Much Ado About Nothing? Cyber Command and the NSA – War on the Rocks

Category: NSA

Last week, word began to spread that the Trump administration was considering granting new powers to U.S. Cyber Command. Lolita Baldor of the Associated Press had the scoop, discussing two related but separate steps under consideration: first, to elevate U.S. Cyber Command to the status of a unified command and second, to break the current dual-hat arrangement with the National Security Agency (NSA), whereby the commander of U.S. Cyber Command is the same individual as the director of the NSA.

It is worth noting, however, four things: First, these two steps (elevation and separation) have been under consideration for years. Second, there were good reasons at the time why the Obama administration didnt act on them. Third, elevation and separation should, in theory, operationally empower U.S. Cyber Command, but in practice Cyber Command may ironically find itself with less capability to offer. And finally, Cyber Command has already quietly amassed non-operational power and authority within the Department of Defense, making it one of the most independent commands, second only to the U.S. Special Operations Command. As such, while this weekends news is a good sign of the continued maturation of Cyber Command (and the acknowledgment of that maturation by the White House), theres less here than meets the eye.

Lets review Cyber Commands origins and its assigned missions before tackling the news. (Please accept my apologies in advance for some acronym salad.) For the short-story long, see chapter 8 of Playing to the Edge by Michael Hayden and the early parts of Jay Healeys Fierce Domain. Long-story short, the NSA had been the nations leading signals intelligence agency for decades. But after 9/11, as new opportunities emerged to create effects against adversaries during declared hostilities, Pentagon leadership became uncomfortable with the notion that the intelligence missions of collection and analysis would be conducted by the same organization that would disrupt or degrade, even destroy, targets through cyber-attacks during an armed conflict. In 2002, U.S. Strategic Command was given responsibility for cyberspace, and two little-known subordinate organizations emerged to manage it: Joint Task Force-Global Network Operations (JTF-GNO) would handle guarding the Defense Departments networks while Joint Functional Component Command-Network Warfare (JFCC-NW) would be responsible for missions wed think of as offense. Because there was so much overlap between the NSA and the emerging JFCC-NW, the Department of Defense created the dual-hat by making the NSA director (then Hayden) the commander of JFCC-NW. As the threats to the Department of Defense in cyberspace increased throughout the 2000s, Secretary of Defense Robert Gates consolidated JTF-GNO and JFCC-NW under a new U.S. Cyber Command in 2010, but it was still subordinate to U.S. Strategic Command and still dual-hatted with the NSA director. Thats more or less where we find ourselves today.

Since then, U.S. Cyber Command has been charged with three missions: defend the Defense Departments networks and systems, provide offensive support to other commands in the event of a contingency, and defend the nation from a cyber-attack of significant consequence (less than two percent of incidents would qualify as significant).

Advocates of more autonomy and authority for U.S. Cyber Command have often bemoaned its subordinate status to U.S. Strategic Command. The theory is that having to work through Strategic Command slows down operational approval, coordination, or whatever else needs to happen. Based on my experience in the Cyber Policy office of the Office of the Secretary of Defense, I am of the view that a stove-piped Joint Staff had more to do with delays and miscommunication than anything else; nor could I ever find a function Cyber Command might be asked to execute that could only be performed by a full, unified command (like Strategic Command) but not by a sub-unified command (like Cyber Command). We looked at this several times during the last administration: If the secretary of defense wanted the sub-unified command to execute, they could and would. It wasnt a problem, so elevating the command wasnt necessary. So, while I dont think there are any big wins to be had by the recent news about the Trump administration wanting to elevate Cyber Command, I dont think it hurts to do it either. And it might not ultimately be up to the White House: The 2017 NDAA requires the administration to elevate Cyber Command.

Breaking the dual-hatted relationship with the NSA is more complicated. There are very good reasons why JFCC-NW was born with the NSA as its commander, as there is a lot of overlap between the organizations. This overlap is intuitive to those whove worked in the business, but hard to explain in brief here. Ill just quote Hayden on this point: [I]n the cyber domain the technical and operational aspects of defense, espionage, and cyberattack are frankly indistinguishable they are all the same thing. Its obviously more complicated than this, but at a high level, I think this was the rationale.

