Under a new plan put in place late last year, the head of U.S. Cyber Command received expanded authorities, but Fifth Domain has learned Congress and the Department of Defense have considered further extending those powers.
The discussion, which included members of the Joint Staff, comes as Cyber Command is expected to become a full combatant command.
While Cyber Command is often thought of as replicating the constructs of Special Operations Command, the commander of USCYBERCOM — unlike the commander of SOCOM — did not possess the authority to move cyber forces around the globe.
Instead, the commander of SOCOM can move special operations forces around the world based on demands and particular theaters. With its global reach and small staff cells located at each geographic combatant command, SOCOM can be much more flexible to respond to threats around the world.
One of the advantages of these cells — theater special operations commands (TSOC) — is they are small and tend to have a strong understanding of what’s going on from a global and transregional level, Peter Haynes, senior fellow at the Center for Strategic and Budgetary Assessment, told Fifth Domain. With this understanding, they can act as a connective tissue between seams in geographic regions and anticipate which threats may need more resources.
Leaders in Congress and at the Pentagon have examined replicating this authority for Cyber Command.
“It’s definitely in the dialogue,” a House aide said. The aide added that there’s a conversation occurring within the Joint Staff as far as incorporating these authorities within the boundaries of the national defense strategy. It is not immediately clear if those authorities already have been approved.
Adm. Michael Rogers, commander of Cyber Command, in both written and oral testimony before the Senate Armed Services Committee Feb. 27, made reference to new authorities as part of the updated unified command plan. That plan, which was approved by the president in November, defines scopes and authorities of the geographic and functional combatant commands as well as investments in manpower.
This new plan “gave USCYBERCOM new duties in keeping with Congress’ intent to make it something of a hybrid Command along the general lines of U.S. Special Operations Command.” It also made USCYBERCOM responsible for the planning and execution of global cyberspace operations.
“In supporting Joint Force commanders, USCYBERCOM is working to synchronize the planning and operations of cyber forces as ‘high-demand/low density’ assets. Two secretaries of defense have now endorsed this change in how our cyberspace assets are managed,” Rogers wrote in prepared testimony.
The construct provides USCYBERCOM authority to balance risk across the joint force and focusing resources where they are needed. It also enables the force to deter and preempt cyber threats, Rogers wrote, adding they are building these concepts in to USCYBERCOM’s operational and contingency plans.
A DoD spokeswoman wrote to Fifth Domain in an email that the elevation of USCYBERCOM consolidates the mission to direct, synchronize and coordinate cyber planning and operations under a single commander, establishing a direct path between the command and secretary of defense for “inherently time-sensitive cyber operations.”
The House aide noted that while DoD has been looking at this, it’s a very complex dialogue with lots of dynamics. “You still have all the cyber mission force, all these different other capabilities that are being developed at the same time as those larger construct conversations are being had,” they said.
Cyber Command’s cyber forces are also assigned to the regional — as well as functional — combatant commands and thus once there, fall under the command of the geographic combatant commander.
“We put a new process in place ... and was granted authority to re-allocate some of our capability against” threats and challenges, Rogers told the Senate Armed Services Committee. “That didn’t exist a year ago … it wasn’t envisioned. The thought was the cyber forces we created would be permanently aligned; I argue it’s not going to get us where we need to be.”
This approach is also something the Government Accountability Office is examining as it tries to help DoD work through command and control and authorities issues as Cyber Command matures.
“It’s related to a lot of the recommendations we made about clarifying command and control responsibilities,” Joseph Kirschbaum, the director of defense capabilities and management at GAO, told Fifth Domain. He pointed to GAO recommendations to Congress that DoD determine clear roles and responsibilities for who’s supposed to do what, command and control constructs, under what conditions cyber forces would be used and who would command them.
There’s a value of a command such as USCYBERCOM to prioritize how to use their forces against different threats, Katherine Charlet, who formerly served as the acting deputy assistant secretary of defense for cyber policy, told Fifth Domain.
On the other hand, she said, regional combatant commands are protective of their areas of responsibility and have a level of control over how they use their forces toward their priorities planning for the availability of these teams.
If a team is aligned to one combatant command and six months later is put somewhere else, this can be destabilizing from a planning perspective and may slow the initiative to integrate cyber in to regional efforts, she said.
The benefits of such an authority, according to a House aide, is there could be a need to move forces against a particular threat.
If a state sponsor is operating in multiple geographic combatant commands, a single informed, authorized combatant commander that can move forces across military, allied or private-sector networks as needed could create a significant advantage, the aide said.
Cyber Command recently begun standing up planning cells locally at the combatant commands around the world to help better coordinate offensive and defensive cyber effects. Some have equated this model to the TSOCs at the combatant commands, noting that they were stood up to help the combatant commands better integrate cyber into their plans.
The other argument against this approach is that there are also very robust regional combatant commander command and control constructs in place and these four-star commanders already know how to employ forces regardless of domain, the aide added, indicating that regional combatant commander should take the lead.
Congress will be using the upcoming posture hearings to examine these issues further, they added.
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.