[Congressional Record Volume 167, Number 88 (Thursday, May 20, 2021)]
[Senate]
[Page S3230]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]

  SA 1764. Mrs. BLACKBURN submitted an amendment intended to be 
proposed by her to the bill S. 1260, to establish a new Directorate for 
Technology and Innovation in the National Science Foundation, to 
establish a regional technology hub program, to require a strategy and 
report on economic security, science, research, innovation, 
manufacturing, and job creation, to establish a critical supply chain 
resiliency program, and for other purposes; which was ordered to lie on 
the table; as follows:

       At the appropriate place, insert the following:

     SEC. ____. DEPARTMENT OF DEFENSE DATA STRATEGY.

       (a) Strategy and Briefing Required.--Not later than January 
     31, 2022, the Chief Information Officer of the Department of 
     Defense shall, in consultation with the Director of the 
     Defense Information Systems Agency--
       (1) develop a strategy that includes the elements set forth 
     under subsection (b); and
       (2) brief the Committee on Armed Services of the Senate and 
     the Committee on Armed Services of the House of 
     Representatives on the strategy developed under paragraph 
     (1).
       (b) Elements.--The strategy required by subsection (a) 
     shall include the following:
       (1) A plan for incorporating standards laid out by the 2020 
     Department of Defense Data Strategy in policies governing 
     personnel and acquisition of goods and services.
       (2) A plan for how the Department will incorporate 
     technology solutions necessary to ensure data security is 
     independent from network security, including technology that 
     allows for attribution and location based controls.
       (3) A detailed set of criteria for determining authorized 
     users of data and how technological solutions could enhance 
     policies focused on data protection that is tailored to 
     authorized users.
       (4) A description of how security and data classification 
     standards could be harmonized across elements of the 
     Department and the intelligence community (as defined in 
     section 3 of the National Security Act of 1947 (50 U.S.C. 
     3003)) to ensure more seamless information sharing, that 
     includes an analysis of network or data security solutions 
     that could help automate that process and implement 
     classification policies and procedures.
                                 ______