There were studies undertaken about the implications of breaking the dual-hat before the Snowden affair, but his disclosures forced policymakers to confront the issue head-on. At that time, it was thought that breaking the dual-hat could improve perceptions about privacy and civil liberties at the NSA, but in December 2013 the Obama administration decided to maintain the arrangement. Senior leaders felt it was too soon to separate Cyber Command. Its readiness and resources were growing but insufficient, and it was still too reliant on NSA talent and services for its missions.

Working with the two organizations, I found that the relationship between the two was akin to a mix between hostage-taking and Stockholm syndrome except each organization kept mixing up which was the hostage and which was the hostage-taker. One day, U.S. Cyber Command would demand NSA support due to the latters responsibility as a combat support agency. The next day, the command would cave and say that NSA had other, more important priorities. And NSA too would resist a request from Cyber Command, then embrace it, and then fight it. The overlap and dependence was that tight.

For that reason, among others, I understand the argument about needing to separate Cyber Command from NSA so that the former can pursue its missions (especially to defend the nation and to support other commands) with greater independence from signals intelligence. But theres a risk here that would be dangerous to miss: When Cyber Command needs NSA support, the fact that its the same person in charge of both organization can break what might otherwise be a log-jam. Splitting the dual-hat could result in the NSA isolating itself and refocusing on its own core missions (the collection of signals intelligence and providing information assurance) while minimizing its support to Cyber Command.

Just because there are risks does not mean the Trump administration should leave the current arrangement in place. The question is not whether, but when and how, to break the dual-hat. One priority for the White House and Secretary Mattis will be to have a clear understanding with the new NSA director (who may well be a civilian for the first time) about how he or she sees the relationship with Cyber Command, and then how the administration monitors the relationship to ensure the NSA doesnt abandon Cyber Command outright.

The selection of who will next lead Cyber Command will also be a priority. Someone like the current commander of Army Cyber Command, Lt. Gen. Paul Nakasone, is an ideal candidate: He has years of experience in the cyber effects business, time in the Pentagon and the field, and he understands the roles of civilians, fellow military officers, and senior political types. Another name thats been floated is Lt. Gen. William Mayville, currently the Director of the Joint Staff. His time as the Joint Staffs chief information officer and with Joint Special Operations Command would make him a strong leader for Cyber Command as well.

The good news for the future of the U.S. militarys cyber operations is that, regardless of whether or not Cyber Command is elevated as a unified command or separated from the NSA, Congress has quietly been empowering Cyber Command with greater authorities and independence through legislation. My colleague Charley Snyder and I assessed all the additional powers conferred in the 2017 NDAA over at Lawfare, but Id like to single out the authority related to requirements: Being able to set its own requirements for the conduct of cyber operations, as well as validating the requirements of other defense components, matters more than this bland bureaucratic language might suggest. With the independent acquisition authority Congress gave it in a previous NDAA, Cyber Command can now accelerate acquisition and procurement to keep up with new requirements without the usual deliberations chaired by the Joint Staff. Special Operations Command is the only other military outfit with that kind of freedom, and it makes a big difference.

But the big question will be this: Regardless of these crucial authorities and any new command arrangements, what will Cyber Commands role be in protecting the country from threats like Russian information operations? Maybe its time we get away from using cyber as the description of what needs to be done, and instead think about what an Information Warfare Command would look like. How should the United States wage such a fight, and how should it protect itself? I am pleased the Trump administration is considering organizational changes to support a higher profile for cyber operations, but we really need answers to these bigger policy questions.

Michael Sulmeyer is the Director of the Cyber Security Project at the Harvard Kennedy Schools Belfer Center for Science and International Affairs. He also served in the Office of the Secretary of Defense, Cyber Policy, from 2012-2015. Follow him on Twitter @SultanOfCyber.

Image:Airman 1st Class Christopher Maldonado/Shaw Air Force Base

Originally posted here:
Much Ado About Nothing? Cyber Command and the NSA - War on the Rocks

