At press time, it still remains a public mystery why he and NSA deputy Wendy Noble (who was removed and reassigned) were fired from leading the largest intelligence agency — which produces the majority of the intel for the president’s daily brief — and the government’s main cyber warfare entity, Cybercom.

Chief Pentagon spokesperson released a statement late Friday afternoon that read: “The Defense Department thanks General Timothy Haugh for his decades of service to our nation, culminating as U.S. Cyber Command Commander and National Security Agency Director. We wish him and his family well.”

The websites of Cyber Command and NSA were updated Friday afternoon to reflect that Army Lt. Gen. William Hartman is now in charge of both organizations. Hartman had been the deputy commander of Cybercom. Although the commander is dual-hatted to lead both organizations, the deputy Cybercom commander is not part of NSA.

Those that spoke to DefenseScoop noted how rare it is for a sitting NSA director to be fired mid-term, especially absent any loss in confidence to command or a scandal. For context, the director wasn’t removed after the Snowden leaks came to light during the Obama administration.

Although the president does have the authority to remove officers like this, some observers have indicated it might not be a wise use of that power, and could create morale issues.

“I don’t recall an NSA director in recent memory being removed other than during the normal cycle,” said Jamil Jaffer, founder and executive director of the National Security Institute at the Antonin Scalia Law School at George Mason University, who held positions in the Bush White House, Department of Justice and was senior counsel to the House Permanent Select Committee on Intelligence for the Republican chairman Mike Rogers of Michigan. “When a well-regarded, four-star general is fired for no apparent reason — if in fact that’s what happened and even if it is legally permissible — that can have a massively detrimental impact on both ongoing operations and morale.”

Prior to taking office — and in successive confirmation hearings — Trump administration officials expressed an interesting in taking a more aggressive approach in cyberspace against adversaries in the face of high-profile intrusions of telecom firms and critical infrastructure that some say went beyond traditional espionage to prep the battlefield.

“General Tim Haugh is an outstanding leader and was doing a superb job at Cyber Command and National Security Agency. He was fired with no public explanation. This action sets back our Cyber and Signals Intelligence operations,” Rep. Don Bacon, R-Nebraska, the chairman of the House Armed Services Subcommittee on Cyber, Information Technologies, and Innovation and a former one-star Air Force general, said on X.

A slew of Democrat lawmakers issued statements Friday criticizing the administration’s move.

Sen. Jack Reed, D-R.I., the top Democrat on the Senate Armed Services Committee, expressed alarm and anger regarding the decision to fire Haugh — who was unanimously confirmed by the Senate to his role — and oust Noble.

“As the commander of Cyber Command, General Haugh led the most formidable cyber warfighting force in the world and kept our enemies up at night. President Trump has given a priceless gift to China, Russia, Iran, and North Korea by purging competence from our national security leadership,” he said. “I have long warned about the dangers of firing military officers as a political loyalty test. In addition to the other military leaders and national security officials Trump has fired, he is sending a chilling message throughout the ranks: don’t give your best military advice, or you may face consequences. The President must immediately explain himself to the American people.”

Reed was referring to assertions that political activist Laura Loomer urged President Donald Trump to fire certain officials due to their perceived disloyalty to him and his agenda. She wrote in a social media post Thursday night that Haugh and Noble were fired for being “disloyal” to Trump. In recent weeks, Trump also fired Chairman of the Joint Chiefs of Staff Gen. Charles “CQ” Brown and Chief of Naval Operations Adm. Lisa Franchetti, among other senior defense officials.

“It’s concerning, from a national security perspective, when a 9/11 truther is providing advice to the President on whether a four-star general ought keep his job as the head of the world’s premier signals intelligence agency,” Jaffer said regarding the allegations Loomer had something to do with Haugh’s ouster.

Others agreed with that sentiment.

“If this was tied to Loomer’s action, then preparing for a future war against China is taking a back seat to the fight against DEI and those perceived as not loyal enough to the regime,” said Jason Healey, a senior research scholar at Columbia University’s School for International and Public Affairs with a deep cyber background in the government and military. Healey previously served as a founding member of the Office of the National Cyber Director at the White House and worked at a U.S. military organization that was a precursor to Cybercom.

Sen. Roger Wicker, R-Miss., chairman of the Senate Armed Services Committee and Rep. Mike Rogers, R-Alabama, chairman of the House Armed Services Committee, did not respond to requests for comment.

“Silence, nothing but silence, from my once honorable colleagues in the GOP who just days ago sat with me in meetings on the Armed Services Committee praising GEN Haugh. Cowering before Trump and complicit in letting a lunatic upend their own national security team, they do nothing to stand up for our troops or our country,” Rep. Seth Moulton, D-Mass., wrote on X Friday.

Top Dems on the House Armed Services Committee issued a joint statement citing their concerns.

