With the advice and assistance of the Chairman of the Joint Chiefs of Staff, the President, through the Secretary of Defense, shall establish under section 161 of this title a unified combatant command for cyber operations forces (hereinafter in this section referred to as the “cyber command”). The principal function of the command is to prepare cyber operations forces to carry out assigned missions.
Unless otherwise directed by the Secretary of Defense, all active and reserve cyber operations forces of the armed forces stationed in the United States shall be assigned to the cyber command.
The commander of the cyber command shall hold the grade of general or, in the case of an officer of the Navy, admiral while serving in that position, without vacating that officer’s permanent grade. The commander of such command shall be appointed to that grade by the President, by and with the advice and consent of the Senate, for service in that position.
Subject to the authority, direction, and control of the Principal Cyber Advisor, the commander of such command shall be responsible for, and shall have the authority to conduct, the following functions relating to cyber operations activities (whether or not relating to the cyber command):
(1) In addition to the authority prescribed in section 164(c) of this title, the commander of the cyber command shall be responsible for, and shall have the authority to conduct, all affairs of such command relating to cyber operations activities.
Subject to the authority, direction, and control of the Principal Cyber Advisor, the commander of such command shall be responsible for, and shall have the authority to conduct, the following functions relating to cyber operations activities (whether or not relating to the cyber command):
(A) Subject to the authority, direction, and control of the Principal Cyber Advisor, the commander of such command shall be responsible for, and shall have the authority to conduct, the following functions relating to cyber operations activities (whether or not relating to the cyber command): (i) Developing strategy, doctrine, and tactics. (ii) Preparing and submitting to the Secretary of Defense program recommendations and budget proposals for cyber operations forces and for other forces assigned to the cyber command. (iii) Exercising authority, direction, and control over the expenditure of funds— (I) for forces assigned directly to the cyber command; and (II) for cyber operations forces assigned to unified combatant commands other than the cyber command, with respect to all matters covered by section 807 of the National Defense Authorization Act for Fiscal Year 2016 (Public Law 114–92; 129 Stat. 886; 10 U.S.C. 2224 note) and, with respect to a matter not covered by such section, to the extent directed by the Secretary of Defense. (iv) Training and certification of assigned joint forces. (v) Conducting specialized courses of instruction for commissioned and noncommissioned officers. (vi) Validating requirements. (vii) Establishing priorities for requirements. (viii) Ensuring the interoperability of equipment and forces. (ix) Formulating and submitting requirements for intelligence support. (x) Monitoring the promotion of cyber operation forces and coordinating with the military departments regarding the assignment, retention, training, professional military education, and special and incentive pays of cyber operation forces.
(B) The authority, direction, and control exercised by the Principal Cyber Advisor for purposes of this section is authority, direction, and control with respect to the administration and support of the cyber command, including readiness and organization of cyber operations forces, cyber operations-peculiar equipment and resources, and civilian personnel.
(C) Nothing in this section shall be construed as providing the Principal Cyber Advisor authority, direction, and control of operational matters that are subject to the operational chain of command of the combatant commands or the exercise of authority, direction, and control of personnel, resources, equipment, and other matters that are not cyber-operations peculiar and that are in the purview of the armed forces.
The commander of the cyber command shall be responsible for—
(A) ensuring the combat readiness of forces assigned to the cyber command; and
(B) monitoring the preparedness to carry out assigned missions of cyber forces assigned to unified combatant commands other than the cyber command.
(C) The staff of the commander shall include an inspector general who shall conduct internal audits and inspections of purchasing and contracting actions through the cyber operations command and such other inspector general functions as may be assigned.
This section does not constitute authority to conduct any activity which, if carried out as an intelligence activity by the Department of Defense, would require a notice to the Select Committee on Intelligence of the Senate and the Permanent Select Committee on Intelligence of the House of Representatives under title V of the National Security Act of 1947 (50 U.S.C. 3091 et seq.).
(Added Pub. L. 114–328, div. A, title IX, § 923(a), Dec. 23, 2016, 130 Stat. 2357; amended Pub. L. 115–91, div. A, title X, § 1081(a)(12), title XVI, § 1635, Dec. 12, 2017, 131 Stat. 1595, 1741.)