top of page
Aug 1

Letter to Senate Armed Services Committee re: FY 2025 National Defense Authorization Act

July 31, 2024


The Honorable Jack Reed

Chairman, Senate Armed Services Committee

728 Hart Senate Office Building

Washington, D.C. 20510


The Honorable Roger Wicker

Ranking Member, Senate Armed Services Committee

425 Russell Senate Office Building

Washington, D.C. 20510


Dear Chairman Reed and Ranking Member Wicker,

 

On behalf of the Operational Technology Cybersecurity Coalition (OTCC), thank you for the strategic provisions included in the Fiscal Year 2025 National Defense Authorization Act (NDAA) related to securing Department of Defense (DoD) Operational Technology (OT). Your leadership in addressing the evolving cybersecurity challenges is commendable and vital for our national security.

 

The OTCC is a diverse group of leading industrial control systems (ICS) and OT cybersecurity vendors. As such, we particularly appreciate the following sections:

 

  • Section 1614: This section mandates the Chief Information Officer (CIO) of DoD to develop guidance on the application of the DoD’s zero trust strategy to the Internet of Military Things (IoMT) hardware. This guidance is crucial for enhancing the security posture of our military’s connected devices and systems.

  • Cyber Resilience for DoD Critical Facilities and Assets: The directive for the DoD CIO to establish continuous Authority to Operate (cATO) with active monitoring, cyber defense, and secure software supply chain controls for Defense Critical Assets (DCA) and Task Critical Assets (TCA) is a significant step forward in ensuring the safety and security of DoD’s critical infrastructure.

  • Guidance on Operational Technology in Information Assurance Vulnerability Management Program: The instruction for the DoD CIO to issue guidance incorporating operational technology (OT) into the information assurance vulnerability management program aligns with our coalition’s goals of securing OT environments across all sectors.

 

The OTCC and its members are committed to supporting the DoD and Congress in these initiatives. We believe that a collaborative approach between the public and private sectors is essential to address the cybersecurity risks effectively. We look forward to working closely with you and your staff on these critical issues in the future, and thank you once again for your leadership and support.

 

Sincerely,


Andrew Howell

Executive Director, OTCC

Comments

bottom of page