Plans To Divide US Cyber Command And The NSA

Uploaded on 2020-12-23 in INTELLIGENCE--USA, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

A Pentagon proposal to put the US’s top cyber spy agency under civilian leadership has generated complaints from lawmakers who say the idea is badly timed and against the law.

Outgoing Pentagon officials appointed by President Trump have sent a proposal to the Joint Chiefs of Staff to divide the leadership of the National Security Agency and US Cyber Command.  This would reshape defense policy by a handful of key political officials who are in acting roles in the Pentagon after Donald Trump lost his re-election bid.

A US official has confirmed that Joint Chiefs Chairman Gen. Mark Milley and Acting Defense Secretary Chris Miller have received the proposal.  With Miller expected to sign off on the move, the fate of the proposal ultimately falls to Milley, who said to Congress in 2019 that the combined leadership structure was working and should be kept in place. The post of NSA director and Cybercom commander are held by one person, currently, Gen. Paul Nakasone, in a "dual-hat" arrangement.

Cyber security and national security policy leaders have debated how and when to split that job into two positions for several years. 

The Cyber Command proposal arrives at the same time as enormous cyber hacking attacks have hit a number of federal agencies. Investigators are still working to understand what data may have been taken or compromised. Although Secretary of State Mike Pompeo has publicly linked the attack to Russia, Trump said the attacks came from China. 

White House officials had drafted a statement assigning blame to Russia for the attack and were preparing to release it but were told to stand down, according to people familiar with the plans. 

Many current and former officials say the partnership between the two spy entities is vital to sharing intelligence and resources, but critics have said the arrangement can lead to bureaucratic headaches. Some officials also say the two agencies have dueling missions that are in conflict with one another because Cyber Command focuses on offensive operations while the NSA’s chief goal is intelligence collection. Some supporters of separation think that the two agencies are simply too critical and vast for one leader to manage.

The move may be a signal that Trump might remove Nakasone as the leader of one or either agency amid frustration over the handling of the recent cyber attack, according to some officials speaking on the condition of anonymity because they were not authorised to speak publicly. 

An administration official defended the recent spate of changes during the transition. Supporters of the split argue that keeping the two organisations under dual-leadership creates inefficiencies. Should Milley and Miller make the necessary certifications to Congress, the practical implications of the move are thought to be neither immediate nor irreversible. 

CNN:          Defense One:       Wall Street Journal

You Might Also Read:

The Emerging Domain Of  Cyber War:

 

 

« How To Optimize The DevSecOps Pipeline
You Should Prepare Your Organization For A DDoS Attack »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Navista

Navista

Navista's hardware and software modules are especially designed to ease the deployment of secure networks.

Gigasoft

Gigasoft

Gigasoft provide secure online data backup & cloud backup services for the education sector and businesses.

Reposify

Reposify

Reposify’s cybersecurity solution identifies, manages and defends companies’ global digital footprints.

CMMI Institute

CMMI Institute

CMMI Institute enables organizations to elevate and benchmark performance across a range of critical business capabilities, including product development, data management and cybersecurity.

Cybertonica

Cybertonica

Cybertonica is a FinTech company which detects and prevents fraudulent transactions and reduces risk for financial services organisations.

Capy

Capy

Capy's SaaS-based security solutions will protect your website from bots, spam, humans and more.

Absio

Absio

Absio provides the technology you need to build data security directly into your software by default, and the design and development services you need to make it happen.

Lionfish Cyber Security

Lionfish Cyber Security

Lionfish Cyber Evolution & Empowerment Model™ empowers SMBs to prepare and protect themselves against cyber threats using a unique combination of on-demand training, support and managed services.

Voxility

Voxility

Voxility provides Infrastructure-as-a-Service in the biggest Internet hubs in the world.

Aware

Aware

Aware is the only comprehensive AI solution for governance, risk, compliance and insights for leading collaboration platforms.

Packetlabs

Packetlabs

Packetlabs specializes in penetration testing services and application security.

Nisos

Nisos

Nisos provides unrivaled protection of your reputation and assets through the practice of Active Defense.

Open Quantum Safe (OQS)

Open Quantum Safe (OQS)

The Open Quantum Safe (OQS) project is an open-source project that aims to support the development and prototyping of quantum-resistant cryptography.

CertNexus

CertNexus

CertNexus is a vendor-neutral certification body, providing emerging technology certifications and micro-credentials for business, data, developer, IT, and security professionals.

Trustack

Trustack

Trustack services cover connectivity, infrastructure services, security, unified comms, agile working and more. Our team of consultants deliver customised solutions tailored to your needs.

Pvotal Technologies

Pvotal Technologies

Pvotal Technologies engineer complex, automated processes aligned with best AIOps, BizDevOps, DevSecOps, CloudOps, and ITOps practices.