This is the first part of a series exploring the future of Cyber Command. For the next installment, see part two.
Leaders at the Department of Defense and Cyber Command are in the throes of a major undertaking: the elevation of the command to a full unified combatant command and no longer subordinate to U.S. Strategic Command.
But how close is Cyber Command to that goal?
A Pentagon spokesman told Fifth Domain in a statement that planning efforts are focused on creating efficiency, effectiveness and agility.
After nearly eight years of existence, the organization is beginning to mature and develop in ways military leaders have long envisioned.
To start, Cyber Command is staffing up. Understandably that process involves shifting resources from Strategic Command to the new unified Cyber Command. The Pentagon reprogrammed about $27.3 million in fiscal year 2017 funds for initial elevation efforts, including hiring new headquarters personnel.
DoD has identified a need for a little more than 100 additional personnel to execute basic functions of a combatant command. Those staffers will come from throughout the Department, including STRATCOM, the spokesman said.
To help guide Cyber Command internally, DoD recently created a second deputy commander position aimed specifically at working the elevation issue.
In addition, Cyber Command needs to prepare for new responsibilities.
During a May 2017 congressional hearing, the head of Cyber Command, Adm. Michael Rogers, outlined steps the organization would need to take before elevation. They included a shift in responsibility from Strategic Command to Cyber Command, changes to the unified command plan, which defines scopes and authorities of the geographic and functional combatant commands and investments in manpower.
While Cyber Command has been acting independently and mimicking a unified combatant command for some time, the actual act of elevation is no small feat, officials said.
“Having a full on unified combatant command means something materially in the Department of Defense. It means the staff, the people and all of paperwork that goes with it,” Joseph Kirschbaum, the director of Defense Capabilities and Management at the Government Accountability Office told Fifth Domain. “I’m talking about serious requirements that are being levied on the new command like the appropriation of formal operation plans, things of that nature.”
Michael Sulmeyer, director of the cybersecurity project at Harvard’s Belfer Center and the former director of plans and operations for cyber policy at the Pentagon, said the elevation process isn’t overly difficult. It’s been considered for years and personnel understand what needs to be done to cross the finish line, he told Fifth Domain.
But he also added that the elevation process is a good exercise for the principal cyber adviser, a position created in 2014 consolidate cyber-related roles in DoD with the goal of establishing one official responsible to the secretary of defense. The process of elevation will help ensure plenty of acquisition and readiness issues as well as several internal DoD entities, including the CIO’s office, are on the same page.
While a Pentagon spokesman said there is currently no timeline for elevation, he noted elevation will be fully effective upon the nomination and Senate confirmation of a new commander to lead the unified combatant command.
Larger DoD implications
Kirschbaum explained that from a DoD perspective, Cyber Command’s new role could cause friction points as it creates another seat at the table.
“In practical terms, if you’re adding a combatant command, you are therefore potentially adding to the top line list of things DoD’s going to have to consider,” he said.
Kirschbaum said these priorities can manifest themselves through the joint staff and through the secretary’s department-wide priorities. “[Elevation] will have budget implications. It will have prioritization implications about just what’s important across the commands.”
Sulmeyer said he does not believe any internal issues would hinder the addition of a 10th combatant command. He said new command is better for both STRATCOM and CYBERCOM, largely because it means cyber leaders will now lobby for cyber issues and STRATCOM can focus on issues involving strategic weapons.