President Biden’s nominee to be the next chairman of the Joint Chiefs of Staff joins a growing chorus in favor of keeping the so-called dual-hat relationship between U.S. Cyber Command and the National Security Agency.
Gen. Charles “CQ” Brown, in written responses to senators’ questions prior to his confirmation hearing Tuesday, said he supports the current setup in which the two organizations are headed by the same individual.
“I, as the nominee to be the CJCS, believe this arrangement to be an effective model to ensure a high level of collaboration and mutual support between USCYBERCOM and NSA,” he wrote in his advance policy questionnaire.
The so-called dual-hat arrangement is one of the most hotly debated within the cyber world. Since Cybercom was created a decade ago, it has been co-located with NSA at Fort Meade, Maryland and shared a leader. At the time, this made sense to help the nascent command grow, relying on the personnel, expertise and infrastructure of the NSA. The arrangement was initially expected to be temporary.
However, proponents of keeping that setup intact say the military can benefit from the unique intelligence insights and resources of NSA, leading to faster decision-making and operational outcomes. Opponents argue the roles are too powerful for one person to hold and relying on the intelligence community’s tools — which are meant to stay undetected — for military activities poses risks to such espionage activity.
Concerned with the prospect of a premature split, in which Cybercom would not be ready to stand on its own, Congress has issued a prohibition on a breakup in leadership until certain metrics are met. They include, among others, that each organization have robust command-and-control systems for planning, deconflicting and executing military cyber operations and national intelligence operations — as well as ensuring tools and weapons used in cyber ops are sufficient for achieving required effects and that Cyber Command can acquire or develop these tools, weapons and accesses.
As chairman of the Joint Chiefs of Staff, Brown, along with the secretary of defense, would have to make those certifications to Congress.
A recent report conducted by a Defense Department and intelligence community steering group, led by former Chairman of the Joint Chiefs Joseph Dunford, said the current arrangement is beneficial for national security.
The report “found ‘substantial benefits that present compelling evidence for retaining the existing structure,’” Gen. Paul Nakasone, who currently leads both Cybercom and NSA, wrote in written testimony to the Senate Armed Services Committee earlier this year.
Brown noted that the findings “were compelling and clearly articulated the organizational synergies gained and unity of effort granted to the Director of the National Security Agency/Commander USCYBERCOM through the Dual-Hat arrangement. Our experiences since 2018 demonstrated that we can work at the speed or relevance, with informed interagency support, to best serve our national security interests.”
The 2018 midterm elections were seen as a seminal moment for the partnership. Following the foreign interference in the 2016 presidential election, U.S. officials were keen to not repeat the same mistakes. Nakasone created the Election Security Group, which was a joint venture between Cybercom and NSA.
Officials noted that the organization was highly successful and demonstrated the power of the partnership between the two organizations in which NSA’s foreign intelligence can inform Cybercom’s operations to take action against malicious cyber activity abroad.
“The successes that USCYBERCOM and NSA have experienced in defending our elections, in engaging ransomware actors, and in many other missions with the other Combatant Commands, rest on the alignment of USCYBERCOM and NSA,” Nakasone wrote in congressional testimony.
“The Senior Steering Group highlighted these accomplishments for the Secretary of Defense and Director of National Intelligence, finding that the dual-hat structure is in the best interests of USCYBERCOM, NSA and the nation. Success in protecting the national security of the United States in cyberspace would be more costly and less decisive with two separate organizations under two separate leaders. The enduring relationship is vital for both organizations to meet the strategic challenges of our adversaries as they mature their capabilities against the United States,” he added.
Informed by this study, the Pentagon and the Office of the Director of National Intelligence are building a roadmap for the agencies, John Plumb, principal cyber advisor to the secretary of defense, wrote to the House Armed Services Committee in March. Once that is finished, he said, they will brief the roadmap to Congress.