“Under [Haugh and Noble’s] leadership, the men and women of US Cyber Command and the National Security Agency have been at the tip of the spear in defense of our country against very real cyber threats, including ransomware extortionists and actors like Volt Typhoon and Salt Typhoon. Reports that the dismissals were due not to failure to execute their positions but, rather, being accused of being disloyal by a far-right conspiracy theorist are deeply disturbing,” said HASC ranking member Rep. Adam Smith, D-Wash., Rep. Ro Khanna, D-Calif., ranking member of the CITI subcommittee and Rep. Chrissy Houlahan, D-Penn., who has taken a keen interest in cyber issues.

Houlahan in a separate statement to DefenseScoop called the firing “inexplicable,” adding it “should leave us all feeling less safe today.”

“There have still been no consequences for anyone over the leaking of classified information over Signal – the real threat. This action—meant in some way to distract us from the Signal and gmail fiascos— to summarily remove the four-star General responsible for the National Security Agency and Cyber Command is chilling,” she said. “The American people deserve answers – now including why General Haugh was relieved of his duties. The case is not, in fact, closed.”

The post Firing of top cyber general ‘sets back’ US military and intel operations, makes America ‘less safe,’ lawmakers of both parties say appeared first on DefenseScoop.

It was not immediately clear why Haugh was fired. However, his dismissal comes amid a purge of other national security officials at the National Security Council and NSA. It happened following a visit to the Oval Office of political activist Laura Loomer, who has urged President Donald Trump to fire certain officials due to their perceived disloyalty to him and his agenda. In a social media post Thursday night, Loomer said Haugh and NSA Deputy Director Wendy Noble were fired for being “disloyal” to Trump.

“I am deeply disturbed by the decision to remove General Haugh as Director of the National Security Agency. I have known General Haugh to be an honest and forthright leader who followed the law and put national security first — I fear those are precisely the qualities that could lead to his firing in this Administration. The Intelligence Committee and the American people need an immediate explanation for this decision, which makes all of us less safe,” Rep. Jim Himes, D-Conn., ranking member of the House Intelligence Committee, said in a statement posted on social media.

A defense official told DefenseScoop that Cybercom’s deputy commander, Army Lt. Gen. William Hartman, is currently in charge.

Haugh, the protégé of former Cybercom commander Paul Nakasone, took the helm at the command last February. At the time, many described Haugh as the right person for the job.

With a 34-year career in the Air Force, Haugh made a name for himself as the director of intelligence at Cybercom and then later as the deputy commander of the counter-ISIS task force and commander of the elite Cyber National Mission Force. In the latter role, he helped establish an election defense task force. He was later chosen to lead the Air Force’s information warfare and cyber unit prior to becoming the deputy commander at Cybercom and then commander.

Haugh was slated to testify before Congress next week as part of annual posture hearings where officials provide members an update on their organization and operations.

On Friday morning, an NSA spokesperson referred DefenseScoop to the public affairs office in the Office of the Secretary of Defense. A Defense Department spokesperson said they had seen the press reports about Haugh’s firing but had nothing further to offer. They said they would provide more information when it becomes available.

The White House and National Security Council did not immediately respond to requests for comment.

Haugh’s removal comes just a few weeks after Trump fired Chairman of the Joint Chiefs of Staff Gen. Charles “CQ” Brown and Chief of Naval Operations Adm. Lisa Franchetti, among other senior defense officials.

Before being fired, Haugh was in the midst of what had been described by some as a top-to-bottom review of the command, its forces and structures known as Cybercom 2.0. In fact, the implementation plan was delivered to the secretary of defense March 21 and officials were awaiting approval for further action.

Moreover, there have been calls to sever the dual-hat relationship in which the same individual heads Cybercom and NSA. Press reports have indicated that the Trump administration wanted to renew efforts it began at the end of his first administration to sever that dual hat. It’s unclear if the White House plans to appoint a new person to lead both organizations after Haugh’s firing or eliminate the dual-hat arrangement.

The post Trump fires Gen. Timothy Haugh from leadership of Cyber Command and NSA appeared first on DefenseScoop.

Sutton — who is currently chief technology advisor to the commander and director of Pentagon operations at U.S. Cyber Command and had been a professional staff member on the Senate Armed Services Committee focused on cyber — will be the second official to hold this position, which was created by Congress in the fiscal 2023 annual defense policy bill.

That position was established due to the growing role of cyber in society and the U.S. military. Many in Congress wanted to elevate the role of cyber policy within the Defense Department to the ASD level.

As the Trump administration looks to fill out its cyber policy personnel at the Pentagon, multiple press outlets last week reported Laurie Buckhout was selected to serve as the Deputy Assistant Secretary of Defense for Cyber Policy, which was the top cyber policy position in the department until the ASD position was created.

A retired Army colonel, Buckhout was an electronic warfare officer and has been outspoken about the degradation of the Army’s and U.S. military’s EW capabilities relative to adversaries. She recently ran for Congress in North Carolina as a Republican, but was defeated by Democrat Don Davis.

