Why keep Cybercom and the NSA’s dual-hat arrangement?


The dual-hat arrangement, where one person leads both the National Security Agency (NSA) and U.S. Cyber Command (Cybercom), has been in place since Cybercom’s creation in 2010. What was once touted as temporary 13 years ago now seems established.

Will the dual-hat arrangement continue? Should it? Experts have discussed the pros and cons of both viewpoints for years. It remains in place for now, but is that likely to change in the future? That remains to be seen, and points of view shift based on the political and geopolitical landscape, as well as the rise and fall of cyber threats.

Who supports the arrangement

Those inside the NSA and Cybercom, as well as key lawmakers, favor keeping the dual-hat leadership. DefenseScoop notes that the initial leadership agreement made sense. Both organizations are inside the same Fort Meade, Maryland, location. At its birth, Cybercom required NSA personnel, experience and infrastructure to grow. The assumption was that Cybercom would eventually grow large and powerful enough to stand alone and justify having its own separate leadership structure.

In practice, however, the dual role enabled faster decision-making, which can be crucial in defeating cyber threats. Rep. Jim Langevin, current chair of the House Armed Services Subcommittee on Cyber, Innovative Technologies and Information Systems, supports the arrangement, saying, “I think the dual-hat arrangement benefits both organizations and provides the infrastructure and expertise that helps both Cyber Command and the NSA achieve success in their individual missions.”

Sen. Mike Rounds, ranking member of the Senate Armed Services Subcommittee on Cybersecurity, voiced similar praise in the article, noting that without the dual-hat arrangement, “You would have two separate bureaucracies who would clash on a daily basis about the use of the tools, about the coordination of efforts, about the protection of their own silos.”

An October 2022 report drafted by a four-person group led by retired Gen. Joseph Dunford Jr., a former chair of the Joint Chiefs of Staff, did not give an official recommendation about keeping the arrangement. However, he argued strongly for the benefits derived from it. A Director of National Intelligence spokesperson noted the report showed benefits of the structure and found no adverse impacts that would justify terminating or splitting the role.

Arguments against the dual-hat role

There’s also opposition to the arrangement and has been since the organization was created. Some feared the combined role was simply too powerful for one person. The same concern exists today as Cybercom’s role becomes larger, addressing wide-ranging societal concerns like election security and ransomware. Those defenses are often made public, which raises another concern: Could Cybercom’s activities reveal too much about the NSA? As a spy agency, the NSA’s activities are meant to stay hidden. If Cybercom uses NSA tools, could that expose espionage activity?

Does a single leader benefit both agencies?

Army General Paul Nakasone currently holds the head role and has since 2018. Obviously, it’s in his self-interest to tout his own abilities, but he detailed the benefits in his Cybercom 2023 posture statement delivered to the U.S. Senate Armed Services Committee in March. His statement quotes the October 2022 report noting “substantial benefits that present compelling evidence for retaining the existing structure.” He also states that “protecting the national security of the United States in cyberspace would be more costly and less decisive with two separate organizations under two separate leaders.”

The statement notes successful collaborations between the NSA and Cybercom, including defense of the 2022 midterm election. Nakasone maintains that “foreign attempts to meddle in our electoral process via cyber means escalated in 2016 and have persisted in every election cycle since.” The goal of this collaboration has been to “render these campaigns inconsequential,” meaning they would have no effect on election outcomes. The result was that the “2022 midterms progressed from primaries to certifications without significant foreign malign influence or interference.”

Nakasone also outlined efforts to hinder state-sponsored cyberattacks from China, Russia, Iran and other cyber criminals. He notes that as a result, the organization “made partner-nation networks more secure; increased our global cybersecurity partnerships; led to the public release of more than 90 malware samples for analysis by the cybersecurity community and ultimately kept us safer here at home.”

Demonstrable successes have to date, prevented splitting this role, but the issue continues to come up.

Will a split still happen? If so, what is the holdup?

Even with general agreement that the dual-hat arrangement works, consensus also seems to be that the split will happen eventually in line with the original vision for Cybercom. In 2016, over concerns that a split was imminent (and also premature), Congress legislated metrics that would have to be met before the split could happen. Among those metrics was that each organization would have its own systems in place to plan, de-conflict and execute military cyber and national intelligence operations. Both organizations also need separate tools for cyber operations, including the ability to acquire or create needed tools.

Cybercom has made gains on those metrics but has not fully achieved them yet. And, as long as the two organizations work successfully together and continue to achieve their separate but complementary missions, it’s unlikely there will be a significant push to change their operations.

What’s next for the NSA and Cybercom?

As required, both organizations continue to make progress toward the legislated metrics. Yet there appears to be no appetite for changing the leadership arrangement in the short term. What is on the short-term horizon? Gen. Nakasone plans to step down from the role sometime this year. The leadership role is generally held for four years, but Nakasone agreed to extend his tenure into 2023.

In May, U.S. Air Force Lt. Gen. Timothy Haugh was nominated as Nakasone’s replacement. Haugh currently serves as deputy commander at Cybercom. He helped spearhead some of the key initiatives at Cybercom, including election protection. The role requires Senate confirmation, but Sen. Tommy Tuberville is currently blocking all military nominations, with 200 nominations currently pending due to his block. Haugh’s appointment and Nakasone’s retirement plans remain in the air until that stalemate ends.

The post Why keep Cybercom and the NSA’s dual-hat arrangement? appeared first on Security Intelligence.