NSA Warns iPhone And Android UsersClose All Apps If You See This - Forbes - September 17th, 2025 [September 17th, 2025]
US' Ex-NSA John Bolton: Trump Should Call Modi, Fix Relations, And Visit India For QUAD Summit' - Times of India - September 17th, 2025 [September 17th, 2025]
'Come To India': Ex-NSA's Words Of Wisdom To Trump On Tariff, Indo-US Ties - Times of India - September 17th, 2025 [September 17th, 2025]
Video NSA whistleblower Reality Winner on rebuilding her life in new memoir - ABC News - September 17th, 2025 [September 17th, 2025]
Former US NSA calls India proud and strong, criticises Trumps India strategy - The Shillong Times - September 17th, 2025 [September 17th, 2025]
Video | Ex-US NSA's Explosive Interview: 'Navarro Keeps Picking Fights' - NDTV - September 15th, 2025 [September 15th, 2025]
NSA, EFCC, DSS urged to probe alleged funding of bandits in Zamfara - The Guardian Nigeria News - September 15th, 2025 [September 15th, 2025]
Ex-US NSA Reveals Navarro Once Attempted Confrontation Between Donald Trump, PM Modi - News18 - September 15th, 2025 [September 15th, 2025]
Navarro tried to provoke Modi-Trump clash, claims ex-US NSA; says India should ignore the sideshow - Moneycontrol - September 15th, 2025 [September 15th, 2025]
'Erratic behaviour': Ex-US NSA John Bolton slams Trumps India tariffs; rejects claim of brokering India- - The Times of India - September 13th, 2025 [September 13th, 2025]
Unqualified to be US Ambassador to India: Ex-US NSA slams Sergio Gor nomination; dismisses Navarros re - The Times of India - September 13th, 2025 [September 13th, 2025]
Trump's not thinking about the effects of his actions: Ex-US NSA John Bolton - The Times of India - September 13th, 2025 [September 13th, 2025]
NSA leaker Reality Winner is rebuilding her life -- and looking back at her past - NPR - September 13th, 2025 [September 13th, 2025]
India should see Trump as one-time proposition: Ex-US NSA John Bolton flags number of concerns on Indian side - Mint - September 13th, 2025 [September 13th, 2025]
Peter Navarro Tried To Start Fight Between Trump, PM Modi: Ex US NSA - NDTV - September 13th, 2025 [September 13th, 2025]
'Erratic behaviour': Ex-US NSA John Bolton slams Trumps India tariffs; rejects claim of brokering India-Pak peace - MSN - September 13th, 2025 [September 13th, 2025]
India should see Trump as one-time proposition and act in its national interest: Ex-US NSA John Bolton - Tribune India - September 13th, 2025 [September 13th, 2025]
Cyber Command, NSA to remain under single leader as officials shelve plan to end 'dual hat' - The Record from Recorded Future News - September 11th, 2025 [September 11th, 2025]
Cyber Command, NSA to remain under the leadership of one person - SC Media - September 11th, 2025 [September 11th, 2025]
CISA, NSA and Partners Release Shared Vision of Software Bill of Materials for Cybersecurity Guide - Homeland Security Today - September 11th, 2025 [September 11th, 2025]
New Research Reveals How NSA is Affecting Providers, Consumers - MedLearn Publishing - September 11th, 2025 [September 11th, 2025]
NSA, CISA and others urge for unified approach to strengthen cybersecurity resilience - Digital Watch Observatory - September 9th, 2025 [September 9th, 2025]
Federal firefighter stationed at NSA Portsmouth saves passenger in cardiac arrest with life-saving CPR during flight - KREM - September 9th, 2025 [September 9th, 2025]
NSA Director-General reassigned to Ministry of Finance - GhanaWeb - September 9th, 2025 [September 9th, 2025]
Federal firefighter stationed at NSA Portsmouth saves passenger in cardiac arrest with life-saving CPR during flight - ABC10 - September 9th, 2025 [September 9th, 2025]
Federal firefighter stationed at NSA Portsmouth saves passenger in cardiac arrest with life-saving CPR during flight - 12News - September 9th, 2025 [September 9th, 2025]
Federal firefighter stationed at NSA Portsmouth saves passenger in cardiac arrest with life-saving CPR during flight - 13newsnow.com - September 6th, 2025 [September 6th, 2025]
