U.S. Cyber Command and the National Security Agency are on a wartime footing all the time, as the agency works to defend the homeland from cyber attacks, said Army Gen. Paul Nakasone to the Senate Armed Services Committee, yesterday.
Nakasone serves as the commander of U.S. Cyber Command and the director of the National Security Agency. Both organizations have a role in preventing and defeating cyberattacks on America.
"In the contested cyberspace domain U.S. Cyber Command acts against foreign adversaries that threaten our nation through malicious cyber activity and enables action by our federal, private and allied partners," the general said. "For instance, a combined U.S. Cyber Command-NSA election security group countered malicious cyber actors and oversaw measures to enable the Department of Homeland Security and the FBI, among other domestic partners, to defend the recent midterm elections."
The general noted that the 2022 election cycle was able to proceed "without significant impacts, due in part to our efforts."
The command cannot rest on its laurels as enemies are always looking for new ways to sabotage the information system in the United States or mining information for their own purposes. "Going forward, success for U.S. Cyber Command will be measured by how effectively foreign adversarial actors are prevented from achieving their strategic objectives," Nakasone said. "Last year saw significant maturation for U.S. Cyber Command, but our work is not done. In 2023, we must continue to focus on our people, our partners and our ability to deliver a decisive advantage."
The command must work on readiness and resilience, he said. Every member of the command also must buy into developing and maintaining "a culture of continuous improvement," he said.
Cybercom is not only crucial to defense of the homeland, but to the other combatant commands. A great advantage to the U.S. military is the ability to network and communicate quickly and securely. It is also a vulnerability. "We will continue to deliver warfighting advantage for the joint force and partners throughout competition, crisis and conflict," Nakasone said. "We are doing so by executing our service-like authorities to build and sustain campaigns in and through cyberspace, and the information environment."
These efforts allow the command to counter adversaries and competition to deter conflict and prevail against aggression, he said.
There have been questions about whether Cybercom and NSA should be separated. A recent study by retired Marine Corps Gen. Joe Dunford, the former chairman of the Joint Chiefs of Staff, has recommended the arrangement works and should remain the same. "Aligning efforts of both U.S. Cyber Command and NSA is essential to achieving these goals and is in the best interest of the nation and national security," Nakasone said.
Nakasone did talk about the necessity to retain individuals in the military and civilian workforce. "It all starts with people, the men and women of U.S. Cyber Command working with NSA and partners here and abroad," he said. "We win with people."
The problem is not with recruiting, but with retention. The training and experience individuals get in U.S. Cyber Command or the National Security Agency, also makes them attractive to private firms.
He said the services have done a good job of recruiting. The piece that the command needs to work on with the services is the retention piece. "The challenge is someone that has this type of training is very, very attractive to those on the outside," he said. "But several of the services, the Marines included, have made tremendous progress in this in being able to focus their Marines on doing what these Marines wanted to do, which is cyber operations."
Giving people the opportunity to work on cyber operations and keeping them in those jobs where they make a difference has improved retention rates.