require implementation of memoranda of agreement with the military services to define enduring responsibilities and more explicit definition cyber operations-peculiar and cyber capability-peculiar requirements. Senate Report 114-49 to accompany S. 1376 as it was reported out of the Senate Armed Services Committee. Acquisition authority of the Commander of United States Cyber Command (sec. 807) The committee recommends a provision that would authorize limited acquisition authority for the Commander of United States Cyber Command (CYBERCOM). The provision is modeled on the authority provided to the Commander of U.S. Special Operations Command, but is limited to the acquisition of non- major systems. The provision would authorize the development and acquisition of cyber operations-peculiar equipment and capabilities and the acquisition of cyber capability-peculiar equipment, capabilities, and services. The provision would direct that the staff of the Commander include a command acquisition executive who would be responsible for the overall supervision of CYBERCOM acquisition matters. The command acquisition executive would also be responsible for negotiating memoranda of agreement with the military departments, supervising the acquisition of equipment, capabilities, and services, regardless of whether such acquisitions are carried out by the Command or a military department. The command acquisition executive would also be responsible for representing the Command in discussions with the military departments regarding acquisition programs for which the Command is a customer, and working with the military departments to ensure the Command is appropriately represented in discussions with the military departments and joint working groups or integrated product teams. To support CYBERCOM in fulfilling its acquisition responsibilities, the provision would direct the Secretary of Defense to provide CYBERCOM with the personnel or funding equivalent to ten full-time equivalent personnel to CYBERCOM with experience in program acquisition, the Joint Capabilities Integration and Development System process, program management, system engineering, and costing. The personnel or funding equivalent provided would come from existing department resources. The provision would require the Department of Defense Office of Inspector General conduct internal audits and inspections of purchasing and contract actions. The provision would also establish a $75.0 million cyber operations procurement fund for each fiscal year from fiscal year 2016 through 2021 out of the funds made available in each fiscal year for defense-wide procurement. The provision would sunset on September 30, 2021. The committee is concerned there is an urgent need for cyber capabilities that is not being fulfilled by the military services. Major investments to date have been heavily weighted towards network defense and network consolidation. For a variety of reasons, the services have failed to adequately prioritize funding in their budget requests for the development of cyber warfighting capabilities. According to the Commander of CYBERCOM in testimony before the committee on March 17, 2015, the Department of Defense is ``at a tipping point where we not only need to continue to build on the defensive capability, but we have got to broaden our capabilities to provide policy makers and operational commanders with a broader range of options.'' The committee is also concerned that traditional service- led acquisitions and existing acquisition statutes and regulations lack the flexibility, agility, and speed necessary to deliver cyber capabilities responsively enough to stay ahead of the rapidly evolving threat. According to the Commanding General of Marine Forces Cyberspace Command in testimony before the committee on April 14, 2015, ``current acquisition processes do not adequately support the delivery tempo required for emerging cyber solutions. The tempo at which emerging technologies must be acquired to meet cyberspace operational mandates is occurring at a much greater pace, which creates tension within the acquisition process.'' This provision would address these shortfalls by providing the Commander of CYBERCOM the limited ability to rapidly procure capabilities to meet the requirements the military services have been unable to meet thus far and are incapable of meeting in operationally relevant ways in the future. The committee recognizes that CYBERCOM is a new organization that is still maturing and has little experience or expertise in systems acquisition. However, the committee also recognizes that few acquisition models across the DOD have demonstrated successes in acquiring cyber capabilities. The committee believes that if structured appropriately CYBERCOM has the unique opportunity to demonstrate and validate new acquisition approaches. The burden is on CYBERCOM and the Department as a whole to demonstrate that CYBERCOM can effectively exercise these acquisition authorities over the next five years. There are a number of additional authorities in this title that would also improve the ability of the department to more rapidly acquire cyber capabilities. These include enhancements to commercial item, other transactions, and rapid acquisition authorities. Elsewhere in title XVI of this Act, the committee also recommends a provision that would direct the Secretary of Defense to designate within 90 days of the date of enactment an entity of the Department of Defense to be responsible for the acquisition of critical cyber capabilities to include: (1) The unified platform; (2) a persistent cyber training environment; and (3) a cyber situational awareness and battle management system. The committee believes that today department entities with existing acquisition experience are best suited for the development of larger foundational programs such as the unified platform. However, in the future the committee envisions the possibility of a shared acquisition approach where the traditional acquisition entities, in partnership with CYBERCOM, fund and develop foundational systems and service specific capabilities. CYBERCOM's acquisition role would be focused primarily on meeting joint cyber operations-peculiar and cyber capability-peculiar requirements the services are unable to meet. |