Written byChris Bing
President Donald Trump announced Friday that U.S. Cyber Command will be elevated to a unified combatant command, making it the 10th such organization with the operational authority to conduct military operations abroad under the purview of the secretary of Defense and the White House.
Trump’s decision to elevate Cyber Command now requires that Secretary of Defense James Mattis conduct a review to determine whether Cyber Command should be separated from its Fort Meade neighbor and partner organization, the National Security Agency. Cyber Command is currently led by NSA Director Adm. Mike Rogers. While in that dual-hat role as the leader of both forces, he has consistently advocated for the elevation of Cyber Command.
There’s bipartisan support on Capitol Hill to provide Cyber Command with greater operational authority and additional resources, but the question of whether the organization should be divided from NSA remains more difficult for Congress to answer. Until now, the Maryland-based sub-unified combatant command has relied heavily on the NSA’s talent, capabilities, resources and expertise to conduct cyberwarfare missions.
Although Cyber Command has matured significantly since its founding in 2009, a full separation presents some immediate challenges, including a change in leadership. Combatant commands are typically headed by a four-star general or admiral recommended by the Defense secretary, nominated for appointment by the president and confirmed by the Senate.
Prior to Friday’s announcement, Cyber Command operated under the guidance of U.S. Strategic Command. The news prompts an immediate shift in Cyber Command’s authority to conduct missions; as it now operates directly through the Pentagon and White House for approval.
Mattis’ aforementioned review process was originally mandated by a provision in last year’s National Defense Authorization Act (NDAA). Congress stipulated that before separation could happen, the acting Secretary of Defense and chairman of the Joint Chiefs of Staff had to jointly certify the ending of the dual-hat arrangement between NSA and Cyber Command. In short, this made it so that the White House could not independently push for change without the blessings of the Defense Department and Congress.
The NDAA effectively called on the Pentagon to assess Cyber Command’s dependence on NSA and evaluate the organization’s ability to carry out its roles and responsibilities if separation were to occur. One of the specific conditions set by the NDAA before separation was that all of Cyber Command’s “cyber mission teams” should reach full operational capability. In June, 70 percent of the force’s teams were designated as “fully operational capable.” At the moment, the remaining 30 percent of the force is not expected to be fully trained and integrated until September 2018, CyberScoop previously reported.
Cyber Command is responsible for three overlapping missions: to defend the Defense Department’s networks and IT systems, provide strategic support to other commands, and defend the nation from cyberattacks of “significant consequence.” In offering support to other military outfits, Cyber Command will launch offensive cyber operations, which can include disrupting an adversaries’ networks or digital tools.
Senate Armed Service Committee Chairman Sen. John McCain, R-Ariz., said in a statement he supported Trump’s decision to elevate Cyber Command, but also cautioned that significant work remains.
“There is much more to be done to prepare our nation and our military to meet our cybersecurity challenges. We must develop a clear policy and strategy for deterring and responding to cyber threats,” McCain said in a statement. ” While Cyber Command and the National Security Agency should eventually be able to operate independent of one another, the administration must work closely with the Congress to take the necessary steps that will make this separation of responsibilities successful, and to ensure that each agency will emerge more effective and more capable as a result.”