Nominee to lead NSA and U.S. Cyber Command shared insights on cyberspace
The vice admiral that President Obama and Defense Secretary Hagel have chosen to lead the U.S. Cyber Command and the National Security Agency — Michael Rogers – believes that the military’s cyber activities have an inherently operational aspect to them, and that about 80 percent of the workforce dedicated to cyber should be uniformed military personnel and about 20 percent should be civilian employees and contractors.
“There’s a reason why, for example, if you go on that air wing on that carrier, you don’t see civilians flying those aircraft,” said Rogers, while serving as the commander of the Navy’s 10th Fleet and the U.S. Fleet Cyber Command, according to an interview he gave last June to the American Forces Press Service. “If you go on board that ship or submarine, go down to where those weapons systems are and where those radars and tools [are] that give you situational awareness of what’s going on. You don’t see civilians manning those.”
Rogers noted at that time that the U.S. Navy, like the other armed forces, was working toward an 80/20 ratio of military and civilian personnel, particularly at the “high-end” of the cyber field. He defined that high end as “implying in-depth understanding of network structures and the ability to operate relatively complex networks.”
Rogers indicated that the Navy planned to bring on 800 cyber service members for its Cyber Command in 2013, and an additional 1,000 cyber personnel in the subsequent three years.
“Our view is that you need to bring together three or four core ratings to work the cyber piece,” he explained in the published interview, “some of them in areas you don’t necessarily directly associate with cyber — things like language. As we got into this, we came to the conclusion that we needed the ability to work in multiple languages if we’re going to work cyber from a global perspective.” Intelligence, information technology and cryptologic technician-networks ratings also are considered core cyber capabilities, he added.
Rogers noted at the time that the organizational structure in the Navy — in which he wears two different hats – is similar to the structure of some of the other military services.
“In the case of the Navy, we replicated the joint model in many ways,” Rogers observed. “Just as Army Gen. Keith Alexander is both the commander of the U.S. Cyber Command with Title 10 [armed forces] authorities, as well as director of the National Security Agency with Title 50 [national security and intelligence] authorities, I am commander of Fleet Cybercom and have operational control over the majority of forces and capabilities within my service that operate and defend the networks, as well as the service’s offensive capabilities.”
He added that as the Navy’s cryptologic commander, he also had signals intelligence, or SIGINT — which gathers all sorts of intelligence from communications systems, radars and weapons systems — under his command.
“The reason we went this way was we believed the SIGINT capability — the ability to see the cyber battle space as well as to gain insights into opponents’ use of cyber — was a real plus in the cyber world,” Rogers explained. “It’s the same thing that led the joint world to…align the traditional service operational command, U.S. Cyber Command, with the SIGINT situational awareness and knowledge of the battle space of NSA. We liked that model. We came to the same conclusions.”
The Navy is the only service, Rogers added, that has decided one entity should operate the networks and defend them, as well as control the offensive cyber capabilities, according to the American Forces Press Service interview.
That published interview appeared in the same month as the first of the articles about ongoing NSA surveillance activities, which were based on former NSA contractor Edward Snowden’s leaks. Perhaps with an eye toward the potential danger of “Insider Threats,” Vice Admiral Rogers observed that the role of single individual can be quite different in cyberspace than it is in more traditional military realms.
One of the things that makes cyber different from the land, sea, air and space domains, Rogers said, is that it’s the one in which every member of the organization is an operator.
“If we’ve given you access to a keyboard, you’re operating in our domain,” he observed. “You can’t really say that about the air or the maritime or the subsurface. Elements of our force are operating in those domains — don’t get me wrong — but not everybody is an operator all the time.”
This reality, the admiral added, “represents to us [not only] an opportunity to gain advantage, but also a potential opportunity for vulnerability for others to exploit, whether it’s intentional or unintentional.”
This requires some new thinking, he said.
“We have to think much more broadly about this,” he suggested. “If you think Vice Admiral Rogers and 5,000 highly motivated individuals are all it’s going to take to achieve success and operate in an agile and effective manner in this domain, you don’t get it. It’s bigger than that.”
“Whether you’re sitting on shore duty in the middle of the United States, or you are out on the USS Eisenhower in the Strait of Hormuz, you’re an operator in this domain.”