Why it Matters
The Senate's Cybersecurity Subcommittee is convening a DoD cybersecurity hearing on March 24 at a moment when nearly every major thread of Pentagon IT infrastructure policy is in motion simultaneously. The White House released a sweeping new National Cybersecurity Strategy just days ago. The Pentagon is requesting $15.1 billion for cyber programs in its FY2026 budget. And the Defense Department is in the middle of overhauling how its networks are built, defended, and staffed — from a new zero-trust framework to a consolidated cloud platform for combatant commands. The hearing will force senior defense officials to explain, on the record, how these enterprise security DoD networks initiatives fit together — and where the gaps remain.
The session will be immediately followed by a closed classified briefing, signaling that at least some of the discussion will touch on threat intelligence or operational vulnerabilities too sensitive for public testimony.
A Convergence of Policy Moves on Defense Department IT Operations
The two weeks leading up to this hearing have produced a remarkable density of cybersecurity policy activity, giving subcommittee members plenty of material to work with.
The New National Cyber Strategy
The Trump administration released its National Cybersecurity Strategy around March 10–13, built on a six-pillar framework that includes modernizing federal networks with zero-trust architecture and post-quantum cryptography, shaping adversary behavior, and sustaining U.S. dominance in AI and quantum technologies. An accompanying executive order directs federal agencies to combat ransomware, phishing, and other digital threats.
National Cyber Director Sean Cairncross outlined implementation priorities including sector-focused pilot programs and workforce development. The strategy document states: "By disrupting adversaries' cyber campaigns, and making our networks more defensible and resilient, we will unleash innovation, accelerate economic growth, and secure American technology dominance."
The strategy's emphasis on modernizing federal networks maps directly onto the hearing's stated focus on DoD network security 2026 priorities.
The $15.1 Billion Budget Request
The Pentagon's FY2026 cybersecurity allocation represents a 4 percent increase over the prior year. According to the Congressional Research Service, $9.1 billion of that is earmarked specifically for cybersecurity programs including information assurance and operational capabilities. Expect subcommittee members to press witnesses on whether that funding level is adequate given the scope of the modernization underway.
COCOMNet and Network Consolidation
The Defense Information Systems Agency is advancing its Mission Network-as-a-Service program, which aims to consolidate all combatant command networks into a single cloud-based platform called COCOMNet. DISA Deputy Director Chris Barnhurst has said that "under the Defense Department's current network architecture, users are segregated by geographic location and unable to see the entire environment — making data sharing and command-and-control between different combatant commands inefficient."
This initiative sits at the heart of the hearing's focus on enterprise IT operations and whether the Pentagon can move from fragmented, legacy systems to a unified architecture.
Zero Trust 2.0
The DoD is also drafting an updated Zero Trust Strategy 2.0 that expands cybersecurity frameworks beyond traditional IT into operational technology, IoT systems, defense critical infrastructure, and weapon systems. The DoD CIO has published guidance with 84 capability outcomes for target-level zero trust by FY2030 and 21 for advanced-level by FY2033.
Cybercom 2.0
Senior DoD officials have disclosed a new cyber force generation model called Cybercom 2.0, designed to modernize how the military builds and sustains its digital workforce. Officials said the initiative will help counter Chinese threats embedded in U.S. critical infrastructure networks.
The NDAA Adds Congressional Mandates
The FY2026 National Defense Authorization Act includes a 4.1 percent increase in military cyber funding and new requirements for hardened mobile devices, AI security frameworks, and expanded DoD cyber workforce authorities. It requires the Defense Secretary to develop frameworks covering AI and machine learning security, insider threat risks, supply chain threats, and workforce training. This hearing on military cybersecurity oversight will likely serve as an early checkpoint on whether the department is meeting those mandates.
The Threat Picture
A SOCRadar threat report tied to the 2026 National Defense Strategy found that 88.3 percent of U.S.-related Dark Web threat activity targeted the U.S. exclusively, with expected attack vectors including DDoS attacks on government and defense contractor websites, coordinated data leaks, and deepfake-enabled impersonation of senior officials. An analysis in Eurasia Review also examined the growing shift toward offensive cyber capabilities in U.S. strategy — a posture that depends on having secure, resilient networks to operate from.
Lobbying Activity Around the DoD Cybersecurity Hearing
Several defense and cybersecurity firms with direct stakes in Pentagon IT infrastructure have been actively lobbying Congress over the past year on issues aligned with the hearing's scope.
Science Applications International Corp. (SAIC), a major defense IT contractor, filed lobbying disclosures in three consecutive quarters — the First, Second, and Third Quarters of 2025. SAIC also operates the only active political action committee among the lobbying organizations identified, contributing an estimated $40,000 or more to members of Congress over the past two years.
Palo Alto Networks, a cybersecurity firm with significant federal engagement, filed three disclosures covering the First and Third Quarters of 2025 and an amendment for the Fourth Quarter.
HackerOne, which runs vulnerability disclosure and bug bounty programs with the Pentagon, filed in the First and Second Quarters of 2025. Acuity International, a defense and government services contractor, filed a Fourth Quarter 2025 disclosure.
Who's Running the Hearing
The Cybersecurity Subcommittee is chaired by Sen. Mike Rounds (R-SD), with Sen. Jacky Rosen (D-NV) serving as ranking member. The full subcommittee roster includes members with deep defense and intelligence portfolios: Sen. Tom Cotton (R-AR), Sen. Kirsten Gillibrand (D-NY), Sen. Gary Peters (D-MI), Sen. Joni Ernst (R-IA), Sen. Elissa Slotkin (D-MI), and Sen. Eric Schmitt (R-MO), among others.
Access the Legis1 platform for comprehensive political news, data, and insights.