Cyber Security

Congressional Response to AI Governance with the NDAA

Jan 23, 2025

6

min read

The 2025 NDAA prioritizes AI adoption for battlefield modernization, defense logistics, command authority, and cybersecurity. Industry leaders like Microsoft and OpenAI drive innovation.
Person writting code on a computer
Person writting code on a computer
Person writting code on a computer
Person writting code on a computer

Members of Congress continue to drive towards greater adoption of AI within the NDAA far beyond the current provisional requests. Congress continues to find ways to partner and leverage AI expertise from the private industry leaders, including Microsoft, Cisco, Oracle, Amazon Web Services, and Google, newcomers including Open-AI, Anduril, Palantir, SpaceX, and Tiebreaker AI that already have successfully developed and sold AI functionalities across many business sections including healthcare, FinTech, industrial 4.0 manufacturing, higher education, and defense. 

Many cybersecurity product leaders, including CrowdStrike, Palo Alto Networks, and Trustifi, continue to mature their AI offerings, helping to empower their clients with additional advanced AI defense capabilities. 

What Are the Top Provisions Being Considered Within the NDAA for 2025? 

At the core of the provisions within the 2025 NDAA, including several critical areas where AI could have short and long-term positive effects: 

Battlefield Modernization 

Several provisions of the NDAA call for advancements in AI, specifically in drone technology for offensive and defensive capabilities. Many members of Congress recognize the shift in the modern battlefield becoming far more autonomous, particularly in regional conflicts. A significant part of the AI for the modern battlefield has a lot to do with automating and optimizing the defense supply chain. Currently, the global supply chain for defensive components depends on nations that do not hold the U.S. in a favorable state. Applying AI to the supply chain can better predict near-future supply challenges while seeking and approving new suppliers with minimal human interaction. 

Continuous Automated Authority for Command 

Testing and evaluating new technologies for DOD agencies remains a manual process with a blend of automation. AI-powered technology evaluations will help expedite solution review processes and extend faster authorization functions and compliance reporting. 

Automation of Defense Acquisition and Logistics 

AI provisions within the NDAA focusing on acquisition and logistics from weapons systems, fuel, and sensitive materials are expected to be among the first to become law in 2025. The current DOD acquisition and logistics systems continue to be costly, duplicated, and very political in nature. Adding AI functionality will provide a clear process and decision logic to help reduce cost, duplication, and waste of funds. 

Modernization Government Cybersecurity 

Like the private sector, the adoption of cybersecurity powered by AI for defensive purposes continues to be mandated across several compliance regulations and privacy acts. HIPAA, PCI-DSS, and GPDR all require organizations to deploy modern and updated cybersecurity defensive tools capable of stopping next-generation cyberattacks powered by AI. Current legacy cybersecurity tools based on outdated signatures provide little or no means to stop an AI attack. 

Related Articles