After a period on the back burner, the issue of separating the National Security Agency and U.S. Cyber Command came up again in front of Congress, where some members expressed a clear opinion: Don’t do it.
“I believe it would be premature to split these organizations in the immediate future,” House Armed Services Subcommittee on Emerging Threats and Capabilities Chairman Rep. Jim Langevin, D-R.I., said in a March 13 hearing.
The two organizations share a single leader — a dual-hat relationship established along with Cyber Command in 2009 to get it up and running quickly through leveraging the rich history, infrastructure and talent possessed within the NSA. Military leaders, however, have typically maintained that this arrangement was always designed to be temporary as the two organizations have fundamentally different missions — espionage and war fighting — which sometimes are at odds.
“Before any significant changes are implemented in the dual-hat arrangement, this Subcommittee expects a robust understanding of how and why it is necessary to split the leadership function of NSA director and CYBERCOM commander,” Langevin said in his opening statement.
Rep. Don Bacon, R-Neb. — who retired as a one-star Air Force general specializing in electronic warfare, intelligence and reconnaissance — expressed his opposition to the split as well.
“It just doesn’t make sense to me from my experience. My view, or at least my recommendation, would lean toward how we have it; I think we have it right,” he said.
“Our cyber teams are a good mix of intelligence and cyber … It seems to me from a cyber perspective it is a symbiotic relationship with NSA; you can’t do the two separate. I’d be a little afraid if you had two four-star generals — one in charge of the intelligence portion, one in charge of the cyber portion. You’d be pulling that team apart in two different directions."
In the 2017 annual defense policy bill, Congress, which has historically always been opposed to a premature split between the two, outlined a number of elements that must be met prior to a split.
Among them, they included a certification that separation won’t pose risks to the military effectiveness of Cyber Command, that both organizations have a robust infrastructure for their unique mission needs, a certification of robust command-and-control systems for planning, deconflicting and executing cyber operations, certification that tools and weapons used for operations are sufficient for achieving required effects and that the cyber mission force achieves full operational capability.
The cyber mission force achieved full operational capability in May. Cyber Command is currently working to develop DoD-specific cyber tools and infrastructure separate from that used by the NSA for foreign espionage.
In terms of where the military is on this issue, Cyber Command Commander Gen. Paul Nakasone delivered an assessment to the secretary of defense and the chairman of the Joint Chiefs of Staff in August on the matter.
The decision now rests with the secretary of defense and the president.
Press reporting has indicated Nakasone recommended the two not split until 2020. When asked about this during the hearing, Nakasone said the reporting is not accurate. He declined to offer more details, telling the congressional panel that the assessment was classified and it would be best to discuss in the closed session that followed the open hearing.
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.