McCain opposes splitting NSA and Cyber Command

Chair of Senate Armed Services Committee objects to administration's proposal to decouple spy agency from military cyber warfare unit, threatens to block NSA nominee.

The head of the Senate Armed Services Committee is threatening to block any nominee to head up the National Security Agency if the Obama administration follows through on a plan to decouple the spy agency from U.S. Cyber Command, the digital warfare unit established in 2009.

[ Related: U.S. Cyber Command struggles to retain top cybersecurity talent ]

At a hearing on cybersecurity and encryption this week, Sen. John McCain (R-Ariz.) argued for preserving the current "dual hat" operating structure with the spy agency and the cyber warfare organization co-located and under common leadership.

"I do not believe rushing to separate the dual hat in the final months of an administration is appropriate given the very serious challenges we face in cyberspace," McCain said.

"If a decision is prematurely made to separate NSA and Cyber Command, I will object to the confirmation of any individual nominated by the president to replace the director of the National Security Agency if that person is not also nominated to be the commander of Cyber Command."

McCain put the question to Adm. Mike Rogers, the current head of the two agencies, who affirmed that, indeed, he agrees that Cyber Command and the NSA should continue to operate under joint leadership.

"Is it still your professional military advice that maintaining the dual hat at this time is in our best national security interest?" McCain asked.

"Yes," Rogers said.

NSA, Cyber Command better together or separate?

McCain's threat to block a future nominee comes in response to reports that Defense Secretary Ash Carter is backing a plan to split off Cyber Command in a bid to establish it as a standalone agency with its own dedicated resources and under the direction of a full-time leader. In 2013, a presidential commission convened after the revelations of former NSA contractor Edward Snowden had recommended that the two agencies separate, with each to focus on its primary responsibility.

[ Related: State Department argues against cyber arms treaty ]

"NSA should refocus on its core function: the collection and use of foreign intelligence information," the panel concluded. "To distinguish the warfighting role from the intelligence role, the military Cyber Command should not be led by the NSA director."

At Tuesday's hearing, Rogers and Marcell J. Lettre II, undersecretary of defense for intelligence, outlined some of the challenges they face in combating cyberthreats and waging offensive strikes against adversaries such as the Islamic State, what Rogers called "the most adaptive target" he has encountered in a 35-year intelligence career.

Likewise, the officials noted the mounting difficulty of coordinating their cybersecurity efforts with firms in the private sector that have begun walling off users' data through unbreakable encryption.

"Our concern grows as some parts of the communication technology industry move towards encryption systems that providers themselves are incapable of unencrypting even when served with lawful government requests to do so for law enforcement or national security needs," Lettre said. "This presents a unique policy challenge."

[ Related: U.S. investigates Russia for attempting to hack the election ]

McCain and other committee members also expressed alarm over reports that Russian hackers, perhaps with the backing of that country's government, have been looking to disrupt the U.S. election in November. Rogers declined to address the issue directly in an open briefing, citing an ongoing government investigation into the reports of Russian hacking. "This continues to be an issue of great focus," he said.

Join the CSO newsletter!

Error: Please check your email address.

More about Armed Services CommitteeindeedNational Security AgencyNSA

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Kenneth Corbin

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts