Much Ado About Nothing? Cyber Command and the NSA – War on the Rocks

Category: NSA

Last week, word began to spread that the Trump administration was considering granting new powers to U.S. Cyber Command. Lolita Baldor of the Associated Press had the scoop, discussing two related but separate steps under consideration: first, to elevate U.S. Cyber Command to the status of a unified command and second, to break the current dual-hat arrangement with the National Security Agency (NSA), whereby the commander of U.S. Cyber Command is the same individual as the director of the NSA.

It is worth noting, however, four things: First, these two steps (elevation and separation) have been under consideration for years. Second, there were good reasons at the time why the Obama administration didnt act on them. Third, elevation and separation should, in theory, operationally empower U.S. Cyber Command, but in practice Cyber Command may ironically find itself with less capability to offer. And finally, Cyber Command has already quietly amassed non-operational power and authority within the Department of Defense, making it one of the most independent commands, second only to the U.S. Special Operations Command. As such, while this weekends news is a good sign of the continued maturation of Cyber Command (and the acknowledgment of that maturation by the White House), theres less here than meets the eye.

Lets review Cyber Commands origins and its assigned missions before tackling the news. (Please accept my apologies in advance for some acronym salad.) For the short-story long, see chapter 8 of Playing to the Edge by Michael Hayden and the early parts of Jay Healeys Fierce Domain. Long-story short, the NSA had been the nations leading signals intelligence agency for decades. But after 9/11, as new opportunities emerged to create effects against adversaries during declared hostilities, Pentagon leadership became uncomfortable with the notion that the intelligence missions of collection and analysis would be conducted by the same organization that would disrupt or degrade, even destroy, targets through cyber-attacks during an armed conflict. In 2002, U.S. Strategic Command was given responsibility for cyberspace, and two little-known subordinate organizations emerged to manage it: Joint Task Force-Global Network Operations (JTF-GNO) would handle guarding the Defense Departments networks while Joint Functional Component Command-Network Warfare (JFCC-NW) would be responsible for missions wed think of as offense. Because there was so much overlap between the NSA and the emerging JFCC-NW, the Department of Defense created the dual-hat by making the NSA director (then Hayden) the commander of JFCC-NW. As the threats to the Department of Defense in cyberspace increased throughout the 2000s, Secretary of Defense Robert Gates consolidated JTF-GNO and JFCC-NW under a new U.S. Cyber Command in 2010, but it was still subordinate to U.S. Strategic Command and still dual-hatted with the NSA director. Thats more or less where we find ourselves today.

Since then, U.S. Cyber Command has been charged with three missions: defend the Defense Departments networks and systems, provide offensive support to other commands in the event of a contingency, and defend the nation from a cyber-attack of significant consequence (less than two percent of incidents would qualify as significant).

Advocates of more autonomy and authority for U.S. Cyber Command have often bemoaned its subordinate status to U.S. Strategic Command. The theory is that having to work through Strategic Command slows down operational approval, coordination, or whatever else needs to happen. Based on my experience in the Cyber Policy office of the Office of the Secretary of Defense, I am of the view that a stove-piped Joint Staff had more to do with delays and miscommunication than anything else; nor could I ever find a function Cyber Command might be asked to execute that could only be performed by a full, unified command (like Strategic Command) but not by a sub-unified command (like Cyber Command). We looked at this several times during the last administration: If the secretary of defense wanted the sub-unified command to execute, they could and would. It wasnt a problem, so elevating the command wasnt necessary. So, while I dont think there are any big wins to be had by the recent news about the Trump administration wanting to elevate Cyber Command, I dont think it hurts to do it either. And it might not ultimately be up to the White House: The 2017 NDAA requires the administration to elevate Cyber Command.

Breaking the dual-hatted relationship with the NSA is more complicated. There are very good reasons why JFCC-NW was born with the NSA as its commander, as there is a lot of overlap between the organizations. This overlap is intuitive to those whove worked in the business, but hard to explain in brief here. Ill just quote Hayden on this point: [I]n the cyber domain the technical and operational aspects of defense, espionage, and cyberattack are frankly indistinguishable they are all the same thing. Its obviously more complicated than this, but at a high level, I think this was the rationale.

