https://warontherocks.com/2019/04/cyber-command-the-nsa-and-operating-in-cyberspace-time-to-end-the-dual-hat/
By Andrew Schoka
War on the Rocks
April 3, 2019
To publish this article, I had to submit it for review to three separate
organizations: the U.S. Army Intelligence and Security Command, United
States Cyber Command (my employer), and the National Security Agency
(NSA). In total, it took just under two months to secure approval from all
three organizations for public release, significantly longer than it took
to actually write the article itself. And this is still substantially
faster than Cyber Command’s process to review and approve actual
cyberspace operations, a system subjected to similar redundancy and
repetition.
The organizational inefficiency inherent to both processes is a
consequence of the "dual hat: relationship between NSA and Cyber Command,
which entrusts the command of both organizations to a single individual.
The original motivation for the arrangement -- which was always intended
to be temporary -- was to allow a nascent Cyber Command to benefit from
NSA's expertise, capabilities, and experience, which helped all of Cyber
Command’s teams to achieve full operational capability last year. In
practice, the relationship allows a single individual to weigh the
oft-competing interests of NSA and Cyber Command, whose responsibilities
in the cyber domain frequently overlap. The dual hat command relationship
has been continually reviewed by presidential administrations since its
inception, and experts have made competing arguments for both the
dissolution and continuation of the arrangement.
While most of the arguments for ending the dual hat relationship have
focused on the successful buildup of Cyber Command or the risk to NSA's
operations and capabilities, comparatively little attention has been given
to how the organizational overlap with NSA affects Cyber Command’s pursuit
of its missions. The interdependence between the two organizations has
allowed Cyber Command to grow accustomed to virtually uninterrupted
operational and logistical support from NSA offices. This deeply ingrained
organizational reliance on NSA tradecraft and processes has fundamentally
shaped the way the command approaches cyberspace operations. Specifically,
by borrowing from NSA’s procedures and culture, Cyber Command has steadily
become more risk-averse than befits an organization dedicated to offensive
operations and imposing costs on adversaries. For Cyber Command to more
effectively accomplish its mission, it should be separated from NSA sooner
than planned. This will allow the command to better pursue the nation’s
military objectives in cyberspace, including deterring potential
adversaries from threatening critical national infrastructure.
Dual-hatting initially made sense because there is a fundamental
similarity between the technical aspects of military cyberspace operations
(Cyber Command’s domain) and intelligence-related computer network
operations (what NSA does). Gen. Michael Hayden noted that offensive
cyberspace operations and signals intelligence are technically
indistinguishable from each other, citing this as reason for unifying the
command of the two organizations responsible for each. A pressing need to
develop a robust military cyberspace operations capability motivated the
decision to attach Cyber Command to the fully developed and functional
NSA.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
