As if not troubled enough by President Trump’s attacks, a new debate is heightening tensions in the intelligence community. The Pentagon has started to assess whether it is time to divide the leadership of the National Security Agency and U.S. Cyber Command. Such a move is dubious: Is change necessary? Can the IC tolerate another shock?
A look overseas to the Israeli case could provide some insight.
{mosads}In 2010, then-Joint Chief of Staff Lt. Gen. Gabi Ashkenzi announced the establishment of a new Cyber Administration within the IDF, under the Deputy Joint Chief of Staff. Two years later Prime Minister Netanyahu authorized the establishment of the National Cyber Bureau, which is in charge of the national cyber policy. In 2015, Lt. Gen. Gadi Eizenkot, now acting Joint Chief of Staff, announced that a new Cyber Directorate would be established within 24 months.
According to that plan, the new directorate would absorb responsibilities and resources from both Unit 8200 (the IDF’s signals intelligence or SIGINT unit, equivalent to the NSA), as well as the Computer Service Directorate (equivalent to the Joint Staff J6). A fierce internal debate has emerged, with several (including the head of AMAN, the Intelligence Directorate) arguing that all cyber activities should remain under AMAN’s responsibility, while others insist that there is an acute need for a dedicated cyber directorate.
In early 2017, Lt. Gen. Eizenkot announced that the establishment of the Cyber Directorate would be postponed until further notice, and declared that AMAN would handle offensive and information collection elements in cyber space, while the Cyber Administration would come under the Computer Service Directorate, focusing mainly on defensive activities.
The reasons that led Lt. Gen. Eizenkot, who is considered a level-headed officer, to reverse his 2015 decision are highly relevant to the American case.
From a strategic standpoint, the implications of the cyber domain on present and future battlefields are still ambiguous and constantly changing; so too are their effects on traditional kinetic challenges. The inter-relations between the physical and virtual domains are still in flux, with grave ramifications on the nature of threats, and the measures needed to cope with them.
These changes are highly relevant to the way the IC reacts and adapts. The vast majority of the NSA’s current collection activities are most likely executed through and with the cyber domain. Though traditional methods (such as phone tapping) are not dead, it is safe to assume that cyber is more dominant than ever, and will only continue to grow over more traditional domains and methods. Furthermore, given the specific characteristics of the cyber domain, it is difficult to distinguish between types of cyber activities (e.g., collection vs. attack). Separating those in charge of SIGINT and those in charge of cyber doesn’t make sense.
as the last few years have taught us, the West’s adversaries have themselves transitioned to the cyber domain. With Russia’s (alleged) intervention in the U.S. elections, the Snowden affair, HAMAS and Iran’s extensive use of cyber-related techniques, Chinese theft of F-35 plans, and ISIS’s sophisticated use of the virtual domain, this may not be the right time for radical changes.
Separating the NSA and the Cyber Command would inevitably create a long transition period, during which U.S. cyber capabilities would be negatively affected. Disputes over missions and responsibilities, coordination issues, transition of manpower, and lack of sufficient resources in one or both entities would jeopardize U.S. cyber resilience in the short term at the very least.
Finally, with Trump trying to aggressively redefine relations between the IC and the executive branch, the last thing the community needs at this moment is another shock. A decision to separate the NSA and Cyber Command would create an all-out war within the IC and the Department of Defense, since no sane commander would agree to surrender responsibilities and resources to another organization.
The NSA itself would lose not only prestige but also relevancy, and presumably try to torpedo the move. If any change is needed at all, it would require a different approach: the cyber component should gain supremacy over any other type of SIGINT activity, as this will be the not-too-distant future reality. Until then, NSA-Cyber Command relations should remain untouched.
Shay Hershkovitz, Ph.D., is chief strategy officer at Wikistrat, Inc. and a political science professor at Tel Aviv University specializing in intelligence studies. He is also a former IDF intelligence officer whose book, “Aman Comes To Light,” deals with the history of the Israeli intelligence community.
The views expressed by contributors are their own and are not the views of The Hill.