“After months of delay, the Trump administration is finalizing plans to revamp the nation's military command for defensive and offensive cyber operations in hopes of intensifying America's ability to wage cyberwar against the Islamic State group and other foes, according to U.S. officials. Under the plans, U.S. Cyber Command would eventually be split off from the intelligence-focused NSA.
Details are still being worked out, but officials say they expect a decision and announcement in the coming weeks. The officials weren't authorized to speak publicly on the matter so requested anonymity.
The goal, they said, is to give U.S. Cyber Command more autonomy, freeing it from any constraints that stem from working alongside the NSA, which is responsible for monitoring and collecting telephone, internet and other intelligence data from around the world — a responsibility that can sometimes clash with military operations against enemy forces.
Making cyber an independent military command will put the fight in digital space on the same footing as more traditional realms of battle on land, in the air, at sea and in space. The move reflects the escalating threat of cyberattacks and intrusions from other nation states, terrorist groups and hackers, and comes as the U.S. faces ever-widening fears about Russian hacking following Moscow's efforts to meddle in the 2016 American election.” (AP News)
This is a change that has been talked about for years and put into motion at the end of the Obama administration. I pointed it out last November. It looks like it will definitely happen. I learned today that Congress had enshrined the break up in the FY 2017 National Defense Authorization Act (NDAA) signed into law by Obama on 23 Dec 2016. Most significant in the elevation of CYBERCOM into a unified combatant command is a number of new authorities granted that are similar to those exercised by Special Operations Command including an acquisition arm. In effect many of the functions now exercised by the Services will pass to CYBERCOM. Although the ending of the dual-hatted command relationship of NSA and CYBERCOM is still a point of contention in Congress, I do not see how that could continue.
Congress also empowered the Principal Cyber Advisor (PCA) to the SecDef “with the authority, direction and control over most of Cyber Command’s new activities.” This is a major enhancement of the PCA which was established in 2014, but filled on an ad hoc basis. The new PCA will be in a position similar to the Assistant Secretary for Special Operations and Low Intensity Conflict.
One thing that is not clear to me, and I gather is not clear to CYBERCOM or the USG, is if this new organization and new authorities will bring a new mission emphasis to the command. From the earliest days of Joint Task Force – Computer Network Defense (JTF-CND), the mission was to defend the GIG, the global information grid or DOD information network. It was never to defend the country’s information network. That fell to the FBI, later the DHS and mostly to those in private industry who built, control and defend the infrastructure of our information network. CYBERCOM is tasked to work through the geographical combatant commands. That’s clear for the overseas geographical commands. But does CYBERCOM work with NORTHCOM “to conduct Homeland Defense” and “to defend, protect, and secure the United States and its interests” as specified in the NORTHCOM mission? I’m certain our DOD would “fight them on the beaches” and in the streets, the fields and the hills if we were physically invaded. Will CYBERCOM fight them in the data centers, fight them in the networks and fight them in the home-based routers to defend our country from a serious cyber attack? If CYBERCOM is called upon to defend the homeland in our data centers and our networks, under what conditions and at what point does that defense kick in?
I’ve often railed against pervasive NSA and FBI electronic surveillance of US citizens. I still find this pervasive mass surveillance abhorrent and want to see it curtailed. I've provided links to a few of my pieces on this to show just how seriously I view the matter. In spite of this, I think CYBERCOM should be prepared to fight in the data centers and in the networks and not just against some once in a lifetime existential cyber attack. This will require clear policies and procedures to be enunciated at the NCA level and accepted by the American public. It will also require a new relationship, not only among CYBERCOM, FBI and DHS, but also with private industry. It’s a tall order.