There were studies undertaken about the implications of breaking the dual-hat before the Snowden affair, but his disclosures forced policymakers to confront the issue head-on. At that time, it was thought that breaking the dual-hat could improve perceptions about privacy and civil liberties at the NSA, but in December 2013 the Obama administration decided to maintain the arrangement. Senior leaders felt it was too soon to separate Cyber Command. Its readiness and resources were growing but insufficient, and it was still too reliant on NSA talent and services for its missions.

Working with the two organizations, I found that the relationship between the two was akin to a mix between hostage-taking and Stockholm syndrome except each organization kept mixing up which was the hostage and which was the hostage-taker. One day, U.S. Cyber Command would demand NSA support due to the latters responsibility as a combat support agency. The next day, the command would cave and say that NSA had other, more important priorities. And NSA too would resist a request from Cyber Command, then embrace it, and then fight it. The overlap and dependence was that tight.

For that reason, among others, I understand the argument about needing to separate Cyber Command from NSA so that the former can pursue its missions (especially to defend the nation and to support other commands) with greater independence from signals intelligence. But theres a risk here that would be dangerous to miss: When Cyber Command needs NSA support, the fact that its the same person in charge of both organization can break what might otherwise be a log-jam. Splitting the dual-hat could result in the NSA isolating itself and refocusing on its own core missions (the collection of signals intelligence and providing information assurance) while minimizing its support to Cyber Command.

Just because there are risks does not mean the Trump administration should leave the current arrangement in place. The question is not whether, but when and how, to break the dual-hat. One priority for the White House and Secretary Mattis will be to have a clear understanding with the new NSA director (who may well be a civilian for the first time) about how he or she sees the relationship with Cyber Command, and then how the administration monitors the relationship to ensure the NSA doesnt abandon Cyber Command outright.

The selection of who will next lead Cyber Command will also be a priority. Someone like the current commander of Army Cyber Command, Lt. Gen. Paul Nakasone, is an ideal candidate: He has years of experience in the cyber effects business, time in the Pentagon and the field, and he understands the roles of civilians, fellow military officers, and senior political types. Another name thats been floated is Lt. Gen. William Mayville, currently the Director of the Joint Staff. His time as the Joint Staffs chief information officer and with Joint Special Operations Command would make him a strong leader for Cyber Command as well.

The good news for the future of the U.S. militarys cyber operations is that, regardless of whether or not Cyber Command is elevated as a unified command or separated from the NSA, Congress has quietly been empowering Cyber Command with greater authorities and independence through legislation. My colleague Charley Snyder and I assessed all the additional powers conferred in the 2017 NDAA over at Lawfare, but Id like to single out the authority related to requirements: Being able to set its own requirements for the conduct of cyber operations, as well as validating the requirements of other defense components, matters more than this bland bureaucratic language might suggest. With the independent acquisition authority Congress gave it in a previous NDAA, Cyber Command can now accelerate acquisition and procurement to keep up with new requirements without the usual deliberations chaired by the Joint Staff. Special Operations Command is the only other military outfit with that kind of freedom, and it makes a big difference.

But the big question will be this: Regardless of these crucial authorities and any new command arrangements, what will Cyber Commands role be in protecting the country from threats like Russian information operations? Maybe its time we get away from using cyber as the description of what needs to be done, and instead think about what an Information Warfare Command would look like. How should the United States wage such a fight, and how should it protect itself? I am pleased the Trump administration is considering organizational changes to support a higher profile for cyber operations, but we really need answers to these bigger policy questions.

Michael Sulmeyer is the Director of the Cyber Security Project at the Harvard Kennedy Schools Belfer Center for Science and International Affairs. He also served in the Office of the Secretary of Defense, Cyber Policy, from 2012-2015. Follow him on Twitter @SultanOfCyber.

