With the impending split of U.S. Cyber Command and the National Security Agency, the focus will
shift from personnel and staffing to infrastructure and tools. Under
current law, one of the requirements set forth in the 2017 National Defense Authorization Act calls for – among other things prior to a split – the chairman of the Joint Chiefs of Staff and the secretary of defense to certify that the capabilities of Cyber Command and the NSA won’t be degraded if they split off.
Currently, CYBERCOM, which was stood up in 2009, is co-located with the NSA — a decision that made sense at the time of CYBERCOM’s inception to rely on the infrastructure and rich cyber talent resident within the NSA.
However, the two perform different roles: The NSA is an intelligence-gathering organization focused on national-level security as well as a combatant command-support organization; CYBERCOM performs war-fighting tasks.
In September 2016 under the Obama administration, there were three issues under discussion surrounding the split, explained Phil Quade, former director of the NSA Cyber Task Force, in an interview.
The first was a prioritization schema so CYBERCOM could prioritize its needs of the NSA, and so the NSA could consider those by weighing them against the needs of other combatant commands or civilian agencies it supports.
The second was that the NSA needed greater capacity, Quade said, under the guise of: If the government (or CYBERCOM) is going to be on the offensive, there must be improved intelligence to underpin that.
Lastly, Quade said CYBERCOM needs a better indigenous capability to act on the offensive. “If you’re constantly trying to repurpose intelligence tools, you’re going to have a fundamental equity decision. So there needed to be more of a split between intelligence tool[s] and attack tools,” he said.
“As far as the Cyber Command-NSA split, we intend to make this a split that actually gains more unity of effort from a broader constituency, too, from other elements that are also…