For months it has been an entertaining parlor game in the nation’s
capital: guessing what will happen next with U.S. Cyber Command, the
military organization designed to defend the country’s networks and
attack its adversaries. The topic will increasingly be in the spotlight
as the head of that command, General Keith Alexander, is also the
director of the National Security Agency, which is beset by revelations [3] of cyber snooping—possibly a damaging link if the crisis does not blow over.
Cyber Command is only a few years old, but the history of its predecessors [4] helps give clues to what is to come. For fifteen years, the military has tried to integrate or “normalize” cyber, but the meaning of normal and how to achieve that has shifted several times.
The U.S. military began to organize around cyber and information warfare just after the first Gulf War of 1991. The Air Force Information Warfare Center was launched in 1993 and the other services followed soon after. Offense and defense operations were combined in the operational 609th Information Warfare Squadron in 1995. These units, however, were all single-service and generally could not direct cyber defenses, only making suggestions with little Pentagon control.
To “normalize” cyber, in 1998 the Pentagon created the real predecessor to U.S. Cyber Command, the twenty-four-person Joint Task Force–Computer Network Defense (JTF-CND) to be in charge. Two years after it was stood up, the unit was given responsibilities for offense as well as defense, as one of the perceived lessons of the past was that the same commander should handle both.
However, this lesson proved to be transient, as offense and defense were split apart in 2004, with the National Security Agency getting the offensive mission and the Defense Information Systems Agency getting defense, since it seemed more “normal” to have the main military IT organization also defend all the IT. But that solution itself only lasted a few years, when to be more “normal” the missions were recombined into the new U.S. Cyber Command, whose commander was also the director of the NSA. Since NSA had so much cyber capability, it seemed natural to have the same four-star officer run both cyber and signals intelligence; the revelations of cyber spying might just break that connection if it appears having cyber warfighting responsibilities distracted General Alexander from his NSA job.
This history helps inform the debate about what should happen next with U.S. Cyber Command. There are a few leading options:
Splitting NSA and Cyber Command: This had already been a leading option, even before the recent leaks. General Alexander had planned to retire [5] in early 2014, but it is possible he won’t last that long, now that President Obama has had to publicly discuss programs that the General’s organization was supposed to keep secret. This option of splitting the command is probably the most likely, as the president would understandably want a director of NSA able to work it as a full-time job, rather than sharing time with the sexier offensive missions of Cyber Command.
This division [6] of roles would return to the command relationship of 2004, with a three-star NSA director from intelligence reporting and a four-star general from a more traditional warfighting background.
Combatant Command: Cyberspace may be so different from the other domains of air, land, sea and space that it makes little sense for U.S. Cyber Command to be subordinate as a subunified command to U.S. Strategic Command. Cyberspace and operations there transcend geographic regions, domains and the normal spectrum of conflict. Thus, an elevation to its own unified command [7] is justified. This option makes sense if cyber is indeed important but unlikely to be a truly new domain.
In one sense, this is just the next step of a natural progression since 1998 of ever-larger commands with higher-ranking generals in charge. But proponents of creating a new command should be wary of the precedent set by U.S. Space Command. Created in 1985 when space was the domain of the future, it only lasted until 2002, since it turns out that space isn’t all that different or critical. In the rush to claim that the domain was different, the space community potentially overreached and their command is mostly forgotten today. Yet this remains a likely path for cyber.
Special Operations: Another argument [8] is that cyber is so special it can’t ever be normal. After all, the geeks who dominate cyber often don’t excel in (or necessarily even need) traditional soldiering discipline, fitness or skills. In this option, U.S. Cyber Command should not belong to U.S. Strategic Command but rather should be under U.S. Special Operations Command. This option makes sense if cyber conflicts in the future are predominantly shadowy irregular conflicts and the Pentagon wants to emphasize this aspect above all others.
Even though the covert actions and proxy/irregular cyber conflicts are indeed increasingly prevalent, the special-operations model ignores the bulk of what happens in cyberspace, the day-to-day grunt work of cyber defense and network management. This does not require any particularly special expertise, just patience and attention to detail over time, which is one reason why this is not a likely option.
New Cyber Service: If cyber truly is important and a new domain of warfighting, then perhaps the most normal option is not to elevate or reassign a command but create an entirely new service. After all, the land, sea and air domains each have a respective service. This new Department of Cyberspace would then parcel cyber forces to the combatant commands and provide common cyber services to all, especially for technologies like long-haul networks.
This is the least likely option as it is too bold and not necessarily warranted by the current circumstances. The space domain again provides the example: there are consistent and periodic [9] [10]calls [10] for it to have a separate service [11], yet the military seems fine without a space command, much less a separate service. Moreover, with the problems faced by NSA, there may be retrenchment as the Washington takes a less aggressive posture.
Status Quo: It is entirely reasonable if the national military leadership decides to keep the present arrangements. But with NSA in such trouble, this is increasingly unlikely.
The final decision may depend on the personalities of the generals and admirals available for command, the legacy of General Alexander, and above all, cost. Regardless of which is the smarter option in the long term, the overwhelming pressure of operating during the sequester suggests that the cheapest options—the status quo or splitting NSA and Cyber Command—are the most likely.
Cheap has another advantage: cheap is simple. Each redrawing of command lines has meant more distraction from actually solving the underlying cyber problems, which have been remained similar for decades.
Regardless of the final decision on U.S. Cyber Command, it will only be one more step—and by no means the last—as the U.S. military seeks to keep pace with conflict in cyberspace.
