Plans To Divide US Cyber Command And The NSA

Uploaded on 2020-12-23 in INTELLIGENCE--USA, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

A Pentagon proposal to put the US’s top cyber spy agency under civilian leadership has generated complaints from lawmakers who say the idea is badly timed and against the law.

Outgoing Pentagon officials appointed by President Trump have sent a proposal to the Joint Chiefs of Staff to divide the leadership of the National Security Agency and US Cyber Command.  This would reshape defense policy by a handful of key political officials who are in acting roles in the Pentagon after Donald Trump lost his re-election bid.

A US official has confirmed that Joint Chiefs Chairman Gen. Mark Milley and Acting Defense Secretary Chris Miller have received the proposal.  With Miller expected to sign off on the move, the fate of the proposal ultimately falls to Milley, who said to Congress in 2019 that the combined leadership structure was working and should be kept in place. The post of NSA director and Cybercom commander are held by one person, currently, Gen. Paul Nakasone, in a "dual-hat" arrangement.

Cyber security and national security policy leaders have debated how and when to split that job into two positions for several years. 

The Cyber Command proposal arrives at the same time as enormous cyber hacking attacks have hit a number of federal agencies. Investigators are still working to understand what data may have been taken or compromised. Although Secretary of State Mike Pompeo has publicly linked the attack to Russia, Trump said the attacks came from China. 

White House officials had drafted a statement assigning blame to Russia for the attack and were preparing to release it but were told to stand down, according to people familiar with the plans. 

Many current and former officials say the partnership between the two spy entities is vital to sharing intelligence and resources, but critics have said the arrangement can lead to bureaucratic headaches. Some officials also say the two agencies have dueling missions that are in conflict with one another because Cyber Command focuses on offensive operations while the NSA’s chief goal is intelligence collection. Some supporters of separation think that the two agencies are simply too critical and vast for one leader to manage.

The move may be a signal that Trump might remove Nakasone as the leader of one or either agency amid frustration over the handling of the recent cyber attack, according to some officials speaking on the condition of anonymity because they were not authorised to speak publicly. 

An administration official defended the recent spate of changes during the transition. Supporters of the split argue that keeping the two organisations under dual-leadership creates inefficiencies. Should Milley and Miller make the necessary certifications to Congress, the practical implications of the move are thought to be neither immediate nor irreversible. 

CNN:          Defense One:       Wall Street Journal

You Might Also Read:

The Emerging Domain Of  Cyber War:

 

 

« How To Optimize The DevSecOps Pipeline
You Should Prepare Your Organization For A DDoS Attack »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Booz Allen Hamilton

Booz Allen Hamilton

Booz Allen Hamilton is a management & tech consulting firm. Technology services include cloud computing, cyber security, systems development and integration.

Yokogawa Electric

Yokogawa Electric

Yokogawa is an electrical engineering company providing measurement, control, and information technologies including industrial cyber security.

Nexusguard

Nexusguard

Nexusguard is at the forefront of the fight against malicious Internet attacks, protecting organizations worldwide from threats to their websites, services, and reputations.

SCIS Security

SCIS Security

SCIS Security provides affordable cyber security services and solutions to small to medium sized businesses and homes.

SenseOn

SenseOn

SenseOn’s multiple threat-detection senses work together to detect malicious activity across an organisation’s entire digital estate, covering the gaps that single point solutions create.

Innova

Innova

Innova is Turkey's leading IT solutions company, providing platform independent solutions to organizations in telecommunication, finance, production, public and service sectors.

Whistic

Whistic

Whistic is a cloud-based platform that uses a unique approach to address the challenges of third-party risk management.

OWN

OWN

OWN (formerly SEKOIA) is a major French player in cybersecurity providing tailor-made, informed and adapted cyber support thanks to its DNA of passionate and committed experts.

Enea

Enea

Enea is one of the world’s leading specialists in software for telecommunications and cybersecurity. Our products are used to enable services for mobile subscribers, enterprise customers and IoT.

Almond

Almond

Almond is positioned as a key independent French player in audit and consulting in the fields of Cybersecurity, Cloud and Infrastructure.

Proximus Ada

Proximus Ada

Proximus Ada is the first Belgian center of excellence combining artificial intelligence and cybersecurity.

Cyber Security Council UAE

Cyber Security Council UAE

The Cyber Security Council's vision is to protect UAE cyberspace, maintain confidence in our digital infrastructure and institutions, and build a cyber-resilient society.

Evolver

Evolver

Evolver delivers technology services and solutions that improve security, promote innovation, and maximize operational efficiency in support of government and commercial customers.

Iron Mountain

Iron Mountain

Iron Mountain Incorporated is a global business dedicated to storing, protecting and managing, information and assets.

Vault Cloud

Vault Cloud

Vault Cloud, Australia's National Cloud, is an Australian owned and operated company specialising in secure, sovereign, hyperscale cloud infrastructure.

Cloudbox

Cloudbox

Cloudbox build and maintain a highly secure, compliant IT infrastructure for our clients – with total peace of mind – so they can focus on the market.