AI leadership restructuring, IT policy oversight on tap in 2021 NDAA

The House Armed Services Committee began marking up its draft of the 2021 defense policy bill with some focus on artificial intelligence efforts and oversight of IT policy.

U.S. Air Force Cyber - photo share via DS
 

The House Armed Services Committee began marking up the 2021 defense policy bill with a focus on artificial intelligence efforts and oversight of IT policy.

In the markup by the Intelligence, Emerging Threats, and Capabilities Subcommittee, the Joint Artificial Intelligence Center, which serves as the Defense Department's lead for AI efforts, could get a board of directors to be a "standing body over the JAIC that can bring governmental and non-governmental experts together for the purpose of assisting the Department of Defense in correctly integrating and operationalizing artificial intelligence technologies."

The draft bill also moves to reassign responsibility for the JAIC to the deputy secretary of defense. DOD could be required to assess its AI capabilities and strategies, including determining personnel and funding posture for the next five years, assessing the implementation of DOD's AI strategy (including metrics, timelines, and oversight measures), reviewing the JAIC's function and mission and any risks that come with DOD increasing its AI investment and development.

IT oversight

On the IT side, new reporting requirements would give lawmakers more frequent updates on DOD's inventory and software licensing.

The emerging threats subcommittee wants to increase its oversight of DOD IT with a provision that would require a monthly brief from the defense secretary anytime there's unauthorized connections between software and hardware designed to be used on DOD networks and systems, as well as, the internet.

The provision, if implemented, would also require a twice-yearly report to Congress on any exemptions to IT policies "to establish a baseline for legislative oversight on areas where the Department of Defense has accepted risk to its networks and systems."

CIOs for DOD and the military services could have to formalize the keeping inventory of their IT assets to make them more auditable.

"The lack of a single policy framework hinders the capacity of the Department to discover license duplication and the Department is at risk of wasting valuable resources on redundant or underutilized hardware and software," the subcommittee wrote, adding that commercial companies' use of automation has alleviated the issue in the private sector.

If finalized, DOD CIOs would have to develop a process for identifying duplicative software licenses, redundant software and hardware (while also cataloging information on their usage, and any cost savings.