Jason Healey is the director of the Cyber Statecraft Initiative at the Atlantic Council
http://nationalinterest.org/print/commentary/the-future-us-cyber-command-8688
Cyber Command is only a few years old, but the history of its predecessors [4] helps give clues to what is to come. For fifteen years, the military has tried to integrate or “normalize” cyber, but the meaning of normal and how to achieve that has shifted several times.
The U.S. military began to organize around cyber and information warfare just after the first Gulf War of 1991. The Air Force Information Warfare Center was launched in 1993 and the other services followed soon after. Offense and defense operations were combined in the operational 609th Information Warfare Squadron in 1995. These units, however, were all single-service and generally could not direct cyber defenses, only making suggestions with little Pentagon control.
To “normalize” cyber, in 1998 the Pentagon created the real predecessor to U.S. Cyber Command, the twenty-four-person Joint Task Force–Computer Network Defense (JTF-CND) to be in charge. Two years after it was stood up, the unit was given responsibilities for offense as well as defense, as one of the perceived lessons of the past was that the same commander should handle both.
However, this lesson proved to be transient, as offense and defense were split apart in 2004, with the National Security Agency getting the offensive mission and the Defense Information Systems Agency getting defense, since it seemed more “normal” to have the main military IT organization also defend all the IT. But that solution itself only lasted a few years, when to be more “normal” the missions were recombined into the new U.S. Cyber Command, whose commander was also the director of the NSA. Since NSA had so much cyber capability, it seemed natural to have the same four-star officer run both cyber and signals intelligence; the revelations of cyber spying might just break that connection if it appears having cyber warfighting responsibilities distracted General Alexander from his NSA job.
This history helps inform the debate about what should happen next with U.S. Cyber Command. There are a few leading options:
Splitting NSA and Cyber Command: This had already been a leading option, even before the recent leaks. General Alexander had planned to retire [5] in early 2014, but it is possible he won’t last that long, now that President Obama has had to publicly discuss programs that the General’s organization was supposed to keep secret. This option of splitting the command is probably the most likely, as the president would understandably want a director of NSA able to work it as a full-time job, rather than sharing time with the sexier offensive missions of Cyber Command.
This division [6] of roles would return to the command relationship of 2004, with a three-star NSA director from intelligence reporting and a four-star general from a more traditional warfighting background.
Combatant Command: Cyberspace may be so different from the other domains of air, land, sea and space that it makes little sense for U.S. Cyber Command to be subordinate as a subunified command to U.S. Strategic Command. Cyberspace and operations there transcend geographic regions, domains and the normal spectrum of conflict. Thus, an elevation to its own unified command [7] is justified. This option makes sense if cyber is indeed important but unlikely to be a truly new domain.
In one sense, this is just the next step of a natural progression since 1998 of ever-larger commands with higher-ranking generals in charge. But proponents of creating a new command should be wary of the precedent set by U.S. Space Command. Created in 1985 when space was the domain of the future, it only lasted until 2002, since it turns out that space isn’t all that different or critical. In the rush to claim that the domain was different, the space community potentially overreached and their command is mostly forgotten today. Yet this remains a likely path for cyber.
Special Operations: Another argument [8] is that cyber is so special it can’t ever be normal. After all, the geeks who dominate cyber often don’t excel in (or necessarily even need) traditional soldiering discipline, fitness or skills. In this option, U.S. Cyber Command should not belong to U.S. Strategic Command but rather should be under U.S. Special Operations Command. This option makes sense if cyber conflicts in the future are predominantly shadowy irregular conflicts and the Pentagon wants to emphasize this aspect above all others.
Even though the covert actions and proxy/irregular cyber conflicts are indeed increasingly prevalent, the special-operations model ignores the bulk of what happens in cyberspace, the day-to-day grunt work of cyber defense and network management. This does not require any particularly special expertise, just patience and attention to detail over time, which is one reason why this is not a likely option.
New Cyber Service: If cyber truly is important and a new domain of warfighting, then perhaps the most normal option is not to elevate or reassign a command but create an entirely new service. After all, the land, sea and air domains each have a respective service. This new Department of Cyberspace would then parcel cyber forces to the combatant commands and provide common cyber services to all, especially for technologies like long-haul networks.
This is the least likely option as it is too bold and not necessarily warranted by the current circumstances. The space domain again provides the example: there are consistent and periodic [9] [10]calls [10] for it to have a separate service [11], yet the military seems fine without a space command, much less a separate service. Moreover, with the problems faced by NSA, there may be retrenchment as the Washington takes a less aggressive posture.
Status Quo: It is entirely reasonable if the national military leadership decides to keep the present arrangements. But with NSA in such trouble, this is increasingly unlikely.
The final decision may depend on the personalities of the generals and admirals available for command, the legacy of General Alexander, and above all, cost. Regardless of which is the smarter option in the long term, the overwhelming pressure of operating during the sequester suggests that the cheapest options—the status quo or splitting NSA and Cyber Command—are the most likely.
Cheap has another advantage: cheap is simple. Each redrawing of command lines has meant more distraction from actually solving the underlying cyber problems, which have been remained similar for decades.
Regardless of the final decision on U.S. Cyber Command, it will only be one more step—and by no means the last—as the U.S. military seeks to keep pace with conflict in cyberspace.
Jason Healey is the director of the Cyber Statecraft Initiative at the Atlantic Council
http://nationalinterest.org/print/commentary/the-future-us-cyber-command-8688