Key lawmakers in favor of keeping 'dual hat' arrangement between Cybercom and NSA

A sign for the National Security Agency (NSA), US Cyber Command and Central Security Service, is seen near the visitor's entrance to the headquarters of the National Security Agency (NSA) at Fort Meade, Maryland, February 14, 2018. (Photo by SAUL LOEB/AFP via Getty Images)

Two key lawmakers see the arrangement of having the same person lead both the National Security Agency and U.S. Cyber Command as an enduring fixture as opposed to a temporary one where the roles would be split in the future.

The so-called dual-hat arrangement is one of the most hotly debated within the cyber world. Since Cybercom was created a decade ago, it has been co-located with NSA at Fort Meade, Maryland and shared a leader. At the time, this made sense to help the command grow, relying on the personnel, expertise and infrastructure of the NSA. The arrangement was always thought to be temporary, however, with proponents saying the military can benefit from the unique intelligence insights and resources of NSA, leading to faster decision-making and operational outcomes. Opponents argue the roles are too powerful for one person to hold and relying on the intelligence community’s tools — which are meant to stay undetected — for military activities poses risks to such espionage activity.

But as time has gone on, there seems to be recognition among some policymakers that the current arrangement is a net positive for national security.

“I’ve been one of the staunchest opponents of changing the dual-hat relationship. I continue to support the current dual-hat arrangement,” Rep. Jim Langevin, D-R.I., told DefenseScoop in an interview. “As I look at the relationship between Cyber Command and NSA, I don’t see a problem that is solved by splitting the dual hat. In fact, I think the dual-hat arrangement benefits both organizations and provides the infrastructure and expertise that helps both Cyber Command and NSA achieve success in their individual missions.”

Langevin, who chairs the House Armed Services Subcommittee on Cyber, Innovative Technologies, and Information Systems and is retiring this year, noted that he does not see the benefit of splitting the two organizations.

On the Senate side, another key lawmaker has voiced support for the synergies the two organizations foster.

“I personally am in favor of that. I was not to begin with. But after looking at this now for four years, I think if you did not have a dual-hat arrangement, similar to what Gen. Nakasone works in today, it means you would have two separate bureaucracies who would clash on a daily basis about the use of the tools, about the coordination of efforts, about the protection of their own silos,” Sen. Mike Rounds, R-S.D., ranking member of the Senate Armed Services Subcommittee on Cybersecurity, told DefenseScoop on the sidelines of the Politico Defense Summit Wednesday. “I think you have to have a person on top who can call balls and strikes between the two separate organizations.”

Rounds had previously said that this relationship fosters greater speed within the government to close cyber gaps in a highly dynamic environment.

“They have demonstrated that the dual-hat relationship of Cybercom and NSA has facilitated effective use of intelligence and cyber operations, both in support of military operations and the defense of the entire nation,” Rounds said during a panel discussion at the annual AUSA conference in October. “This [has] broken down stovepipes between the two organizations that now allow operations to be more effective and to be executed in a timely manner. And I can’t overestimate how critical it is that we recognize the need for speed when it comes to dealing with our adversaries.”

These sentiments have also been shared by the current director of NSA and commander of Cybercom, Gen. Paul Nakasone.

“My best military advice as it was when I first came to the job and after three-plus years in it, is the fact that through elections, through problems with Iran, through ransomware and now with Russia-Ukraine, what the dual hat has allowed us to do is been able to take and be able to focus efforts from the National Security Agency and U.S. Cyber Command on very, very difficult problems: influence, ransomware, strategic competition, in one domain, in cyberspace,” he told the House Armed Services Committee in March, noting that ultimately this is a policy decision. “We both operate there and being able to have action, being able to unity effort and being able to have agility is what the dual [hat] has been able to allow me to do over the past three-plus years.”

Several years ago, in response to rumors a split was imminent, lawmakers felt such a decision was premature and Cyber Command was not ready to stand alone. As such, Congress outlined a series of metrics for the Pentagon to meet in the fiscal 2016 National Defense Authorization Act. Those metrics were then tweaked in the 2017 policy bill adding more restrictions necessary to split the dual hat. They included that each organization have robust command-and-control systems for planning, deconflicting and executing military cyber operations and national intelligence operations — as well as ensuring tools and weapons used in cyber ops are sufficient for achieving required effects. It also sought to ensure that Cybercom can acquire or develop these tools, weapons and accesses.

Nakasone told Congress earlier this year that his organizations are still working toward that.

Rounds noted that he is in favor of maintaining the current dual-hat relationship, adding that opponents might say it would depend on the person at the top — meaning if the head of both organizations is someone that can’t handle both roles, then it would be problematic.

“My only response is, is that if you can’t then you’re going to end up with … [multiple] individuals who will have to sit down and work it out rather than one individual calling balls and strikes,” he said. “You want a committee doing this and with all the delays that go into a committee discussion, or do you want an individual respected and find the right individual who can be respected by both organizations and move in a more timely fashion?”

Langevin noted that splitting the roles could make things cumbersome and prevent the cyber mission force from being able to operate with the agility it needs.

Moreover, he said he is optimistic the ongoing review by the Director of National Intelligence and the Secretary of Defense, reported earlier this year, will come to the same conclusion as him that this arrangement should remain in place. 

The Record reported that former chairman of the Joint Chiefs of Staff Joseph Dunford is leading an intergovernmental group to examine the dual-hat arrangement and make a recommendation to the Biden administration.