Cyber Commander: No to Separate Cyber Service
By RICHARD R. BURGESS, Managing Editor
ARLINGTON, Va. — The commander of U.S. Cyber Command said he is not in favor of a separate cyber service, citing the need not only for technical proficiency in the military’s cyber warriors but also for a deep understanding of the broader context of military operations.
“I’m not a proponent of the idea of a separate cyber force or service,” Adm. Michael S. Rogers, commander, U.S. Cyber Command and director of the National Security Agency (NSA), testified May 9 before the Senate Armed Services Committee. “In my experience, to be successful in cyber you not only need to understand the technical aspects of this but you need to understand the broader context in which cyber evolutions occur.
“Somewhere in the world there is a man or woman sitting at a keyboard directing an operation. If we went with a service-unique approach to this, we would generate a force that was incredibly proficient, but not necessarily deep in understanding of the broader context. Using a service-based model is a stronger way to go about doing this,” he said.
Rogers said his command is “completing build-out of the cyber mission force, with all teams scheduled to be fully operational by the end of fiscal year ‘18. With the help of the services, we are continually increasing the cyber mission force’s readiness to hold targets at risk.”
Rogers said he supported the provision of the National Defense Authorization Act’s provision to split U.S. Cyber Command from the National Security Agency and to elevate Cyber Command to unified combatant command status “once that can happen without impairing either organization’s effectiveness. This is another provision that I have publicly stated that I support pending the attainment of certain critical conditions. This would include increasing our cyber manpower, increasing the professionalism of the cyber workforce, building capacity, and developing and streamlining acquisition processes.
“We’ve identified the steps within the department that we would need to take to elevate to a combatant command,” he said. “I’m confident we could do this in a very short period. We need to shift current responsibilities from STRATCOM [U.S. Strategic Command] down to us. We need to make changes to the Unified Command Plan. We’ve identified investments in manpower as well. There would be an advantage somewhat to having two separate organizations. While the information would be shared in a different manner, the sharing of that information could continue on, but the activities of the two would be different.
“The right answer in the long term is to separate the two [Cyber Command and NSA],” he said. “They’ll still remain closely aligned because Cyber Command and NSA will continue to work in the same battlespace in many ways. It will still be a unique relationship, but in the long run I think it’s the right thing to do.”
Rogers said he saw progress in the cyber defense of the nation.
“I’ve seen the growth in the command’s size, budget and missions,” he said. “That investment of resources, time and effort is paying off, but, more importantly, it’s helping to keeping Americans safer, not only in cyberspace but other domains as well.
“One of my challenges now, if information is now truly going to become a weapon in many ways, is how are we going to optimize ourselves to deal with this world?” he asked rhetorically. “If you go back to the Cold War, we had extensive infrastructure, extensive expertise. As the Soviet Union collapsed, we decided perhaps that expertise isn’t required. We did away with many of the institutions, many of the individuals who had the skill sets are no longer with us. I think we need to step back and reassess that.”
Rogers pointed out that “between NSA and Cyber Command we have relationships right now with over 200 academic institutions around the United States because that’s in part the future workforce for us — although, one thing I try to highlight is, be leery of creating a cyber force where everyone is ‘cookie-cutters.’ We need to get a broad range of skills and experience, and some people are really good at this and they won’t necessarily have advanced education, but they’ve spent much of their personal life in this, so we’ve got to build a construct where we can get that full spectrum of capability.”
But Rogers said he was “leery of creating a cyber force that is predominantly civilian. No disrespect to my civilian teammates. But we want that warrior ethos and culture. Secondly, in the law of armed conflict there are things legally that a uniformed military member of a nation state can do that a civilian cannot. The right construct for us is to bring the total spectrum — active, Guard, Reserve, contractor, civilian, private sector — it’s our ability to bring it all together, not one single slice.”