Trump expected to nominate Lt. Gen. William Hartman to lead NSA, Cyber Command - Politico - September 5th, 2025 [September 5th, 2025]
Trumps personal rapport with PM Modi is gone, says former US NSA John Bolton; warns ties wont shield le - The Times of India - September 5th, 2025 [September 5th, 2025]
Trump threw aside India ties for family's business with Pakistan, says Ex-US NSA Jake Sullivan | Latest News India - Hindustan Times - September 5th, 2025 [September 5th, 2025]
CISA, NSA, global partners release SBOM Guidance urging cross-border adoption to boost software supply chain security - Industrial Cyber - September 5th, 2025 [September 5th, 2025]
Trump wrecked India ties for business interests in Pakistan: Fmr NSA | World News - The Times of India - September 5th, 2025 [September 5th, 2025]
Core4ce Appoints Former NSA Cybersecurity Director David Luber to Board of Advisors - Business Wire - September 5th, 2025 [September 5th, 2025]
Court to Either Trash or Withhold Controversy 'NSA Calls Log Evidence' Today - liberianobserver.com - September 5th, 2025 [September 5th, 2025]
Trump-Modi's very good relationship is gone now: Former US NSA Bolton - Business Standard - September 5th, 2025 [September 5th, 2025]
'Threw India ties aside for Pakistan business': Ex-US NSA Jake Sullivan blasts Trump; calls it a 'huge st - The Times of India - September 3rd, 2025 [September 3rd, 2025]
Former NSA Jake Sullivan accuses Trump of prioritising familys business ventures in Pakistan over India relations - The Indian Express - September 3rd, 2025 [September 3rd, 2025]
Predicting NSA.PRA trend using moving averages - Trade Volume Report & AI Powered Buy/Sell Recommendations - Newser - September 3rd, 2025 [September 3rd, 2025]
Is it time to cut losses on NSA.PRA - 2025 Year in Review & Real-Time Buy Zone Alerts - Newser - September 3rd, 2025 [September 3rd, 2025]
Can trapped investors hope for a rebound in NSA.PRB - July 2025 Action & Daily Profit Focused Stock Screening - Newser - September 1st, 2025 [September 1st, 2025]
Price action breakdown for NSA.PRA - July 2025 Pullbacks & Risk Adjusted Buy/Sell Alerts - Newser - September 1st, 2025 [September 1st, 2025]
Can a trend reversal in NSA.PRA lead to recovery - CPI Data & AI Powered Buy and Sell Recommendations - Newser - September 1st, 2025 [September 1st, 2025]
NSA, Other Agencies Release Advisory Against China-Sponsored Cyberthreats - ExecutiveGov - August 29th, 2025 [August 29th, 2025]
NSA, NCSC, and allies detailed TTPs associated with Chinese APT actors targeting critical infrastructure Orgs - Security Affairs - August 29th, 2025 [August 29th, 2025]
Former National Security Agency (NSA) Director and Commander of U.S. Cyber Command Joins Accrete, Inc. as Strategic Board Advisor - Yahoo Finance - August 29th, 2025 [August 29th, 2025]
NSA.PRA stock outlook for YEAR - Quarterly Profit Summary & Long-Term Safe Investment Ideas - Newser - August 29th, 2025 [August 29th, 2025]
NSA, FBI, Others Say Chinese Tech Firms are Aiding Salt Typhoon Attacks - Security Boulevard - August 29th, 2025 [August 29th, 2025]
American brand globally is in the toilet: Former US NSA Jake Sullivan says Trumps massive trade offen - The Times of India - August 29th, 2025 [August 29th, 2025]
CISA, NSA, And FBI Warn Of Ongoing Chinese State-Sponsored Cyber Espionage - Information Security Buzz - August 29th, 2025 [August 29th, 2025]
What recovery options are there for NSA.PRA - July 2025 Update & Verified Momentum Watchlists - Newser - August 27th, 2025 [August 27th, 2025]
Top Resilience and Healthcare Keynote Speaker, Artist, Burn Survivor, and Entrepreneur, Allison Massari, Inducted into NSA Speaker Hall of Fame--A... - August 27th, 2025 [August 27th, 2025]
Top Resilience and Healthcare Keynote Speaker, Artist, Burn Survivor, and Entrepreneur, Allison Massari, Inducted into NSA Speaker Hall of Famea... - August 27th, 2025 [August 27th, 2025]
Joseph Francescon Announced as Next NSA Deputy Director - Homeland Security Today - August 26th, 2025 [August 26th, 2025]
Former National Security Agency (NSA) Director and Commander of U.S. Cyber Command Joins Accrete, Inc. as Strategic Board Advisor - PR Newswire - August 26th, 2025 [August 26th, 2025]
Former CRPF DG Anish Dayal Singh appointed deputy NSA - The Hindu - August 26th, 2025 [August 26th, 2025]
FBI raids Trump ex-NSA John Bolton days after outburst on India tariff - Tribune India - August 24th, 2025 [August 24th, 2025]
Is NSA.PRA reversing from oversold territory - 2025 Short Interest & Risk Adjusted Buy and Sell Alerts - Newser - August 24th, 2025 [August 24th, 2025]
Will a bounce in NSA.PRB offer an exit - Swing Trade & Weekly Top Performers Watchlists - Newser - August 24th, 2025 [August 24th, 2025]
Who is John Bolton? From Trump's ex-NSA to FBI target in classified information probe - Hindustan Times - Hindustan Times - August 22nd, 2025 [August 22nd, 2025]
Former intelligence analyst is named NSA deputy director - The Washington Post - August 22nd, 2025 [August 22nd, 2025]
FBI Raids Former US NSA John Bolton's Home Days After He Criticised Trump's Tariffs On India - Republic World - August 22nd, 2025 [August 22nd, 2025]
FBI raids home of former NSA John Bolton as part of investigation into classified documents - Audacy - August 22nd, 2025 [August 22nd, 2025]
'Sanctions don't prohibit': Former Trump NSA John Bolton on India buying Russian oil | Latest News India - Hindustan Times - Hindustan Times - August 22nd, 2025 [August 22nd, 2025]
FBI raids Trump's former NSA John Bolton's Maryland residence after India tariffs outburst - theweek.in - August 22nd, 2025 [August 22nd, 2025]
FBI raids ex-Trump NSA John Boltons house, days after he criticised penalty tariffs on India - ThePrint - August 22nd, 2025 [August 22nd, 2025]
'Sanctions don't prohibit': Former Trump NSA John Bolton on India buying Russian oil - MSN - August 22nd, 2025 [August 22nd, 2025]
Will NSA.PRB outperform during market rallies - Portfolio Performance Report & Verified Technical Signals - baoquankhu1.vn - August 22nd, 2025 [August 22nd, 2025]
TYC stages another protest as Chinese FM Wang Yi meets Indias NSA Doval - Phayul - August 20th, 2025 [August 20th, 2025]
News - The Future of Fitness: NSA Souda Bay and MWR Raise the Bar - DVIDS - August 20th, 2025 [August 20th, 2025]
There is an upward trend in India-China ties, NSA Ajit Doval says - The Economic Times - August 20th, 2025 [August 20th, 2025]
Heltonville's Matt Craig Honored with Circle of Corydon Award for NSA - Hoodline - August 18th, 2025 [August 18th, 2025]
Trump's Former NSA John Bolton Rips Tariffs On Russian Oil As 'Unforced Error,' Warns Move Could Push India Into Moscow's Arms - Benzinga - August 18th, 2025 [August 18th, 2025]
Is This a Bottoming Phase for NSA.PRA - July 2025 WrapUp & Weekly Top Stock Performers List - thegnnews.com - August 14th, 2025 [August 14th, 2025]
Promoting Human Rights in Iraqs Counter-Terrorism Efforts: UNOCT and NSA Host a Workshop for Women working in Security Entities | Office of... - August 12th, 2025 [August 12th, 2025]
Ex-NSA Chief Paul Nakasone Has a Warning for the Tech World - WIRED - August 9th, 2025 [August 9th, 2025]
Excited to receive Putin in India: NSA Doval in Moscow amid Trumps tariff bullying over Russian oil - MSN - August 9th, 2025 [August 9th, 2025]
Ex-US NSA John Bolton calls Trump's tariffs on India 'enormous mistake', says THIS about China, Russia - WION - August 9th, 2025 [August 9th, 2025]
Putin-Trump Summit: Defining eventdefinitely have an impact on India, says former Deputy NSA Saran - Rising Kashmir - August 9th, 2025 [August 9th, 2025]
Trump's India tariffs will push New Delhi closer to Moscow and Beijing, warns former US NSA - Mint - August 9th, 2025 [August 9th, 2025]
Putin-Trump Summit: 'Defining event...definitely have an impact on India': former Deputy NSA Saran - Awaz The Voice - August 9th, 2025 [August 9th, 2025]

July 20th, 2017

No comments yet

Comments are closed.

Mediaboss Marketing

Much Ado About Nothing? Cyber Command and the NSA – War on the Rocks

About

Pages

Categories

Media Sites

Recommended Sites

Archives