CHAPTER 19—CYBER AND INFORMATION OPERATIONS MATTERS
Editorial Notes
Amendments
2023—Pub. L. 118–31, div. A, title XV, §§1501(1), 1502(a)(1), title XVIII, §1801(a)(6), Dec. 22, 2023, 137 Stat. 533, 683, added item 391b and made identical amendments redesignating item 398 "Pilot program for sharing cyber capabilities and related information with foreign operational partners" as 398a. Amendments were made pursuant to operation of section 102 of this title.
2022—Pub. L. 117–263, div. A, title X, §1052(b), title XV, §§1501(b)(1), 1502(a), 1521, 1551(b), Dec. 23, 2022, 136 Stat. 2777, 2877, 2879, 2897, 2919, added items 391a, 392a, and 399 and two items 398.
2019—Pub. L. 116–92, div. A, title XVI, §1631(a)(2)(A), Dec. 20, 2019, 133 Stat. 1742, substituted "CYBER AND INFORMATION OPERATIONS MATTERS" for "CYBER MATTERS" in chapter heading and added item 397.
2018—Pub. L. 115–232, div. A, title XVI, §1631(c)(2), Aug. 13, 2018, 132 Stat. 2123, added items 394 to 396.
2015—Pub. L. 114–92, div. A, title X, §1081(a)(4), title XVI, §1641(c)(2), Nov. 25, 2015, 129 Stat. 1001, 1116, substituted "Reporting on cyber incidents with respect to networks and information systems of operationally critical contractors and certain other contractors" for "Reporting on cyber incidents with respect to networks and information systems of operationally critical contractors" in item 391 and added item 393.
2014—Pub. L. 113–291, div. A, title XVI, §1633(d), Dec. 19, 2014, 128 Stat. 3643, added item 392.
Statutory Notes and Related Subsidiaries
Alignment of Department of Defense Cyber International Strategy With National Defense Strategy and Department of Defense Cyber Strategy
Pub. L. 117–263, div. A, title XV, §1506, Dec. 23, 2022, 136 Stat. 2882, provided that:
"(a)
"(1) the national defense strategy published in 2022 pursuant to section 113(g) of title 10, United States Code;
"(2) the Cyber Strategy of the Department published during fiscal year 2023; and
"(3) the current International Cyberspace Security Cooperation Guidance of the Department, as of the date of the enactment of this Act.
"(b)
"(1) Efforts to build the internal capacity of the Department to support international strategy policy engagements with allies and partners of the United States.
"(2) Efforts to coordinate and align cyberspace operations with foreign partners of the United States, including alignment between hunt-forward missions and other cyber international strategy activities conducted by the Department, including identification of processes, working groups, and methods to facilitate coordination between geographic combatant commands and the United States Cyber Command.
"(3) Efforts to deliberately cultivate operational and intelligence-sharing partnerships with key allies and partners of the United States to advance the cyberspace operations objectives of the Department.
"(4) Efforts to identify key allied and partner networks, infrastructure, and systems that the Joint Force will rely upon for warfighting and to—
"(A) support the cybersecurity and cyber defense of those networks, infrastructure, and systems;
"(B) build partner capacity to actively defend those networks, infrastructure, and systems;
"(C) eradicate malicious cyber activity that has compromised those networks, infrastructure, and systems, such as when identified through hunt-forward operations; and
"(D) leverage the commercial and military cybersecurity technology and services of the United States to harden and defend those networks, infrastructure, and systems.
"(5) Efforts to secure the environments and networks of mission partners of the United States used to hold intelligence and information originated by the United States.
"(6) Prioritization schemas, funding requirements, and efficacy metrics to drive cyberspace security investments in the tools, technologies, and capacity-building efforts that will have the greatest positive impact on the resilience and ability of the Department to execute its operational plans and achieve integrated deterrence.
"(c)
"(d)
"(1)
"(2)
"(A) An overview of efforts undertaken pursuant to this section.
"(B) An accounting of all the security cooperation activities of the Department germane to cyberspace and changes made pursuant to implementation of this section.
"(C) A detailed schedule with target milestones and required expenditures for all planned activities related to the efforts described in subsection (b).
"(D) Interim and final metrics for building the cyberspace security cooperation enterprise of the Department.
"(E) Identification of such additional funding, authorities, and policies, as the Under Secretary determines may be required.
"(F) Such recommendations as the Under Secretary may have for legislative action to improve the effectiveness of cyberspace security cooperation of the Department with foreign partners and allies.
"(e)
Enhancement of Cyberspace Training and Security Cooperation
Pub. L. 117–263, div. A, title XV, §1507, Dec. 23, 2022, 136 Stat. 2883, provided that:
"(a)
"(1)
"(2)
"(A) by not later than one year after the date of the enactment of this Act [Dec. 23, 2022] with respect to the Joint Military Attaché School; and
"(B) by not later than September 30, 2025, with respect to the Defense Security Cooperation University.
"(3)
"(A) is tailored to the trainees' anticipated embassy role and functions; and
"(B) provides familiarity with—
"(i) the different purposes of cyberspace engagements with partners and allies of the United States, including threat awareness, cybersecurity, mission assurance, and operations;
"(ii) the types of cyberspace security cooperation programs and activities available for partners and allies of the United States, including bilateral and multilateral cyberspace engagements, information and intelligence sharing, training, and exercises;
"(iii) the United States Cyber Command cyberspace operations with partners, including an overview of the Hunt Forward mission and process;
"(iv) the roles and responsibilities of the United States Cyber Command, the geographic combatant commands, and the Defense Security Cooperation Agency for cybersecurity cooperation within the Department of Defense; and
"(v) such other matters as the Under Secretaries, in coordination with the Commander of United States Cyber Command, consider appropriate.
"(4)
"(b)
"(1) Sufficiency of the training provided in the Defense Security Cooperation University and the Joint Military Attaché School.
"(2) Additional training requirements, familiarization requirements, or both such requirements necessary for officers assigned to particular locations or positions.
"(3) Areas for increased cooperation.
"(4) A plan for completing the activities required by subsection (a).
"(5) Additional resources required to complete such activities.
"(c)