Today marked several historic events for the Department of Defense. In the course of a couple of hours, three big events happened. The morning began with the promotion of LTG Paul Nakasone pinned on his fourth star. Shortly thereafter, General Nakasone completed his change of command with Admiral Mike Rodgers and became the dual hatted Commander of United States CYBERCOM and the Director of the National Security Agency. Finally CYBERCOM was elevated from its status as a sub-unified command under STRATCOM to a full fledge combatant command equal to the other nine Unified Commands (i.e. CENTCOM and SOUTHCOM).
So what does this mean? First, General Nakasone is a great leader who will do an amazing job leading the newly elevated CYBERCOM into the future. I personally had the honor of working closely with then MG Nakasone when he was the commander of Cyber National Mission Force (CNMF). He is a smart, technical man who grasps details that many flag officers in my experience aren’t able to.
A few weeks ago, Wired.com did a story that quoted several NSA employees who were concerned about Nakasone’s relative “lack” of SIGINT experience relative to cyber. Yes, most of his recent experience has been more to the cyber side of the house vs intelligence, but he still has a fair bit of experience in NSA’s traditional roles. I personally think that he will likely move the balance of power more towards the center as opposed to the NSA side where it has been recently.
With it’s elevation to a unified command, CYBERCOM will now report directly to the Secretary of Defense. This elevation allows it to more easily set national defense priorities and defend American cyber infrastructure (both defense and public/private). Many people wonder if this will also be the point where America becomes more aggressive with its cyber operations. I don’t know, but it should be an interesting ride either way.
The one thing that still hasn’t happened (although many thought it may occur with this transition) is the splitting of the “dual hats”. As I said above, today GEN Nakasone is both the Commander of CYBERCOM as well as the Director of the National Security Agency. Since its very creation, CYBERCOM has been very tightly integrated with the NSA. Part of this has been a matter of convenience, but also much of it was also a necessity due to the NSA having many of the tools and networks that CYBERCOM has needed to operate. While this has improved over the years, CYBERCOM still relies on the NSA for a number of things.
While this would normally not be a problem (both organizations operate on adversary networks so why not?), the two organizations tend to have competing priorities. NSA has the goal of getting onto networks and getting as much intelligence for as long as they can without being seen. CYBERCOM on the other hand is a military command, and like pretty much every other military command, it wants to break the enemy’s shit. Unfortunately when you break something, someone is probably going to notice it which has the protential (likely) to get you kicked off the network. So who win’s that fight? In typical lawyer fashion….it depends.
One day, most people believe, the two organizations will be separated with independent commanders who are able to advocate for their own priorities. Until that happens, General Nakasone will have to balance the priorities of two semi-opposing organizations. Either way, congrats GEN Nakasone, and congrats CYBERCOM.