Since Cybercom was created a decade ago, it has been co-located with NSA at Fort Meade, Maryland, and shared a leader. At the time, this made sense to help the nascent command grow, relying on the personnel, expertise and infrastructure of the high-tech intelligence agency. The arrangement was initially expected to be temporary.

Severing the dual-hat has been one of the most hotly contested issues in cyber policy. Proponents believe the military can benefit from the unique intelligence insights and resources of NSA, leading to faster decision-making and operational outcomes. Opponents argue the roles of NSA director and Cybercom commander are too powerful for one person to hold and relying on the intelligence community’s tools — which are meant to stay undetected — for military activities poses risks to such espionage activity.

At the end of the first Trump administration, officials made a last ditch effort to sever the dual-hat, but it ultimately was not brought to fruition. Press reports prior to Trump’s inauguration for his second term indicated the administration wanted to end the dual-hat relationship.

There “is renewed speculation about the separation of the ‘dual-hat’ relationship between Cybecom and NSA, a construct that proves its value to our national security every minute of every day. This issue has been studied exhaustively but somehow there are still those who believe they know better,” Rep. Don Bacon, R-Neb., chairman of the House Armed Services Subcommittee on Cyber, Innovative Technologies and Information Systems, said in opening remarks during a hearing Friday. “I’ve spoken to my colleagues on this panel and our friends in the Senate, and on a bipartisan and bicameral basis, the Armed Services Committees are strongly opposed to ending the dual-hat relationship. I want to take this opportunity to make very clear to the Department’s leadership that if they believe they have allies on this issue who sit on the Pentagon’s congressional oversight panels, they do not.” 

Following the firing of Cybercom commander Gen. Timothy Haugh at the beginning of April, there was a feeling that the dismissal prepped the ground to split the dual-hat by nominating a civilian to lead NSA and a military officer to lead the command.

Bacon’s sentiment was shared by the subcommittee’s ranking member, Rep. Ro Khanna, D-Calif., on Friday.

“Let me reaffirm what you said about keeping our Cyber Command and NSA together. That is a bipartisan position, that is a position that we have discussed many times now, and people on this side of the aisle support you in that. It’s bicameral, it’s bipartisan. And you know, I just want to make that clear, because it keeps coming up and … because the support in the Congress is very strong for keeping the — those two departments together,” Khanna said at the hearing.

The issue was addressed on the Senate side over a month ago as well, with Sen. Mike Rounds, R-S.D., voicing support for the current arrangement.

“In wake of the various persistent cyber threats originating from the People’s Republic of China over the last two years, it is my firm conclusion that the importance of the dual-hat is as important today as it has ever been,” Rounds, chairman of the panel’s Cybersecurity Subcommittee, said during an April 9 hearing.

At that hearing, Lt. Gen. William Hartman, acting commander of Cybercom and director of NSA, told Rounds that the relationship between the two organizations allows the command to see what the adversary is doing.

“From my standpoint and senator, I’ve been sitting on the campus of the National Security Agency and Cybercom for most of the last 15 years. I’ve continued to see this partnership evolve. And our ability to execute increasingly more precise operations is fundamentally because the dual-hat allows me, in my current capacity, to move with the speed and agility and unity of effort that is required,” he said. “But it also forces leaders across the organization to collaborate, to do the hard work and to provide the best options for the national security of the country. That’s what I believe is the importance of the dual-hat, and that is really where I believe we’ve evolved.”

Concerned with the prospect of a premature split, in which Cybercom would not be ready to stand on its own, Congress has previously issued a prohibition on a breakup in leadership until certain metrics are met. They include, among others, that each organization have robust command-and-control systems for planning, deconflicting and executing military cyber operations and national intelligence operations — as well as ensuring tools and weapons used in cyber ops are sufficient for achieving required effects and that Cyber Command can acquire or develop these tools, weapons and accesses.

Gen. Dan Caine, chairman of the Joint Chiefs of Staff, told lawmakers at his confirmation hearing for the role in April that he believes the dual-hat should be maintained, agreeing with the findings of a 2022 study that found the role should be strengthened as well.

“The Dual-Hat arrangement provides the ability to look across both organizations and has empowered both USCYBERCOM and NSA to fulfill their missions better than each could do alone. It promotes agility and enables intelligence to be operationalized rapidly,” he wrote in response to advance policy questions from senators. “It also facilitates relationships with key foreign allies and partners in part because the corresponding foreign organizations with signals intelligence (SIGINT) and cyber operations missions are fully integrated, operating under a Dual-Hat leadership structure. The span of control, does however, place a burden on one leader.”

Ahead of his own confirmation hearing in January, Secretary of Defense Pete Hegseth wrote to senators that he would “bring these debates to conclusion, consult with Congress, and make final recommendation for the way ahead.”

The post Members of Congress vow not to split Cyber Command, NSA appeared first on DefenseScoop.

