Cyber security is one of the most important topics on the agenda of any Government and it will be one of the most debated arguments at the next G7 summit that will be held in Italy next year.
I’m currently working with the Cyber G7 Group and I have the opportunity to analyze the approach to the matter of various states and to promote new initiatives aiming to harmonize the cyber-security approach “of governments” by encouraging the cooperation and avoiding situations of conflict.
Last week, President Obama moved to end the controversial dual-hat arrangement under which the National Security Agency and the U.S. Cyber Command (Cybercom) are headed by the same military officer.
The decision is really important and highlights the strategic importance of the mission assigned to the U.S. Cyber Command. According to a transition official quoted by the Washington Post who spoke on the condition of anonymity, cybersecurity is one of the most important issues in the US Security Strategy.
“cybersecurity has been and will be a central focus of the transition effort.” said the official.
The NSA and the U.S. Cyber Command have fundamentally different missions, for this reason, it is essential to separate their control.
Let’s remind that the mission of the U.S. Cyber Command is to disrupt and destroy enemies infrastructures and to defend the US against incoming cyber threats.
The documents leaked by Snowden clarify the mission of the NSA that is more focused on intelligence operations on adversaries and foreign governments.
U.S. Cyber Command has grown over time, its mission has become even clearer with increasing awareness of the cyber threat. Since the Stuxnet against the Natanz nuclear plant, something has changed permanently and dual-hat arrangement is considered no more effective for the US cyber strategy.
“While the dual-hat arrangement was once appropriate in order to enable a fledgling Cybercom to leverage NSA’s advanced capabilities and expertise, Cybercom has since matured.” to the point where it needs its own leader, Obama said in a statement accompanying his signing of the 2017 defense authorization bill.
Obama believes that the Cybercom urges its own leader, he confirmed it in a statement accompanying his signing of the 2017 defense authorization bill.
“The two organizations should have separate leaders who are able to devote themselves to each organization’s respective mission and responsibilities, but should continue to leverage the shared capabilities and synergies developed under the dual-hat arrangement,” Obama wrote about the dual-hat arrangement.
The Obama decision to separate the heads of the two organizations was supported by the Defense Secretary Ashton B. Carter and Director of National Intelligence James R. Clapper Jr.,
The idea of separating the heads of the two organizations is not new, President Obama proposed it back in 2013.
“Obama had been on the verge of ending the dual-hat leadership in late 2013 but was persuaded to hold off when senior officials, including the NSA’s director at the time, Army Gen. Keith B. Alexander, argued that the two agencies needed one leader to ensure that the NSA did not withhold resources from Cybercom.” wrote The Washington Post.
A presidential review commission the end of the dual-hat arrangement and suggest the assignment of the NSA direction to a civilian and not to a military official.
The bill that Obama signed bars the splitting of the leadership role until the defense secretary and the chairman of the Joint Chiefs of Staff jointly certify that to do so would not diminish Cybercom’s effectiveness.
“The Congress . . . should not place unnecessary and bureaucratic administrative burdens and conditions on ending the dual-hat arrangement at a time when the speed and nature of cyber threats requires agility in making decisions about how best to organize and manage the nation’s cyber capabilities,” added Obama.
The transition will not be instantaneous, the Pentagon and the Office of the Director of National Intelligence have planned a period during which the NSA can continue to “provide vital operational support” to Cybercom.
(Security Affairs – US Government, dual-hat arrangement)