Sec. 1507. Prohibition on the elimination of certain cyber assessment capabilities for test and evaluation
527 words·~2 min read·
/bill/119/s/1071/eah/section-1507A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
The Secretary of Defense may not take any action to divest, consolidate, or curtail any current cyber assessment capabilities or red teams certified by the National Security Agency supporting operational test and evaluation for programs of the Department of Defense unless, prior to taking such action, the Secretary submits to the congressional defense committees the certification described in subsection
(b)with respect to such action. The certification described in this subsection with respect to an action described in subsection
(a)is a certification that the decision to take such action and the analysis related to operational effects on users of cyber assessment capabilities provided by the Director of Operational Test and Evaluation of such action comply with the applicable requirements under section 4173(c)(1)(B) of title 10, United States Code, and which includes the following: The analytic basis for making the decision to take such action, including any cost, workload, and workforce requirements, as well as any analysis related to operational effects on users of cyber assessment capabilities provided by the Director of Operational Test and Evaluation of such action. An independent review by the Director of Cost Assessment and Program Evaluation of all the analysis included in the certification under paragraph (1). A comprehensive plan to sustain the critical cyber assessment capabilities for test and evaluation currently managed by the Director of Operational Test and Evaluation while transitioning such capabilities to another element of the Department of Defense or, if supporting analyses identify the elements of the Department to which such capabilities are proposed to be transferred, a plan for the transition of such capabilities to such elements, including a timeline for such transfer and measures to ensure no reductions in such capabilities during such transition. A detailed assessment of the funding requirements for maintaining and enhancing cyber assessment capabilities for test and evaluation of the Department of Defense, including how these funding requirements will be incorporated into annual budget request documents of the Department of Defense. A review of staffing, tools, and specialized resources required to support cyber operational test and evaluation across major defense acquisition programs (as defined in section 4201 of title 10, United States Code) and information technology programs of the Department of Defense . A summary of the efforts of the Department of Defense to integrate intelligence-informed threat data into operational cyber testing, including any legal or technical barriers to such integration and proposed solutions to such barriers. A plan to improve coordination and information-sharing between cyber operational test and evaluation stakeholders, the United States Cyber Command, and the intelligence community (as defined in section 3(4) of the National Security Act of 1947 ( 50 U.S.C. 3003(4) )) following the transition described in paragraph (3). Proposed metrics for evaluating mission effects in contested cyber environments that are in accordance with guidance issued by the Director of Operational Test and Evaluation, titled Cyber Operational Test and Evaluation Guidebook and dated January 31, 2025. An assessment of the effectiveness and future needs of cyber assessment programs of the Department of Defense, including an identification of any current or future requirements of such programs for resources that are or are projected to not be met.
Connectionstraces to 1
Traces to 1 document
U.S. Code
Citation graph
cites case law
Sec. 1507
Prohibition on the elimination of certain cyber assessment capabilities for test and evaluation
Cites 1Cited by 0 across 0 sources