U.S. Cyber Command shares its leader with the National Security Agency and for the last decade the former has relied on the latter’s infrastructure and talent to help get up and running.
The two organizations have fundamentally different missions, which sometimes are at odds, but the relationship was always thought to be temporary and observers have long wondered when the two agencies may go their own way.
Gen. Paul Nakasone, who heads both organizations, delivered his assessment on a split to the chairman of the Joint Chiefs of Staff and secretary of defense in August. In congressional testimony in March, he said the assessment remains classified and has declined to say publicly which way he leans. The decision whether to keep the two organizations so closely knit remains with the Secretary of Defense and president.
“No decision has been made on whether to terminate the dual-hat leadership arrangement in which the Director of the National Security Agency also serves as the Commander, U.S. Cyber Command,” Elissa Smith, Department of Defense spokeswoman, wrote to Fifth Domain in an email. “The department will address whether to terminate this dual-hat leadership arrangement at a later date. The department, in coordination with the Director of National Intelligence, is working on providing the president a recommendation regarding the future of the dual-hat leadership arrangement.”
But during a May 7 media day, top U.S. Cyber Command officials repeatedly discussed what NSA brings to the relationship, providing insights into how the two organizations continue to work together.
“Here at U.S. Cyber Command, the National Security Agency is our most important partner,” David Luber, executive director of Cyber Command, and himself an NSA senior executive assigned to the command, told reporters at Fort Meade. “The strength of the relationship will remain critical to the defense of the nation. NSA has world class expertise, technical capabilities and access that are crucial to the United States Cyber Command’s success.”
Luber added that this “mutually beneficial” relationship was apparent in the speed and agility in joint operations to protect against foreign online interference in the 2018 midterm elections.
Other officials spoke to the benefit of having one person lead both agencies.
The operations in the midterm elections re-validated the importance of “the unity of command that we have with one commander at the top of both of those organizations [and] allowed us to execute with speed and agility and precision,” Maj. Gen. Charles Moore, director of operations at Cyber Command told reporters.
A single leader has been one of the central arguments presented for keeping the dual-hat intact. If there are questions about whether to use a hacking tool at the cost of giving up intelligence access in a network, or vice versa, known as intelligence gain/loss, Nakasone makes that call.
Otherwise, conflicts between the two organizations would have to be elevated to a higher level, likely the secretary of defense and director of national intelligence, slowing down operations.
The counter argument is that depending on the background of the commander/director, they may heavily favor one side or the other. For example, a leader with an intelligence background may favor restraint from a cyber operations perspective as to maintain intelligence collection channels remain open.
Moore explained that during the midterm election operations against Russia, the two organizations proved they could achieve necessary outcomes while using and protecting the sensitivity of the most sensitive accesses.
There has, however, been a fear that given the heavily reliance on NSA tradecraft, infrastructure, staff and space, that Cyber Command has developed a paralyzing dependence on the agency.
“[B]y borrowing from NSA’s procedures and culture, Cyber Command has steadily become more risk-averse than befits an organization dedicated to offensive operations and imposing costs on adversaries,” Andrew Schoka, an active duty Army cyber operations officer assigned to Cyber Command, wrote in April on the blog War on the Rocks. “For Cyber Command to more effectively accomplish its mission, it should be separated from NSA sooner than planned. This will allow the command to better pursue the nation’s military objectives in cyberspace, including deterring potential adversaries from threatening critical national infrastructure.”
Top Cyber Command officials told reporters that the partnership helps lead to gathering more intelligence for future operations and helps make the nation more secure.
“The partnership between NSA and Cyber Command to gain insights into adversary activity and share that across the executive branch and then be able to pass that to stakeholders and industry through our domestic partners … [is something] we’re really proud of,” Maj. Gen. Timothy Haugh, commander of the Cyber National Mission Force, said.
Moore also noted that operations are driven by intelligence.
“When we conduct those operations, we gain more intelligence, which feeds back into the system, which allows us to refine our operations,” he said. “That cycle is very, very important.”
Current and former officials have always been clear that even in the event the dual-hat relationship ends, the two organizations will remain inextricably linked given the intelligence support NSA is poised to provide. But that doesn’t mean the command won’t have to be wholly reliant on the agency.
“Cyber Command … as it matures and develops its own access … has to get to the point where it can conduct independent operations without having to rely on [NSA]. That will come over time,” Lt. Gen. Vincent Stewart said at a November 2018 conference. In April, Stewart retired as Cyber Command’s deputy director. “Reminder to everybody, we’re only about 8 years old. We just finished [building the force] and are now thinking our way through how do you put steel on target in this space.”
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.