The so-called dual-hat arrangement is one of the most hotly debated within the cyber world. Since Cybercom was created a decade ago, it has been co-located with NSA at Fort Meade, Maryland and shared a leader. At the time, this made sense to help the command grow, relying on the personnel, expertise and infrastructure of the NSA. The arrangement was always thought to be temporary, however, with proponents saying the military can benefit from the unique intelligence insights and resources of NSA, leading to faster decision-making and operational outcomes. Opponents argue the roles are too powerful for one person to hold and relying on the intelligence community’s tools — which are meant to stay undetected — for military activities poses risks to such espionage activity.

But as time has gone on, there seems to be recognition among some policymakers that the current arrangement is a net positive for national security.

“I’ve been one of the staunchest opponents of changing the dual-hat relationship. I continue to support the current dual-hat arrangement,” Rep. Jim Langevin, D-R.I., told DefenseScoop in an interview. “As I look at the relationship between Cyber Command and NSA, I don’t see a problem that is solved by splitting the dual hat. In fact, I think the dual-hat arrangement benefits both organizations and provides the infrastructure and expertise that helps both Cyber Command and NSA achieve success in their individual missions.”

Langevin, who chairs the House Armed Services Subcommittee on Cyber, Innovative Technologies, and Information Systems and is retiring this year, noted that he does not see the benefit of splitting the two organizations.

On the Senate side, another key lawmaker has voiced support for the synergies the two organizations foster.

“I personally am in favor of that. I was not to begin with. But after looking at this now for four years, I think if you did not have a dual-hat arrangement, similar to what Gen. Nakasone works in today, it means you would have two separate bureaucracies who would clash on a daily basis about the use of the tools, about the coordination of efforts, about the protection of their own silos,” Sen. Mike Rounds, R-S.D., ranking member of the Senate Armed Services Subcommittee on Cybersecurity, told DefenseScoop on the sidelines of the Politico Defense Summit Wednesday. “I think you have to have a person on top who can call balls and strikes between the two separate organizations.”

Rounds had previously said that this relationship fosters greater speed within the government to close cyber gaps in a highly dynamic environment.

“They have demonstrated that the dual-hat relationship of Cybercom and NSA has facilitated effective use of intelligence and cyber operations, both in support of military operations and the defense of the entire nation,” Rounds said during a panel discussion at the annual AUSA conference in October. “This [has] broken down stovepipes between the two organizations that now allow operations to be more effective and to be executed in a timely manner. And I can’t overestimate how critical it is that we recognize the need for speed when it comes to dealing with our adversaries.”

These sentiments have also been shared by the current director of NSA and commander of Cybercom, Gen. Paul Nakasone.

“My best military advice as it was when I first came to the job and after three-plus years in it, is the fact that through elections, through problems with Iran, through ransomware and now with Russia-Ukraine, what the dual hat has allowed us to do is been able to take and be able to focus efforts from the National Security Agency and U.S. Cyber Command on very, very difficult problems: influence, ransomware, strategic competition, in one domain, in cyberspace,” he told the House Armed Services Committee in March, noting that ultimately this is a policy decision. “We both operate there and being able to have action, being able to unity effort and being able to have agility is what the dual [hat] has been able to allow me to do over the past three-plus years.”

Several years ago, in response to rumors a split was imminent, lawmakers felt such a decision was premature and Cyber Command was not ready to stand alone. As such, Congress outlined a series of metrics for the Pentagon to meet in the fiscal 2016 National Defense Authorization Act. Those metrics were then tweaked in the 2017 policy bill adding more restrictions necessary to split the dual hat. They included that each organization have robust command-and-control systems for planning, deconflicting and executing military cyber operations and national intelligence operations — as well as ensuring tools and weapons used in cyber ops are sufficient for achieving required effects. It also sought to ensure that Cybercom can acquire or develop these tools, weapons and accesses.

Nakasone told Congress earlier this year that his organizations are still working toward that.

Rounds noted that he is in favor of maintaining the current dual-hat relationship, adding that opponents might say it would depend on the person at the top — meaning if the head of both organizations is someone that can’t handle both roles, then it would be problematic.

“My only response is, is that if you can’t then you’re going to end up with … [multiple] individuals who will have to sit down and work it out rather than one individual calling balls and strikes,” he said. “You want a committee doing this and with all the delays that go into a committee discussion, or do you want an individual respected and find the right individual who can be respected by both organizations and move in a more timely fashion?”

Langevin noted that splitting the roles could make things cumbersome and prevent the cyber mission force from being able to operate with the agility it needs.

Moreover, he said he is optimistic the ongoing review by the Director of National Intelligence and the Secretary of Defense, reported earlier this year, will come to the same conclusion as him that this arrangement should remain in place. 

The Record reported that former chairman of the Joint Chiefs of Staff Joseph Dunford is leading an intergovernmental group to examine the dual-hat arrangement and make a recommendation to the Biden administration.

The post Key lawmakers in favor of keeping ‘dual hat’ arrangement between Cybercom and NSA appeared first on DefenseScoop.