Image:Airman 1st Class Christopher Maldonado/Shaw Air Force Base

Originally posted here:
Much Ado About Nothing? Cyber Command and the NSA - War on the Rocks

Report: NSA is currently using Anthropics unreleased Mythos model - Sherwood News - April 23rd, 2026 [April 23rd, 2026]
FBI And NSA Warnings IgnoredNo Fix For Millions Of Phones - Forbes - April 23rd, 2026 [April 23rd, 2026]
NSA Uses AI Mythos Even Though Anthropic is Blacklisted by the Pentagon - VOI.ID - April 23rd, 2026 [April 23rd, 2026]
NSA Running Blacklisted Anthropic AI: Warning for UK Banks - Disruption Banking - April 23rd, 2026 [April 23rd, 2026]
Amritpal Singh Taken into Punjab Police Custody After NSA Detention Ends in Dibrugarh - The Sentinel - of this Land, for its People - April 23rd, 2026 [April 23rd, 2026]
Cybersecurity, Claude Mythos, is Anthropic's model in the hands of the Nsa? - Il Sole 24 ORE - April 23rd, 2026 [April 23rd, 2026]
NSA Doval Meets Top Saudi Leaders, Focus On Security And Energy - The Times of India - April 23rd, 2026 [April 23rd, 2026]
NSA: stereotyping, ethnic profiling can weaken intelligence gathering - The Nation Newspaper - April 7th, 2026 [April 7th, 2026]
Former NSA John Bolton says Pentagon would have told President Trump about Iran closing the Strait of Hormuz beforehand - indica News - April 5th, 2026 [April 5th, 2026]
Trump Thought This Would Be Easier: Former NSA John Bolton Exposes US Presidents Unprepared War Strategy - Republic World - April 5th, 2026 [April 5th, 2026]
Dog owners urged to take responsibility as NSA ramps up sheep worrying campaign - Hexham Courant - April 5th, 2026 [April 5th, 2026]
Dog owners urged to take responsibility as NSA ramps up sheep worrying campaign - The Scottish Farmer - April 5th, 2026 [April 5th, 2026]
'Dhurandhar 2 sets a new benchmark, it's going to be very difficult for anyone to match up': Former deputy NSA of India | Bollywood - Hindustan Times - April 1st, 2026 [April 1st, 2026]
Rethinking the NSA Office beyond security coordination - The Nation Newspaper - April 1st, 2026 [April 1st, 2026]
The $15 Billion Post-Quantum Migration: NIST Standards Are Final, NSA Deadlines Are Set, and Enterprise Cybersecurity Is About to Be Rebuilt from the... - April 1st, 2026 [April 1st, 2026]
NSA kicks off sheep worrying awareness week - Agriland.co.uk - April 1st, 2026 [April 1st, 2026]
Regime change only way to tackle Iran threat, says former US NSA John Bolton - CNBC TV18 - March 30th, 2026 [March 30th, 2026]
The command centre: Why Nigerias NSA must evolve beyond coordination - guardian.ng - March 30th, 2026 [March 30th, 2026]
Former NSA chiefs worry American offensive edge in cybersecurity is slipping - CyberScoop - March 28th, 2026 [March 28th, 2026]
NSA and ASDs ACSC Release Joint Guidance on LEO SATCOM System Risks and Mitigations - National Security Agency (.gov) - March 28th, 2026 [March 28th, 2026]
New NSA director pushes for more intel-sharing with allies in internal meeting - Nextgov/FCW - March 28th, 2026 [March 28th, 2026]
"Trump Is Transactional, Doesn't Think Strategically": Former US NSA - NDTV - March 28th, 2026 [March 28th, 2026]
Former NSA John Bolton urges Trump to cut Irans oil revenue after PM Modi call - The Indian EYE - March 28th, 2026 [March 28th, 2026]
$HAREHOLDER ALERT: The M&A Class Action Firm Is Investigating The MergerULY, NSA, CTRA, and FONR - WBOC TV - March 28th, 2026 [March 28th, 2026]
Rethinking the command centre: Why Nigerias NSA must evolve beyond coordination - The Sun Nigeria - March 28th, 2026 [March 28th, 2026]
Constitutional freedoms cannot be exercised at the cost of human lives: Allahabad HC upholds preventive detention order under NSA - SCC Online - March 28th, 2026 [March 28th, 2026]
Next Generation Shepherd of the Year Competition opens for NSA Scotsheep 2026 - The Scottish Farmer - March 28th, 2026 [March 28th, 2026]
