ABSTRACT: Recent debates about the organizational relationship between Cyber Command and the NSA stress political issues over force employment. This article focuses on the latter, making the case that Cyber Command should be split from the NSA, because nations that marshal and mobilize their cyber power and integrate it into strategy and doctrine will ensure significant national security advantage. Cyber Command provides the best route for developing the tactics, techniques, and procedures necessary for achieving these goals. ********** For twenty years, members of the United States' national security community, including readers of this journal, have debated the potential tactical, operational, and strategic effects of cyber components and capabilities. (1) Recently, these discussions have become intertwined with arguments about the organizational relationships as well as the Title 10 (traditional military) and Title 50 (intelligence and covert) authorities that exist under the Unified Command Plan. Because of this expanding controversy, there is a growing chorus calling for a split between the National Security Agency (NSA) and US Cyber Command. These debates are important. Yet they subsume the pivotal issue --how cyber components and capabilities will affect US national security--beneath more transient legal and political issues generated in the wake of Edward Snowden. Furthermore, past and current debates often overlook a basic truth: battlefield outcomes and strategic effects are the product of actual force employment, not theoretical arguments or proving-ground tests. Cyber Command should be cleaved from NSA, but not for reasons of political expediency. Cyber Command should be split from NSA because the United States needs an organizational arrangement that provides for the development and normalization of Title 10 and Title 50 cyber capabilities, while maintaining a focus on how such will affect the use of military force and US national security. Cyber Command should be split from the NSA because nations that marshal and mobilize their cyber power and integrate it into strategy and doctrine will ensure significant national security advantage, and Cyber Command currently provides the best route for achieving such. (2) Cyber Command should be removed from under US Strategic Command and established as a unified combatant command. That action represents the most effective means for developing and maturing the tactics, techniques, and procedures that will allow US cyber components and capabilities to be employed for military purposes and to generate strategic effects. Currently, there are two primary reasons why the establishment of a unified combatant command presents a better solution than tasking existing branch and service structures. First, speed is of the essence. Tasking an existing branch or service, or even establishing a new service, would open up organizational and bureaucratic rivalries likely to slow (if not cripple) the development of cyber components and capabilities. Second, in the near term, Title 10 and Title 50 concerns, vagueness in the cyber rules of engagement, concerns about political blowback, and fears that US cyber weapons could be reverse engineered and used against the United States, all highlight the importance of an organizational solution that synchronizes and deconflicts activities across the whole of government. In short, the United States needs a combatant command that can do two things: (1) craft the tactical, operational, and strategic cyber capabilities US national security will need in the decades to come; and, (2) oversee their application, integration, and execution. Cyber Command is the best choice and now is the time to act. Operationalizing Cyber When Cyber Command was established in 2009, it made sense that it be stood up as a sub-unified command under Strategic Command. Until recently the line between computer network attacks and computer network exploits was chiefly one of intent (i. …
Read full abstract