These top cyber policy roles will be integral in helping the department navigate critical cyber issues, namely, the evolution of U.S. Cyber Command via an initiative dubbed Cybercom 2.0. That effort was initially meant to not only provide a holistic examination of the command and its forces to better posture it for the future — given its structure remained largely untouched since its inception over a decade ago in a less dynamic environment — but also bunch together multiple congressional reports that lawmakers required of the DOD in several annual defense policy bills.

“What we see now as Cyber Command 2.0 is the command’s efforts to build domain mastery to achieve a competitive advantage in the cyber domain. Through these efforts, we will be enhancing total force readiness and our innovation,” Gen. Timothy Haugh, Cybercom commander, said last week at the Cyber Workforce Summit in Washington.

The effort has four main buckets: a new force generation model for how each service provides cyber forces to Cybercom; a talent management model; an advanced training and education center to ensure forces are more ready when arriving to their units and have specialized training if needed; and a cyber innovation warfare center that could focus on rapid innovation and capability development.

It has been reported that Defense Secretary Pete Hegseth has directed those efforts be expedited by several months, something some in Congress support.

Haugh told senators at a Senate Select Committee on Intelligence hearing Tuesday that for the 2.0 effort he was asked to produce recommendations for the SecDef on how to manage, develop and equip cyber talent. That plan was brought to Hegseth, who told the command to go faster. Based on Hegseth’s guidance, Cybercom is moving forward with the rest of the department, according to Haugh.

The post Trump nominates former congressional staffer for top Pentagon cyber policy job appeared first on DefenseScoop.

The so-called cyber-special operations forces-space triad or “irregular triad,” is a partnership between the three disciplines to deliver capabilities and outcomes greater than the sum of its parts, leveraging the unique access and authorities of each contributor. While officials explained this fusion of capabilities came about in tabletop exercises years ago, the Army began putting it into practice with its relevant components and it’s now making its way to the joint four-star combatant commands.

The strategic environment for the U.S. military is significantly more complex now than it has been in years past, requiring more and different options to deter adversary activity around the globe.

“Some of our adversaries are demonstrating a degree of skill and effectiveness in their employment of irregular warfare that the United States has difficulty matching and the United States has difficulty dealing with,” Mike Nagata, corporate strategic advisor at CACI and a retired three-star general with decades of special operations experience, said Thursday during a panel at the Special Operations Symposium hosted by NDIA. “Many of our competitors and many of our adversaries are adopting modern, powerful digital technologies faster than the United States is. They are not hesitating to use it.”

Experts explained that America’s adversaries have sought to use unconventional, irregular and hybrid tactics as a means of combating the conventional strength of U.S. forces. Much of this is taking place below the threshold of armed conflict.

“Our adversaries, particularly the Chinese but really all of them, are pursuing irregular strategies … It’s a combination of political warfare, economic warfare and irregular warfare. They are pursuing strategies to achieve objectives without having to go to conventional conflict,” said Ken Tovo, president and CEO of DOL Enterprises and a retired three-star general. “Our challenge is, are we ready to play on that field? While we have talked about irregular warfare, and especially in this community for many years, the reality is there’s a lot of things that have actually inhibited our execution of effective irregular warfare strategies around the world to achieve our objectives.”

Current officials explained that the modern triad provides an existing operational concept that is operating currently and can act as a deterrent capability.

“The irregular triad that we’re talking about here is an operational concept,” said Lt. Gen. Richard Angle, commander of Allied Special Operations Forces Command at NATO and Special Operations Command Europe. “It brings together multi-domain capabilities. This concept can, in fact, enable deterrence, because that’s what we’re talking about.”

Officials explained that the three disciplines aren’t as siloed as they may seem, noting inherent integration currently exists.

For example, the Marine Corps and Navy cyber service components to U.S. Cyber Command are also their service components to Space Command. Additionally, Marine Corps Forces Cyberspace Command serves as the coordinating authority for cyber for U.S. Special Operations Command under Cybercom’s Joint Force Headquarters-Cyber enterprise. Similarly, 16th Air Force/Air Forces Cyber, a service cyber component to Cybercom, is the coordinating authority for cyber for U.S. Space Command under its Joint Force Headquarters-Cyber.

“The area that I’ve been most proud of is the fact that we have aggressively taken this from a conceptual discussion to one where we’re doing operational activities together and doing it routinely and how we are able to come together to bring our respective strengths,” Gen. Timothy Haugh, commander of Cybercom, said. “Overall, where we’ve come together has been driven by we can produce better outcomes together in those situations, particularly on really hard problems, and the fact that the initial investments we’ve made to do that have produced outcomes just reinforces the need for us to be able to collaborate in our planning and also in how we approach problems together. Because it gives different options to the secretary than we would have been able to do independently.”

Angle, who also has cyber experience having previously served as deputy commanding general for operations at Army Cyber Command, explained that through deterrence by denial, the triad can make it difficult for adversaries to achieve objectives below the threshold of war.

But, he said, it has to be employed more often if it is to be successful in the future for deterrence, or if deterrence should fail, for managing escalation and crises.

