OPINION — Recent news of another audacious hack against the US critical infrastructure and interests overseas—this time from the Chinese-based “Volt Typhoon” group-underscores the ongoing challenge from nation-states in the cybersecurity realm. This latest operation fits the pattern of cyber operations designed to collect intelligence via digital reconnaissance and extract key information and lay the groundwork for more destructive computer code that could possibly impair operational technology systems that control critical infrastructure. Russia in particular has demonstrated that capability in years past against Ukraine, and during the current conflict has engaged in multiple attempts to achieve those objectives, albeit perhaps not as successfully as designed.
Since cyber operations against the United States will most certainly persist in the coming years, now is the time to rethink a key element of the current US cybersecurity framework—the combined leadership of the National Security Agency (NSA) and US Cyber Command (CYBERCOM). This is especially critical as the Biden administration has nominated a new CYBERCOM chief to replace General Paul Nakasone, the outgoing one.
NSA is dual purposed as combat support agency within the Department of Defense, but also operates uniquely as the nation’s leading signals intelligence collection and analysis agency within the broader US intelligence community. It operates on both sides of the Title 10/Title 50 divide as a result, but most of its workforce are civilians and are not uniformed military personnel. Conversely, CYBERCOM has matured over the past several years since its formal inception in 2018 and operates as its own combatant command—like geographic commands like US Central Command (CENTCOM). It also trains, funds, and organizes the National Cyber Mission Force, comprised of the military personnel from the individual service elements who carry out cyber operations if so directed.
Looking for a way to get ahead of the week in cyber and tech? Sign up for the Cyber Initiatives Group Sunday newsletter to quickly get up to speed on the biggest cyber and tech headlines and be ready for the week ahead. Sign up today.
While there continues to be significant symmetry in the missions and requirements between both NSA and CYBERCOM in the cybersecurity domain, at this point in both organizations’ history and evolution now is the time to come up with the plan to split the two, which will allow them to build on existing strengths in intelligence collection and military operations respectively but capitalize on new opportunities. In addition, it will allow leaders of each organization to focus on aligning the unique cultures and authorities of each in the civilian and military realms, respectively. It will be very difficult for a single person—even as uniquely talented and qualified as dual-hatted chiefs have been—to oversee both organizations effectively.
Parallels exist in the national security domain like that which occurred in the aftermath of 9/11 and the creation of the Office of the Director of National Intelligence, a position which supplanted the pre-9/11 model with the CIA Director was also dual-hatted as the Director of Central Intelligence. History proved that CIA Directors had little bandwith to serve in that DCI capacity effectively over the rest of the US intelligence community organizations. While there are likewise many critics of the creation of the ODNI and DNI position in the aftermath, at the same time the DNI position maintains a strategic level purview of US intelligence with respect to budgets, resources, and capabilities that the former CIA Director as DCI could not.
Any such plan to split the two organizations will entail careful consultation with Congress, the White House, the Defense Department, and individual service elements to make sure no damage is done to the ongoing capabilities of both NSA and CYBERCOM to carry out their respective missions. At the same time, maintaining the “status quo” approach that has persisted over many years now seems like a missed opportunity with a new CYBERCOM nominee up for Senate confirmation. But more importantly, because of the US focus on threats from Russia, China, and other nation-states in cyberspace as outlined in the administration’s recently released cybersecurity strategy, and the consequences of these operations on our national security.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.
Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief
