With multiple agencies in the Department of Defense responsible for defensive cyber operations, roles and responsibilities are often unclear–but the Cyber Command chief says it’s something the agencies work on everyday.
“We practice with each other,” Adm. Michael Rogers, joint head of CYBERCOM and the National Security Agency (NSA), said at the AFCEA International Cyber Symposium in Baltimore, Md., Tuesday.
Rogers said it’s no coincidence that NSA and CYBERCOM have the same individual as their leader. However, he emphasized the distinction between the two organizations, particularly their teams for network defense. CYBERCOM is primarily tasked with defending DoD networks unless called to do otherwise, whereas NSA has more regular contact with the private sector to protect critical infrastructure.
“In the event of a crisis, if U.S. Cyber Command were tasked, how would we suddenly take the outside-of-federal-government responsibilities that NSA has on a daily basis, how would we focus U.S. Cyber Command on complementing that, and how would we execute that DoD Title 10 mission that Cyber Command would potentially be given?” he said.
Criticism has been leveled against DoD for having the same person as the head of both a civilian and a military organization, but Rogers is optimistic about the co-location of NSA and CYBERCOM at Fort Meade, Md.
“It’s an area that I think is a real positive for us,” he said.
Rogers did not explain the exact mechanics of how the teams work together, but he did recognize NSA as the lead agency in DoD for cyber knowledge. He said NSA has a key role in helping build capacity throughout the department, including at CYBERCOM.
As for the Defense Information Systems Agency (DISA), Rogers said he expects to release operational concepts jointly with DISA about how to defend the DoD Network (DODN) this fall.
“We’re going to be able to roll out a kind of C2 (command and control) construct where DISA can execute those functions,” he said.
Rogers said each service currently spends too much time and money on maintaining their own networks when DISA could be operating a global backbone that would allow the services to focus on mission. Unlike NSA and CYBERCOM, DISA has traditionally been an engineering and acquisition agency with the ability to implement enterprise changes to the DODN.
“My comment to [DISA Chief] Gen. Hawkins has been, ‘You and I have got to push to change this network, so we can actually put DISA in a position where it can actually see it end to end, and then DISA collaborating with the services can truly be agile in defending it,’” he said.