NSA (NSA) explains vesting, prorated FY2026 bonus and severance in merger with Public Storage - Stock Titan - March 20th, 2026 [March 20th, 2026]
Sergio Gor meets NSA Ajit Doval discussing geopolitical issues - The Indian EYE - March 20th, 2026 [March 20th, 2026]
National Storage Investor Alert: Kahn Swick & Foti, LLC Investigates Adequacy of Price and Process in Proposed Sale of National Storage Affiliates... - March 20th, 2026 [March 20th, 2026]
Public Storage to Buy NSA: Is This a Smart Growth Move for Investors? - TradingView - March 20th, 2026 [March 20th, 2026]
Was Russia an IMMINENT THREAT to US?: Rep Scott Perry grills NSA official on Ukraine war - The Economic Times - March 20th, 2026 [March 20th, 2026]
NSA invoked against prime accused Aslam in banned meat supply case - thehitavada.com - March 20th, 2026 [March 20th, 2026]
Watch | Indian Foreign Policy Confused; Were Not as Influential as We Used to Be: Former NSA - TheWire.in - March 20th, 2026 [March 20th, 2026]
Russia Or Iran? Trumps NSA Cornered in Senate Over Military Action in Iran As War Enters 4th Week - Oneindia - March 20th, 2026 [March 20th, 2026]
Need to Evolve The Office of the NSA Beyond Coordination to National Defence Strategy Nerve Centre - THISDAYLIVE - March 20th, 2026 [March 20th, 2026]
Halper Sadeh LLC is Investigating Whether UNF, NSA, ULY, MPX are Obtaining Fair Deals for their ... - Bluefield Daily Telegraph - March 20th, 2026 [March 20th, 2026]
Organized and technological: ICE resistance groups posing growing danger, warns former top NSA, DHS official - Fox News - March 18th, 2026 [March 18th, 2026]
Declassified Report Reveals NSA Broke Surveillance Rules - Project On Government Oversight - March 18th, 2026 [March 18th, 2026]
Gen. Joshua Rudd '93 confirmed as leader of U.S. Cyber Command, NSA; elevated to rank of general - Furman University - March 18th, 2026 [March 18th, 2026]
Public Storage to Buy NSA: Is This a Smart Growth Move for Investors? - Zacks Investment Research - March 18th, 2026 [March 18th, 2026]
National Storage (NSA) Climbs to Record High on $10.5-Billion Acquisition - Yahoo Finance - March 18th, 2026 [March 18th, 2026]
Organized and technological: ICE resistance groups posing growing danger, warns former top NSA, DHS official - WFIN - March 18th, 2026 [March 18th, 2026]
SHAREHOLDER ALERT: The M&A Class Action Firm Announces An Investigation of National Storage Affiliates Trust (NYSE: NSA) - PR Newswire - March 18th, 2026 [March 18th, 2026]
National Storage Affiliates Trust (NYSE:NSA) Rating Increased to Neutral at BNP Paribas Exane - MarketBeat - March 18th, 2026 [March 18th, 2026]
Is National Storage Affiliates Trust (NSA) Share Price Misaligned With Its DCF Estimate Today - Yahoo Finance - March 9th, 2026 [March 9th, 2026]
Interview with 2026 AFI NSA Naples Spouse of the Year, Dannielle Niewald - Stripes Europe - March 9th, 2026 [March 9th, 2026]
Iranian drones strike apartments in city thats home to NSA Bahrain - Stars and Stripes - March 7th, 2026 [March 7th, 2026]
"At this point, US win is going to be pretty elusive," says former US Principal Dy NSA Jon Finer on Iran... - lokmattimes.com - March 7th, 2026 [March 7th, 2026]
"Over next 5-10 years, you are likely to see emergence of new nuclear powers": Former US NSA official Jon... - lokmattimes.com - March 7th, 2026 [March 7th, 2026]
China tends to pursue strategy of staying on good terms with everyone: Former US NSA official Finer - ANI News - March 7th, 2026 [March 7th, 2026]
NSA (NSA) Executive Chair Fischer reports new OP unit awards and LTIP conversions - Stock Titan - March 4th, 2026 [March 4th, 2026]
Cyber retaliation from Iran is a problem for U.S. companies 'It's in the hands of a 19-year-old hacker in a Telegram room,' ex-NSA operative says -... - March 4th, 2026 [March 4th, 2026]
Ajit Doval Indias Most Useless NSA Ever Says Netizens: Zero Intel on Uri, Pulwama, Galwan, Iran War & More - indiaherald.com - March 4th, 2026 [March 4th, 2026]
Sheep Village Cynefin to be launched by RWAS and NSA at the Royal Welsh Show - Shropshire Star - March 4th, 2026 [March 4th, 2026]
Wyden blocks nominee to lead NSA and Cyber Command - Federal News Network - February 27th, 2026 [February 27th, 2026]
Wyden blocks Rudd confirmation to lead Cyber Command, NSA - The Record from Recorded Future News - February 27th, 2026 [February 27th, 2026]
NSA said to have seen security concerns in Grok - breakingthenews.net - February 27th, 2026 [February 27th, 2026]
NSA: Solid Q4 Beat and Favorable 2026 Outlook, But Cost Pressures and High Expectations Justify Hold Rating - TipRanks - February 27th, 2026 [February 27th, 2026]
Videotron and Samsung Expand Partnership Through 5G NSA and 4G LTE Core Gateway Deployment - samsung.com - February 24th, 2026 [February 24th, 2026]
Videotron Taps Samsung for Cloud-Native 5G NSA and LTE Core Gateway Solution - The Fast Mode - February 24th, 2026 [February 24th, 2026]
El-Rufai Demanded to Provide Evidence in NSA Hacking Claims - streamlinefeed.co.ke - February 24th, 2026 [February 24th, 2026]
DSS to arraign El-Rufai on Feb. 25 over alleged NSA phone interception - Businessday NG - February 24th, 2026 [February 24th, 2026]
Securus Technologies Supports Expansion of Sheriff-Led NSA I.G.N.I.T.E. Initiative to Improve Jail Safety and Reentry Outcomes - PR Newswire - February 7th, 2026 [February 7th, 2026]
NSA set to deal with defiant parties, politicians, supporters on integrity of democratic process - ThePointNG - February 7th, 2026 [February 7th, 2026]
Where NSA zero trust guidance aligns with enterprise reality - Help Net Security - February 4th, 2026 [February 4th, 2026]
UNG third in Division 1 of NSA cyber event - University of North Georgia - February 4th, 2026 [February 4th, 2026]
Green Beret Lieutenant General Joshua Rudd Tapped To Lead NSA and US Cyber Command - SOFREP - February 4th, 2026 [February 4th, 2026]
SC Flags Health Concerns, Urges Rethink on Sonam Wangchuks NSA Detention - The Morning Voice - February 4th, 2026 [February 4th, 2026]
What security teams need to know about the NSA's new zero trust guidelines - IT Pro - February 4th, 2026 [February 4th, 2026]
'India won't be bullied': NSA Ajit Doval told Marco Rubio that New Delhi would wait out Trump term for trade deal: Report - theweek.in - February 4th, 2026 [February 4th, 2026]
When Protest becomes a Threat: Inside the Supreme Court hearing on Sonam Wangchuks NSA detention - SabrangIndia - February 4th, 2026 [February 4th, 2026]
If NSA Commits Database Query Violations, But Nobody Audits Them, Do They Really Happen? - emptywheel - February 4th, 2026 [February 4th, 2026]
Army general tapped to lead NSA vows to follow the law if confirmed - Military Times - February 1st, 2026 [February 1st, 2026]
Overturned tractor-trailer shuts portion of Route 32 near NSA - WBAL-TV - February 1st, 2026 [February 1st, 2026]
Nominee to lead NSA backs controversial spying law - Defense One - February 1st, 2026 [February 1st, 2026]
NSA pick champions foreign spying law as nomination advances - The Record from Recorded Future News - February 1st, 2026 [February 1st, 2026]
NSA Releases Phase One and Phase Two of the Zero Trust Implementation Guidelines - National Security Agency (.gov) - February 1st, 2026 [February 1st, 2026]
Army General Tapped to Lead NSA Said He Doesnt Know Much About the Biggest NSA Controversy - The Intercept - February 1st, 2026 [February 1st, 2026]
Trump's pick to lead the NSA vows to follow the law if confirmed - ABC News - February 1st, 2026 [February 1st, 2026]

July 20th, 2017

No comments yet

Comments are closed.

Mediaboss Marketing

Much Ado About Nothing? Cyber Command and the NSA – War on the Rocks

About

Pages

Categories

Media Sites

Recommended Sites

Archives