CYBERCOM and NSA leadership needs to evolve and that may mean a leadership split

President Donald Trump already announced that U.S. Cyber Command will split off from the National Security Agency and become a full-fledged combatant command, but the matter of leadership is still to be determined.

CYBERCOM and NSA share a leader, which can be a small head for two very big hats. Tuesday the dual leader of CYBERCOM and NSA weighed in on if two separate people should run the two organizations.

Kind of.

NSA and CYBERCOM chief Adm. Mike Rogers stopped short of making an endorsement, but he seemed open to the idea of cutting his position in half.

Advertisement

“We have got to be open to the idea that we are continually evolving in this [cyber] construct. Look how fast it’s gone in literally just over 10 years. We went from a functional component aligned against a combatant command … to now let’s go to a combatant commander. I think now the next question in this evolution is ‘Does that alignment still make sense as we’ve evolved a very traditional operational force?’” Rogers said, during a speech at an Air Force Association Conference. “I am blown away by the rate of change.”

Rogers’ predecessor, Michael Hayden, who is now principal at the Chertoff Group, was more outspoken about his feelings on a possible leadership split.

“This is an absolute inevitability. To me the easy step was the elevation. A little more controversial, but I think still the necessary step is the breaking of the linkage between the person of the [CYBERCOM] commander and the person of the [NSA] director,” Hayden said. “The current structure is overburdening for one organization and the training wheels are getting in the way of the other organization getting up to actual speed.”

What Hayden means by training wheels is when CYBERCOM was set up, it was added to NSA because NSA had the infrastructure, manpower and expertise needed to grow CYBERCOM.

Now it’s time for CYBERCOM to go out on its own completely, Hayden said.

CYBERCOM was granted authority to become a full combatant command in the 2017 defense authorization act. Before that it was a subcommand under U.S. Strategic Command.

Trump formally signed off on CYBERCOM’s elevation on Aug. 15.

That order called for a recommendation from the Defense Secretary on what should be done about the leadership issue.

“We are working our way through that right now. It’s an ongoing process, so I just say let us go through that process,” Rogers said.

In and of itself, the actual elevation of CYBERCOM does little to increase the command’s authority or operational posture, but it is a recognition of how far the command has come in the last eight years, said Bill Leigher, a retired Navy rear admiral who served as the deputy commander of that service’s Fleet Cyber Command starting in 2009, when CYBERCOM and its military service components were first beginning.

“It’s largely symbolic, but it’s also really important. For me, this says that Cyber Command is coming of age,” Leigher said in an interview for Federal News Radio’s On DoD. “If you go back to the beginning, it had to depend on its relationship with the National Security Agency and it’s always been tethered to some other entity. Now that you see these tethers loosening, it’s a sign that they’re maturing, they’re being effective, and they’re ready to have a direct relationship with other combatant commands.”

Leigher, who is now an executive at Raytheon, said the initial creation of CYBERCOM was a major step in and of itself: It allowed the military components’ own newly-created cyber commands to stop operating in what he termed a “loose confederation” and begin behaving as a cohesive organization with common training and doctrine, much like the military’s other joint organizations.