President Barack Obama’s top cybersecurity adviser is leaving the door open for major changes to occur at U.S. Cyber Command before November’s presidential election.
“As the cyber threat landscape has evolved, we have continued to review whether keeping the NSA Director and the Commander of [U.S.] Cyber Command together as one, dual-hatted position is the most effective structure approach,” Michael Daniel, White House cybersecurity coordinator, tells FedScoop.
Daniel’s remarks come after a Reuters report last week suggesting the Obama administration is reviewing a plan to elevate the status of the Pentagon’s Cyber Command. Such a move would effectively detach the organization from the NSA’s purview and give it greater autonomy and operational authority to conduct missions.
As a unified combatant command, Cyber Command would hold powers equal to U.S. Strategic Command, but be solely focused on cyber-related missions. If upgraded, an independent Cyber Command would likely no longer be led by current NSA Director Michael Rogers. Instead, a new military commander would be installed at the top, Reuters reported.
Notably, the reported plan would be pursued from within the executive branch, rather than through an amendment proposed in the National Defense Authorization Act that remains stalled in Congress.
“We are constantly reviewing if we have the appropriate organizational structures in place to counter evolving threats, in cyberspace or elsewhere,” Daniel said.
When House lawmakers introduced a proposed amendment to elevate Cyber Command within the 2017 NDAA earlier this year, the move was subsequently criticized by the White House, claiming that authority to establish unified combatant command rests in the executive branch.
Another bipartisan group of Senators — which included participation from members like Steve Daines, R-Mont., and Mark Warner, D-Va. — also advocated for Cyber Command’s status upgrade through a similar amendment to the Senate’s version of the NDAA.
“I have yet to hear from the [Obama] administration about how they will implement the Cyber Command change and what, if any, impact it will have on its relationship to NSA, which is a consideration,” Warner, a vocal supporter of Cyber Command, wrote in an email to FedScoop.
If the White House were to write an executive order that would eventually upgrade Cyber Command’s status, the decision will likely be made public later this month, as far away from a looming presidential election as possible, said Jamie Barnett, a former Deputy Commander for the Navy Expeditionary Combat Command.
When — not if — Cyber Command becomes its own shop, the organization’s structural transition will be gradual, said Barnett, who now serves as a partner in the cybersecurity practice of Venable, a D.C.-based law firm. Instead of a stark and immediate division, Cyber Command will more than likely continue to cooperate closely with the NSA.
“The two will still be located in the same building and I think you’ll continue to see this so-called dual hat status for a number of employees,” Barnett told FedScoop. “With that being said, they’ll need to figure out clear, official lines of authority.”
People within U.S. Cyber Command have long expected the organization to be elevated and many see Rogers’ end of tenure as the immovable deadline for said shift, according to Chris Cleary, a former senior U.S. Cyber Command planner who remains engaged with the organization as a contractor.
“No one [at Cyber Command] is surprised by the [Reuters report],” said Cleary, now a director of business development for Tenable Network Security. “The people I talk to agree it would be a positive step forward and one that this administration should execute.”
If Cyber Command’s status is indeed elevated, it could see increased funding and staffing resources as part of a five-year, $35 billion planned cyber spending spree announced by Defense Secretary Ash Carter in April.