“You need to employ this capability now if you want options later. You can employ it now at low cost, at fairly low risk with potentially high payoffs. By doing so, you can actually lower the risk later because you’re now holding critical adversary capabilities at risk,” Angle said. “The conversation we have to have is here’s also the risk of not taking action. Because if you don’t employ these capabilities, you won’t hold that critical adversary capability at risk when the time comes. We are doing a lot of things inside of this triad, but we have to find a way to do more. We have to find a way to get to the point where we’re doing things and the adversary is reacting to what we’re doing and we’re not reacting to what they’re doing.”

For Haugh, while there have been positive discussions among the relevant stakeholders and good operational applications, he’d like to improve upon what opportunities exist for tighter linkage.

“Today, we have started to put the right pieces in place. Much of what we could also talk about is, when we miss opportunities, why do we miss them? In many of those cases, it’s about the kit that’s available to us at that moment and are we fully using the opportunity for us to be innovative from a technical solution standpoint that fits the timeline of the opportunity of placement and access and the ability to come together around a specific problem,” he said. “I think there’s some things we could talk about what we’re each doing in that area where we could be also more purposeful to be able to fully leverage our respective authorities and how we innovate and how we acquire.”

The post New ‘irregular triad’ gaining currency as operational concept to improve deterrence appeared first on DefenseScoop.

As currently architected, each military service provides a set number of forces to Cybercom to employ in operations. However, the different branches, to a large extent, still retain their own policies and regulations when it comes to figuring out how to staff those forces to Cybercom. This has led to inconsistencies within the cyber mission force — which was designed to be joint and trained to the same standards — with different promotion structures, pay and assignments for the same work roles across each branch.

With enhanced authorities bestowed by Congress, the commander of Cybercom now has greater oversight over how each of the services present their forces. The commander must also provide an annual report to lawmakers evaluating the services’ ability to generate ready forces.

“Much of my last year’s report to Congress were about specific things that each of the services were doing to advance our readiness. What wasn’t inside there is uniform in our approach,” Gen. Timothy Haugh, the chief of Cybercom, said Thursday during a panel at the Special Operations Symposium hosted by NDIA. “There’s opportunities for me in the role that’s been empowered in the law to help drive an approach across the department, which will allow us to be more consistent in how we interact with this force. They serve together. They work together. They work shoulder to shoulder. There is an opportunity for us as a department to be able to be ensure that we’re being really coherent in how we develop and lead that force. I think that’s a critical component for us as we go forward.”

Haugh previously explained that he’s noticed progress in boosting readiness, but he’d like to see the methods each service employed to improve be emulated by the other services as well.

The ability to generate and retain these ready forces falls in line with Congress’ and Cybercom’s push to evaluate the forces that are presented to the command.

That congressional tasking in the form of several studies asked of DOD has been folded into a larger Cybercom initiative dubbed Cybercom 2.0, an ambitious plan first unveiled by former commander Gen. Paul Nakasone and other top DOD officials to provide a holistic examination of the command and its forces to better posture them for the future.

Former Secretary of Defense Lloyd Austin approved a broad outline for the initiative in December with four main buckets: a new force generation model for how each service provides cyber forces to Cybercom; a talent management model; an advanced training and education center to ensure forces are more ready when arriving to their units and have specialized training if needed; and a cyber innovation warfare center that could focus on rapid innovation and capability development. An implementation plan team is working to fill those areas out over the coming months.

Haugh noted that since the plan was approved, the command is looking at how special operations forces conduct talent management.

“Now that we’ve also gotten the support from the secretary for our next-generation force generation model, which we titled ‘SOF Inspired,’ which is around the idea of, how do we do talent management of a really unique high-end force in partnership with the services, how do we develop that force and then how do we equip it in rapid capability development?” he said.

The broad plan for the talent management aspect has been modeled off the Joint Special Operations Command-Special Operations Command model for a focused, capable team to manage talent across the services, much like how Socom does it.

Cybercom has sought to posture itself after the Socom model, a combatant command with unique service-like authorities for acquisition and force generation.

As part of building that next-generation force, Haugh has talked for months now about the notion of cultivating personnel with “mastery” in their focus areas.

“This is one of the reasons that Congress tasked us to go build the future force generation model for Cyber Command, which is, what are the ingredients that are going to allow us to reach mastery of our force. We’ve now reached a level of readiness in our force that we think is a really solid floor, but that’s not where you want to be,” he said. “We want to be at mastery. We know what it looks like in our force. We know what those leaders are that we rely upon, whether that be for planning or operations, and we know how they got there. Much of that is around how we retain and how we employ.”

To help retain that high-end force, Haugh noted that officials are trying to incentive that level of expertise with a bonus structure that rewards advanced skills.

While each of the services have enacted bonus structures to retain their personnel amid competition from the lucrative salaries offered in the private sector, Haugh doesn’t believe just being good in cyber is worth a bonus. Only masters should be eligible.

