Incident & Breach Response , Managed Detection & Response (MDR) , Security Operations

Obama Signs Bill Elevating Cybercom to Full Command

Dual-Hat Leadership with NSA to Remain Despite Presidential Objection
Obama Signs Bill Elevating Cybercom to Full Command
Under a new law, Admiral Mike Rogers will remain head of the NSA and Cybercom.

President Barack Obama signed Friday the National Defense Authorization Act, legislation that includes a provision he opposes to leave the leader of the newly-elevated U.S. Cyber Command as the head of the National Security Agency as well.

See Also: Hunt Cloud Threats or Be Hunted | CISO Guide to Cloud Compromise Assessments

The law elevates Cyber Command to a full combatant command; since its formation in 2010 Cybercom, as it's known, was a subcommand under the U.S. Strategic Command. When Cyber Command was stood up, the director of the NSA was designated as the Cybercom commander. The thought then was that the dual-hat arrangement would enable the fledgling Cybercom to leverage NSA's advances cyber capability and expertise.

"Cybercom has since matured and the current construct should be replaced through a deliberate, conditions-based approach to separating the organizations," Obama said in a statement. "The two organizations should have separate leaders who are able to devote themselves to each organization's respective mission and responsibilities, but should continue to leverage the shared capabilities and synergies developed under the dual-hat arrangement."

Way Open to Eliminate Dual-Hat Approach

The new law would allow the elimination of the dual-hat leadership of both agencies should the defense secretary and chairman of the Joint Chiefs of Staff jointly certify that ending this arrangement would not pose risks to the military effectiveness of Cybercom that would be unacceptable to the national security interests of the United States.

Obama also said that it should be the executive branch's decision alone to create Cybercom and decide how it should be led. "Congress should leave decisions about the establishment of combatant commands to the executive branch and should not place unnecessary and bureaucratic administrative burdens and conditions on ending the dual-hat arrangement at a time when the speed and nature of cyberthreats requires agility in making decisions about how best to organize and manage the nation's cyber capabilities," he said.

Supporters of the dual-hat approach contend Cybercom would continue to need for the next few years the leadership the NSA - the defense department's e-spy agency - to operate efficiently.

Cyber Command is the offensive cyber arm of the military, that's also charged with defending the cyber assets of the U.S. military. With increased attacks from nation-states against American business and the mostly civilian-controlled critical infrastructure, calls have been increasing to use Cybercom to defend civilian IT and, at times, to go on the offense as would the kinetic military against physical attacks on the homeland.

Navy Admiral Michael Rogers will remain head of both organizations.

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.