Exploring the Idea of an Independent US Cyber Force: Timing and Considerations
The possibility of establishing an independent Cyber Force within the US military is currently being considered in Washington. However, experts have reservations about whether this is the appropriate time for such a reorganization.
In the fiscal 2024 National Defense Authorization Act (NDAA), which outlines the annual defense budget, the US Senate Armed Services Committee included a provision calling for an external study on the creation of an independent cyber service.
This new force, known as the US Cyber Force, would be on par with the Army, Navy, Air Force, Marine Corps, and Space Force.
While the prospect is intriguing, experts remain uncertain about the timing and feasibility of committing to this reorganization.
Evaluating the Need for a Cyber Force: Assessing the Strength of US Cyber Command
The executive summary of the NDAA includes a provision calling for an independent assessment of establishing a Cyber Force or enhancing the current force development and management approach.
The Committee proposes that the Department of Defense (DoD) engage the neutral National Academy of Public Administration to conduct this assessment.
While the complete details of the NDAA are yet to be revealed, it is evident that this provision signals the beginning of a potentially lengthy battle among different agencies, both within and outside the Pentagon.
There have been ongoing discussions about the capability and organization of the US Cyber Command, one of the DoD’s eleven unified combatant commands, to effectively combat cyber threats. While some experts argue that now may not be the ideal time for reorganization, concerns have persisted regarding the Command’s ability to address cyber threats adequately.
Gaining Momentum: Support for Change in Cyber Operations
Significant backing has emerged for a shift in the approach to cyber operations, especially following the House Armed Services Committee Chairman’s directive to review the Department of Defense’s (DoD) management of these operations. The aim is to gain better insights into how the US military trains and funds forces for cyber operations.
Currently, each military service is responsible for supplying personnel to the US Cyber Command for specific teams. These forces are then deployed by the Cyber Command to support operations for other combatant commands.
However, each service operates in its unique way, resulting in different cultures, identities, and methods of organizing and providing forces.
Challenges of the Current Approach: The Need for a Dedicated Cyber Force
Critics argue that under the current system, many service members do not prioritize cyber operations. Additionally, proponents of a separate Cyber Force emphasize the necessity for a more consistent approach, as the existing Cyber Command heavily relies on personnel from other military branches.
Moreover, the United States is struggling to keep pace with modern cyber threats, despite historically holding an advantage in cyberspace.
Experts highlight the significant threat posed by cyber actors from countries such as Russia, Iran, North Korea, and especially China, which now pose a major risk to US national security.
Recognizing the urgency of the situation, the Military Cyber Professionals Association (MCPA), with over 3,000 members, issued a statement on March 26th calling for the creation of a dedicated US Cyber Force.
The MCPA asserts that modern threats are substantial, dynamic, ever-present, and have far-reaching consequences that can no longer be addressed through fragmented efforts.
Demand for Unity: A Call for a Dedicated Cyber Force
In their statement, the group expressed concern about the inconsistent readiness and effectiveness of the United States Cyber Command Forces due to each service adopting its own approach to deployment.
They emphasized that only a unified service, with its comprehensive capabilities, can deliver the necessary focus to achieve optimal results in their specific domain.
Supporting this viewpoint is the influential voice of James Stavridis, a retired Navy admiral and former supreme allied commander of NATO.
In a column published in the Boston Herald, Stavridis stressed the present need for a new Cyber Force, highlighting its significance in addressing the evolving cybersecurity landscape.
Building on Existing Efforts: Potential for a Modeled Cyber Force
Drawing inspiration from the establishment of the US Space Force in 2019, which operates with fewer than 10,000 personnel but manages around 100 spacecraft and supports US satellite systems, a new Cyber Force could follow a similar model.
Retired Navy admiral James Stavridis suggests that a Cyber Force could be even more modest and its staff could be housed within the Department of Defense (DoD) or the Homeland Security Department, leading to potential cost savings.
However, the Biden administration, despite its robust efforts to strengthen US cyber defenses, has not committed to creating another military service. Notably, the White House’s National Cybersecurity Strategy, released in March, does not mention it either.
Opponents of an independent Cyber Force argue that there are valid reasons for this cautious approach. They believe that giving the current model more time and allowing it to demonstrate its effectiveness is a prudent course of action.
Progress and Activity in the Current Cyber Command
It’s worth noting that the US Cyber Command’s status as a fully unified combatant command was achieved relatively recently in 2018. Furthermore, the Cyber Mission Force within the Command is expanding, growing from 133 to 147 teams.
According to US Army Major General William Hartman, who leads the Cyber National Mission Force, cyber warriors are far from idle. They actively strategize and execute operations in cyberspace to deter, disrupt, and, if necessary, defeat adversaries in the cyber realm.
During the recent RSA Cybersecurity Conference, Hartman shared that they have successfully carried out 47 defensive operations in 20 countries over the past three years, all of which were conducted by invitation. It is also evident that Ukraine has become a temporary base for numerous American cyber specialists.
President Biden’s administration is also showing a commitment to strengthening cybersecurity. The recent budget proposal includes a substantial $13.5 billion allocated to Department of Defense (DoD) cyberspace efforts, with a notable $1.8 billion increase from the current budget. Out of this funding, $3 billion is specifically designated for the US Cyber Command.
However, Michael Klipstein, a former director of International Cybersecurity Policy for the National Security Council, raises a cautionary note.
He highlights that personnel for a new Cyber Force would need to be drawn from the existing services, and there would still be a reliance on the intelligence community, particularly the National Security Agency (NSA), just as the current US Cyber Command operates.
Different Perspectives on the Need for a New Cyber Force
One prominent voice questioning the necessity of a new Cyber Force is Tom Kellermann, Senior Vice President of cyber strategy at Contrast Security and a former member of President Obama’s Commission on Cybersecurity. According to Kellermann, now is not the right time for reorganization, as the focus should be on countering cyber threats.
He argues that the existing US Cyber Command is already capable and firmly established. Reorganizing amidst the ongoing “guerrilla war” in American cyberspace would not be beneficial.
Kellermann highlights that the current defense of the country is effectively handled by US Cyber Command on an international level, while the Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation tackle domestic cybersecurity matters.
Any overlaps in responsibilities are addressed through the activation of the Joint Task Force. These distinct missions are necessary to comply with US law and existing authorities.
Similarly, Irina Tsukerman, a geopolitical analyst and national security lawyer, agrees that the current system is somewhat disorganized.
However, she expresses concerns that creating a new Cyber Force would only add another layer of complexity and bureaucracy, competing with the existing Cyber Command. Historically, few US initiatives have resulted in the complete abolition or scrapping of agencies, which further underscores Tsukerman’s skepticism.
These perspectives shed light on the debate surrounding the potential creation of a new Cyber Force, emphasizing the need for careful consideration of the existing infrastructure and its effectiveness in addressing cyber threats.
Facing Resistance and Addressing Cybersecurity Weaknesses
The institutions at risk of being diminished or removed have little incentive to embrace change and are likely to resist it. Additionally, the effectiveness of a new structure in streamlining the process remains uncertain, as it would still need to coordinate with existing agencies.
Irina Tsukerman highlights the elephant in the room: the overall cybersecurity weaknesses across all agencies that have worsened over time.
Tsukerman emphasizes that restructuring alone cannot solve the problem of agencies falling behind in terms of technology and personnel readiness to combat sophisticated cyber threats.
Meanwhile, Mike Lyborg highlights the significant portion of the federal budget allocated to maintaining outdated systems, which lack the necessary safeguards to protect against modern cyber threats.
| Home |
2 thoughts on “The Idea of separate US Cyber Force raises everyone’s eyebrows”