“We don’t necessarily believe we need to go down a path that everybody that’s in cyber needs [a] bonus. What we should be doing is if you’re great in cyber, you should get a bonus. That’s what we want to reinforce,” he said. “Then the more that we can make that uniform policies across the services, that will get felt by the other elements that also have critical elements of cyber that are integrated in each of their formations.”

The post Cybercom wants more consistent readiness approach across the services appeared first on DefenseScoop.

Following a proposal in last year’s annual defense policy bill that was shut down, legislative provisions passed defense committees in both houses of Congress – and one passed the full House of Representatives – that would direct independent assessments examining the prospect of a new military service focused on cyber.

Congress has also asked the Pentagon to provide its own force-generation study, which has yet to be fully completed, briefed to the secretary of defense and delivered to Congress — much to lawmakers’ chagrin in the past and a big impetus behind the efforts to commission an independent study.

But the head of Cybercom wants to tap the brakes on those outside efforts until the command’s assessment has been completed.

“What I told each of those members of Congress when I spoke with them is just let us finish study one. Let us come tell you about it and then you can make a decision whether or not you need another study,” Gen. Timothy Haugh said Tuesday during a presentation at the annual DAFITC conference in Alabama. “Let’s finish the work you asked us to do. Because there’s one thing I really have learned in the last 10 years of being involved in this [is that] Congress is our partner. They have been the biggest advocate for cyber inside of the Department of Defense.”

Haugh noted that the legislative branch has asked for several studies and pushed new polices over the years in an attempt to advance cyberspace within the DOD, adding that they’ve been impactful and informed major decisions to make digital warriors more capable.

The issue of creating a sixth military service that is focused solely on cyber operations, while not new, has gained steam over the last year as threats have grown, the landscape is becoming more dynamic and readiness issues have plagued the forces that the individual services present to U.S. Cyber Command.

Each of the military services is responsible for providing personnel for a set number of teams to Cybercom, which then employs those forces in operations for the other geographic combatant commands. But detractors believe the services are too siloed in their approaches, leading to incongruent models for presenting forces to Cybercom and personnel maintaining their own service identities, which results in readiness issues, according to skeptics.

That congressionally mandated study — which is known as Section 1533 and was due to Congress June 1 – called for an examination of the current cyber enterprise, requested a look at how the services should man, train and equip for cyber, and inquired if a single military service should be responsible for basic, intermediate and advanced cyber training of the cyber mission force and if the Pentagon should create a separate service.

Previously, the DOD tapped the RAND Corp. to conduct a portion of a review that generated insights regarding challenges and opportunities of force presentation and design, mission essential tasks, civilian-contractor-military mix, training pipelines, talent management, career progression and pay.

Officials previously said alternative models presented in the study informed the Pentagon’s understanding of current and potential future constructs of the cyber forces and that DOD is exploring tradeoffs presented by the various models.

Haugh said they will bring the results of what the study found to the secretary of defense to choose a force-generation model to implement with the aim of optimizing the force.

“As we examine each of these options that are in front of us, we want to inform the secretary with both, here is what you would gain from each model, here’s what it looks like in terms of impacts to the overall department, and here are the impacts to the overall cyber force,” Haugh said.

A number of briefings across DOD have been conducted, Haugh added, saying officials expect to give their force-generation recommendations to the secretary “pretty soon.”

“Based on that, we’ll get guidance and then we’ll go back and talk to Congress,” he said.

Readiness improvements

Despite readiness concerns in the past, Haugh has noted recent improvement in how the services have presented their forces to Cybercom.

Last year, the first time the command was required to conduct a report on readiness levels, it reported to Congress recommendations on personnel polices that it expected to be most impactful if implemented across all the services.

This year’s report, by contrast, said while there are still the same priorities, the services have made progress and there is a commitment to cyberspace across all the services — something each service chief pledged to Congress during their respective confirmation hearings.

Haugh said the most impactful policy — and the one he’d like to see implemented across all the services — deals with incentive pay to retain talented cyber warriors.

“We just want to ensure [the services are] retaining the right numbers, because that’s really a service responsibility. But for me as the combatant commander, I want to be focused on the mastery of our force,” he said. “One of the ways that we can do that is a partnership with the services, so that our incentive pay is really focused on are you advancing in terms of your overall qualification and expertise? We should reward that. If someone’s a master at their work role, that’s what we would like to see rewarded. Proficiency and excellence is what we should be rewarding.”

Haugh pointed out that the Army is leading the way on that effort.

The post Cybercom chief to Congress: Let us finish our study before directing an examination for a Cyber Force appeared first on DefenseScoop.

Hensley, who pinned on his third star prior to the ceremony, was previously the organization’s deputy commander.

The ceremony was presided over by Gen. Ken Wilsbach, commander of Air Combat Command — which 16th Air Force currently sits under — and Gen. Timothy Haugh, commander of U.S. Cyber Command and the inaugural commander of 16th Air Force, with several retired military cyber officials from all the services in attendance.

Hensley takes over from Lt. Gen. Kevin B. Kennedy, who came into the job in summer 2022 and is retiring after over 34 years in uniform.

16th Air Force is the service’s integrated information warfare entity, which encompasses cyber, intelligence, surveillance, reconnaissance, electromagnetic spectrum operations and weather, among others. It serves as the service component to U.S. Cyber Command and the cryptologic component to the National Security Agency conducting signals intelligence.

The organization was created in 2019 to integrate the disparate functions of information warfare across the Air Force, one of the first in a series of reorganizations across the U.S. military to address the growing field of IW and combat similar integrated and reorganized factions of adversary militaries such as China and Russia.

The unit has some unique missions, Wilsbach said. “In fact, there’s some of them that are happening as we speak inside of cyberspace, in the air, with reconnaissance aircraft. And certainly we have analysts, intel analysts, that are looking at collections that we’ve been making over the last few days. They’re doing that right now and they do that seven days a week, 24/7.”

Wilsbach noted that under Kennedy’s leadership, the command established an information warfare operations center to synchronize all the activities associated with information warfare for the air component and combatant commanders and launched something called Project Phoenix that gathers subject matter experts across numerous organizations to improve the way intelligence, cyber and reconnaissance products are delivered.

It has played a critical part in recent operations as the main entity responsible for conducting and planning cyber ops across U.S. European Command, helping harden networks against Russian cyber threats in the midst of the war in Ukraine.

Kennedy “led the longest Cyber Command tenured mission packaging campaign cyber response for Ukraine. They’re doing some amazing work. I can’t tell you about any of it — but amazing work and that’s happening 24/7,” Wilsbach said.

Haugh noted that 16th Air Force supports four separate combatant commands and has played a major role in aiding their efforts:

• European Command: defending networks and supporting Eucom in its efforts to aid Ukraine against “the unlawful invasion by Russia.”
• Strategic Command: defending the highest priority networks within the Department of Defense that relate to nuclear systems.
• Space Command: integrating with the newest combatant command as it grew its headquarters
• Cyber Command: aiding in election security efforts over the last few years to prevent foreign interference.

“Each of those roles take synchronization, it takes time and what it also takes is a really great leadership team,” Haugh said.

One of the issues Hensley will navigate is the elevation of AFCYBER, part of Air Force Secretary Frank Kendall’s sweeping changes to the service as part of a reoptimization plan to better organize the department to fight China, which was first announced in February.

As part of that plan, the Air Force intends to elevate AFCYBER, and while details on that effort have been sparse, it is believed it will be taken out from under Air Combat Command.

“We have some changes that are going to happen with AFCYBER and 16th Air Force that are going to occur in the near future,” Wilsbach said. “If you could pick anybody we would pick [Hensley] to lead us through that transition because he has the expertise and he has the experience too. A lot of joint time, a lot of time overseas, a lot of different missions. So right guy, right time.”

Gen. David Allvin, chief of Staff of the Air Force, told reporters in June that the service is being very meticulous in getting this elevation right.

“We want to make sure we measure twice and cut once because there’s different elements of that with respect to where the manpower belongs and … comes from different sources,” he said.   

The post New commander takes charge of Air Force’s information warfare unit appeared first on DefenseScoop.

As initially designed, each service provides a set number of offensive, defensive and support teams — known as the cyber mission force — to Cybercom, which employs them in operations. However, despite the cyber mission force’s joint design from the start, those branches have their own unique service cultures and ways of organizing their forces. These dissimilarities led to readiness issues of the teams, drawing concern from Congress, due to the frequent rotating nature of forces that cycle through joint cyber roles and then return to their individual services, which can come at an expense to taxpayers due to the costs and long duration of training it takes for some roles, according to the Government Accountability Office.

Congress in fiscal 2024 provided Cybercom with service-like authorities called enhanced budget control that now afford the command oversight of the offensive and defensive budgets for the cyber mission force, acquisition authority, capability integration authority and training, among others.

Fully realized in March, the command says it’s making progress on addressing readiness concerns and force generation of the service contributions to the cyber mission force.

“We’ve now been able to make readiness advancements that have really been driven by our partnership with services. But it’s based off of the fact that we now have a set of authorities and we’re collaborating as a service-like organization. That has been really powerful and we’re really pleased with the progress that we’re making,” Gen. Timothy Haugh, commander of Cybercom, said at a dinner Tuesday hosted by the Intelligence and National Security Alliance.

“I’m required to send a report back to Congress. It’s a report on services’ ability to meet the readiness requirements of U.S. Cyber Command. This is an area that’s evolved over time. But what we’ve really seen since we’ve done this report is a collaboration with the services,” he added.

The prior commander of Cybercom had openly suggested the need for congressional assistance in aiding the command to address readiness concerns.

One of the most concrete examples of changes these new authorities provide is related to training. Haugh noted that fiscal 2024 was the first full budget Cybercom was able to produce. As part of that development, they now have the authority and funds to direct training.

“We were able to put a significant amount of money into advanced training whereas before that would have been a request to a service, ‘Could each of you grow the training budget that would make our force better?’” he said. “Now, that’s a responsibility to do at Cyber Command and we could commit our resources to focus on growing the mastery of our force. Already seen benefits from that.”

Haugh advocated for the passage of these authorities during his confirmation hearing last July, noting they will be critical in addressing readiness.

“With those authorities it allows Cyber Command to set the investment in our training infrastructure, in our training courses and allows the services to focus on recruiting, initial skills training aligned to our standard, and then to leverage the retention capabilities that Congress has given to the services,” Haugh told senators at the time. “Those are areas now that really change the dynamic of how we will approach cyber readiness, if confirmed.”

Other examples of changes Haugh offered were mostly driven through the services. Those include:

• An Army program that provides advanced cyber pay based on qualifications.
• The Air Force reestablishing warrant officers for the first time in over 50 years, with the first warrants being in cyber and IT fields. Haugh noted “that’s an example of a service that has now invested in ways that are going to help our workforce.”
• The Navy crating a cyber “rating,” or work role in summer 2023 dedicated to cyber for the first time, something the service was forced into doing by Congress due to significant readiness challenges associated with its cyber mission force contributions.

Haugh said that while he is pleased with progress, he’d like to see each service implement the ideas of the other services.

During their confirmation hearings, which all took place just months apart last year, each current service chief was asked about and addressed concerns from Congress regarding cyber mission force readiness, pledging to take steps to remedy concerns.

Cyber Force v. Cybercom 2.0

Pertinent to the discussion of addressing readiness and the realization of new authorities for Cybercom is the looming prospect of a new military service dedicated solely to cyber, on par with the Army, Navy, Air Force, Marine Corps and Space Force.

Proponents believe a separate service is the only way to address manpower issues along with a host of other perceived problems with the current structure of cyber forces and operations.

When asked about a proposed Cyber Force Tuesday, Haugh said his responsibility was building the best version of Cybercom that he can.

He has inherited an initiative that began under his predecessor dubbed Cybercom 2.0, an effort aimed at examining what the future of the command and cyber force looks like.

“As we look at Cyber Command 2.0, it’s really to take us to the next step. We’ve existed as a combatant command for six years. We really built this force 10 years ago. We’re really built off of the challenges that we faced between 2014 and 2018,” Haugh said. “What does Cyber Command need to look like in 10 years going forward and how to structure that force and how to regenerate that force?”

The effort is essentially a project to combine five or six reports requested by Congress to examine various aspects and structures of the command to include how it builds its warfighting architecture and how its various headquarters are structured.

But the biggest aspect is a force generation study, known as the Section 1533 study from the fiscal 2023 annual defense policy bill.

“What the law asked us to look at was our current model, which is how we were structured in FY ’23, so before we received all of our enhanced budget control,” Haugh said. “That was one bumper of the study, is the far left is what we’re currently doing, the far right was to evaluate whether or not we should have a cyber service, and the middle was some hybrid in between to allow the department to be more effective.”

He noted that part of that study has been completed and officials must now update the secretary of defense.

This so-called force structure assessment was due to the secretary of defense June 1. A DOD spokesperson previously said the department tapped the RAND Corp. to study the issue.

“This is our opportunity to go in with [the assistant secretary of defense for cyber policy] and have a conversation with the DepSecDef and the SecDef about what that vision looks like. It’s all going to come back to how do we ensure that we got the force we need? How to regenerate that force within the department? How do we equip that force and really do it at speed and scale? Then how do we leverage technology?” Haugh said. “We have all the pieces, it’s now an opportunity for us to be able to go to the department and say, ‘This is what we think we need to do,’ and then really be able to get guidance from the secretary.”

The post Following new authorities, Cybercom says it’s making progress on correcting readiness appeared first on DefenseScoop.

“We created an AI Task Force and what the decision that we made is we put it inside of our largest operational organization. It’s inside the Cyber National Mission Force. [Commander] Maj. Gen. Lorna Mahlock has that team of expertise as a tool that when she’s got a hard problem, she can use that task force as one of the solutions,” Gen. Timothy Haugh, commander of Cybercom and director of the National Security Agency, said at a dinner hosted by the Intelligence and National Security Alliance Tuesday.

The Cyber National Mission Force is a sub-unified command under Cybercom made up of 39 joint teams and thought to have the DOD’s most talented cyber operators aligned in task forces organized against specific threat actors, with the core mission of defending the nation against digital threats.

The AI Task Force was created as part of congressional direction in the fiscal 2023 annual defense policy bill, which required the command — along with the Department of Defense chief information officer in coordination with the chief digital and artificial intelligence officer, director of the Defense Advanced Research Projects Agency, director of the NSA and the undersecretary of defense for research and engineering — to jointly develop a five-year guide and implementation plan for rapidly adopting and acquiring AI systems, applications, supporting data and data management processes for cyber operations forces.

