Defense

Time for a NSA-Cybercom split? That's classified.

NSA ft meade sign official nsa photo 

Cyber Command and the National Security Agency have been joined at the hip since the command's founding in 2009. When Cyber Command was elevated to an independent combatant command in 2017, President Donald Trump included an instruction that the Secretary of Defense make recommendations "regarding the future command relationship" between Cyber Command and NSA.

That's a reference to the long-standing "dual-hat" arrangement -- with a single general or flag officer serving as both NSA director and CyberCom commander.

Rep. Jim Langevin (D-R.I.), who chairs the House Armed Services subcommittee on Intelligence, Emerging Threats and Capabilities, cautioned against a breakup of the current command structure in a March 13 hearing.

"Before any significant changes are implemented for the dual-hat arrangement, this subcommittee expects a robust understanding of how and why it is necessary to split the leadership function of NSA director and CyberCom director," Langevin said.

Gen. Paul Nakasone, the official currently wearing the two hats as NSA director and chief of CyberCom, said that his opinion on a possible split is at the moment classified, but he disputed a recent press report suggesting he was backing a split as soon as 2020.

A March 6 article in Defense One said that in August 2018, Nakasone recommended to then-Secretary of Defense Jim Mattis that the dual-hat arrangement for leadership of NSA and Cyber Command be split next year. Nakasone disputed the veracity of the article in his testimony, but declined to publicly elaborate further on his objections to the article or his recommendation to the Department of Defense on the dual-hat arrangement, saying he could respond in a non-public setting.

"I did raise this issue with Gen. Nakasone in the closed session and was satisfied with his response," Langevin told FCW in a statement.

While there is significant cooperation and overlap in mission between the two entities, the NSA's main areas of focus are collecting foreign intelligence and defending U.S. networks. According to comments made by NSA senior advisor Rob Joyce last month on the information security podcast Risky Business, only Cyber Command has authority under Title 10 of U.S. law to conduct offensive cyber operations, although NSA staff is often able to play a support role on such operations.

An August 2017 report from the Government Accountability Office noted that there were benefits and disadvantages to the dual-hat arrangement. On the plus side, GAO said, the arrangement promotes efficient use of resources, faster decision-making and better collaboration between the two entities. The downsides include risks that Cyber Command operations could expose NSA tools, the joint leadership job is too demanding for a single person to manage both organizations effectively and the chance that CyberCom's signals intelligence and information warfare needs will monopolize NSA resources at the expense of other combatant commands.

At the hearing, Langevin expressed skepticism that a split next year would be wise, arguing that Cyber Command is a maturing organization and that the dual-hat leadership structure enables "better synchronization of cyberspace operations and permits proper consideration of the intelligence and military objectives in the domain."

In the past, Nakasone has expressed the view that the two organizations should continue working closely together regardless of whether a split takes place.

"So, whether or not it's one person or two people, that partnership ... is the most important thing we should think about," Nakasone said at a conference in June 2018.

NSA and Cyber Command have not responded to requests for further detail on Nakasone's objections to reports of his stance on ending the dual-hat arrangement.

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at djohnson@fcw.com, or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.