Plans To Divide US Cyber Command And The NSA

Uploaded on 2020-12-23 in INTELLIGENCE--USA, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

A Pentagon proposal to put the US’s top cyber spy agency under civilian leadership has generated complaints from lawmakers who say the idea is badly timed and against the law.

Outgoing Pentagon officials appointed by President Trump have sent a proposal to the Joint Chiefs of Staff to divide the leadership of the National Security Agency and US Cyber Command.  This would reshape defense policy by a handful of key political officials who are in acting roles in the Pentagon after Donald Trump lost his re-election bid.

A US official has confirmed that Joint Chiefs Chairman Gen. Mark Milley and Acting Defense Secretary Chris Miller have received the proposal.  With Miller expected to sign off on the move, the fate of the proposal ultimately falls to Milley, who said to Congress in 2019 that the combined leadership structure was working and should be kept in place. The post of NSA director and Cybercom commander are held by one person, currently, Gen. Paul Nakasone, in a "dual-hat" arrangement.

Cyber security and national security policy leaders have debated how and when to split that job into two positions for several years. 

The Cyber Command proposal arrives at the same time as enormous cyber hacking attacks have hit a number of federal agencies. Investigators are still working to understand what data may have been taken or compromised. Although Secretary of State Mike Pompeo has publicly linked the attack to Russia, Trump said the attacks came from China. 

White House officials had drafted a statement assigning blame to Russia for the attack and were preparing to release it but were told to stand down, according to people familiar with the plans. 

Many current and former officials say the partnership between the two spy entities is vital to sharing intelligence and resources, but critics have said the arrangement can lead to bureaucratic headaches. Some officials also say the two agencies have dueling missions that are in conflict with one another because Cyber Command focuses on offensive operations while the NSA’s chief goal is intelligence collection. Some supporters of separation think that the two agencies are simply too critical and vast for one leader to manage.

The move may be a signal that Trump might remove Nakasone as the leader of one or either agency amid frustration over the handling of the recent cyber attack, according to some officials speaking on the condition of anonymity because they were not authorised to speak publicly. 

An administration official defended the recent spate of changes during the transition. Supporters of the split argue that keeping the two organisations under dual-leadership creates inefficiencies. Should Milley and Miller make the necessary certifications to Congress, the practical implications of the move are thought to be neither immediate nor irreversible. 

CNN:          Defense One:       Wall Street Journal

You Might Also Read:

The Emerging Domain Of  Cyber War:

 

 

« How To Optimize The DevSecOps Pipeline
You Should Prepare Your Organization For A DDoS Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

GSMA - IoT Security Guidelines

GSMA - IoT Security Guidelines

GSMA has created a set of security guidelines for the benefit of service providers who are looking to develop new IoT products and services.

RedLock

RedLock

The RedLock Cloud 360TM platform correlates disparate security data sets to provide a unified view of risks across fragmented cloud environments.

Telecommunications & Digital Government Regulatory Authority (TDRA) - UAE

Telecommunications & Digital Government Regulatory Authority (TDRA) - UAE

TDRA focuses on regulating the telecommunications sector and enabling government entities in the field of smart transformation. It is responsible for the overall digital infrastructure in the UAE.

Ashley Page

Ashley Page

Ashley Page offer a unique cyber insurance and risk management solution - Cyber+Insure.

Huntress Labs

Huntress Labs

Huntress provides managed threat detection and response services to uncover and address malicious footholds that slip past your preventive defenses.

Cobalt Iron

Cobalt Iron

Cobalt Iron is a global leader in SaaS-based enterprise backup and data protection technology.

Aujus Cybersecurity

Aujus Cybersecurity

Aujas is a pure-play cyber security services company with deep expertise in Identity and Access Management, Managed Security and Security Testing services.

TechDemocracy

TechDemocracy

TechDemocracy are a trusted, global cyber risk assurance solutions provider whose DNA is rooted in cyber advisory, managed and implementation services.

Risk Strategies

Risk Strategies

Risk Strategies is a leading specialty risk management consultancy and insurance broker offering smarter, practical approaches to risk mitigation including Cyber Liability insurance.

Rhymetec

Rhymetec

Rhymetec are an industry leader in cloud security, providing innovative cybersecurity and data privacy services to the modern-day SaaS business.

Tidal Cyber

Tidal Cyber

We formed Tidal for one simple reason—we believe that defenders need and deserve tools and services that make achieving the benefits of threat-informed defense practical and sustainable.

All About Cookies

All About Cookies

All About Cookies is an informational website that provides tips, advice, and recommendations to help you with Online Privacy, Identity Theft Prevention, Antivirus Protection, and Digital Security.

AI Safety Institute (AISI)

AI Safety Institute (AISI)

The AI Safety Institute’s mission is to minimise surprise to the UK and humanity from rapid and unexpected advances in AI.

Xantaro

Xantaro

Xantaro specializes in technologies, software and services for Carriers, ISPs, Hosting and Cloud Providers as well as for Operators of Data Centres and Campus Networks.

INT3L

INT3L

The INT3L group (formerly Defentek) is a provider of national security and intelligence solutions, systems and services.

Dialog Enterprise

Dialog Enterprise

Dialog Enterprise is the corporate ICT solutions arm of Dialog Axiata, Sri Lanka’s leading connectivity provider.