Haugh said they briefed their roadmap to Congress and the task force was created to accelerate that plan.

He has previously described three outcomes the task force will be focused on:

• Delivering AI capabilities for operations by the cyber mission force — the offensive and defensive teams each service provides to Cybercom to conduct cyber ops — and integrating the task force more closely with operations.
• Posturing the command to enable AI adoption by addressing materiel issues such as policy and standards that will be critical for responsible, ethical, assured and secure AI application.
• Countering AI threats.

The organization is part of an integrated approach to addressing artificial intelligence between Cybercom and the NSA.

The goal is for that task force and roadmap to help provide lessons for AI’s application across DOD.

“The collaboration that’s going on between NSA and Cyber Command really allows us to build a community to practice that we’re both learning together,” Haugh said. “We’ll also look to how we share compute resources and things like that, to really allow us to scale and then do so faster. I think those opportunities for us, we really can be unique in the department with our workforce and with the way that we apply both our experience in AI /ML — certainly NSA has done that for decades.”

The post Cybercom’s AI task force housed within its elite cyber unit appeared first on DefenseScoop.

“We have to make sure that we don’t get anchored in the initial lessons from Russia-Ukraine. This has been an evolving conflict,” Gen. Timothy Haugh, commander of U.S. Cyber Command and director of the National Security Agency, said Wednesday at the AI expo hosted by the Special Competitive Studies Project.

Despite Russia’s perceived prowess in the digital domain as one of the most sophisticated cyber actors in the world, and the ongoing conflagration being dubbed by many outside observers as the first real and large-scale cyber war, these types of capabilities played a small role in the early days of the fighting.

Experts attribute this to multiple factors such as the defensive work Ukraine did ahead of the invasion to prep its networks against attacks — for which the U.S. military played a large role — and Russia’s overall poor military planning. Many stated that Russia assumed it would be able to march into Ukraine and take over the country with little resistance, prompting little to no integrated military planning, which has partially led to the war’s protracted nature.

As the conflict has dragged on, the U.S. must be paying attention to how Russia is using its digital capabilities.

“We now need to watch how the conflict has continued to evolve. Areas that I think we need to really understand is how Russia has evolved in using their cyber forces. I think it’s one we’re watching closely and in many ways want to ensure that we take away the right lessons of how they’ve applied their cyber forces as it’s evolved,” Haugh said. “I think what we will increasingly see is an understanding of how cyber has participated and given them increasing intelligence insights.”

Haugh told a House subcommittee panel last month that one of the other areas he’s watching closely is how Moscow is using its cyber forces from an intelligence aspect versus cyber effects. As Cybercom continues to monitor this, officials will work to inform their colleagues at U.S. European Command as well.

The conflict overall has prompted the U.S. to reevaluate some preconceived notions about cyber in hostilities, which have made their way into the Department of Defense’s updated cyber strategy that was released in September 2023.

“Cyber has an important role to play in conflict, it’s just not the role that I think we expected it to play at the outset of Russia-Ukraine. But we do expect cyber to play a significant role in a conflict, but it would not be a cyber by itself,” Mieke Eoyang, deputy assistant secretary of defense for cyber policy, told reporters last year. “One of the things that we have learned here is that the kinetic conflict is different than what we expected cyber to do on its own.”

The other main takeaway was that cyber must be integrated from the start, something Russia failed to do.

The 2023 DOD cyber strategy “draws on lessons learned from Russia’s 2022 further invasion of Ukraine, which has prompted a global reconsideration of the role of cyber in conventional conflict. These events reaffirmed that war-time cyberspace operations are best understood as a complement to conventional missions rather than as a decisive standalone capability,” Ashley Manning, acting assistant secretary of defense for cyber policy, wrote in congressional testimony in April.

“Russia’s cyber operations in the war in Ukraine are largely consistent with the strategic miscalculations we have observed with Russia’s kinetic forces. The Department does not consider this to be proof of the weakness of Russia’s cyber arsenal or a failure of cyber as a tool in warfare. Rather, we assess that it is a reflection of the challenges of integrating multi-domain operations and Ukraine’s resilience, which has been reinforced by strong support from the international community and private sector partners,” she added.

The U.S. military has sought to improve cyber planning and integration into operations over the last seven years. Traditionally, it had been bolted onto plans at the end, not integrated from the start. Around 2017, Cybercom created what are called Cyber Operations-Integrated Planning Elements, a cadre of experts from Cybercom that are embedded within the staff sections of each combatant command to provide insights into how cyber capabilities can be incorporated into their battle plans.

Haugh explained at Cybercom’s legal conference in April that those teams have grown over time, with the smallest having 35 cyber experts and others having upwards of 50.

“That allows us to integrate every single day with every combatant command across the globe and with U.S. Cyber Command being invested in their outcomes and being able to deliver cyber as part of how they campaign and how they think about integrated deterrence,” he said.

The post Cybercom chief warns against taking lessons too early from Russia-Ukraine conflict appeared first on DefenseScoop.