Shortly after Army Gen. Paul Nakasone took over as head of U.S. Cyber Command in May 2018, the command’s Cyber Mission Force reached what’s called “full operational capability,” meaning all 133 teams had achieved training and qualification standards after an arduous five-year build up.
Now, as he prepares to retire as head of CYBERCOM and director of the National Security Agency on Feb. 1, Nakasone has had his sights set on what changes are necessary to build “CYBERCOM 2.0.” In a briefing with a small group of reporters at Ft. Meade, Md., on Tuesday, Nakasone described how much things have changed since CYBERCOM first began building out its force structure in 2013.
“It was very counterterrorism, violent extremist organizations-focused,” Nakasone said. “It was very focused on this concept of the Iranians being able to hit our financial network and defending the nation and the financial network. Completely different world in which we live in today.”
The four-star said CYBERCOM today is now more geared toward major nation-state adversaries like China and Russia.
“So as we’re trying to look at the future of U.S. Cyber Command, I want to have a bold move forward,” Nakasone said.
At the direction of the Fiscal 2023 National Defense Authorization Act, the Defense Department is conducting a study on the responsibilities of the military services for organizing, training, and presenting forces to CYBERCOM. The study is due to Congress June 1.
Nakasone said he approved a “problem statement” this past weekend that be used by a cross-functional team to study the future force generation model.
“Which is a group of experts that come together to talk about, how do we use the authorities differently? How do we think about training differently? How do we think about personnel differently? How do we think about acquisition differently?” Nakasone said.
One of the major issues is the rotation of military forces in and out of CYBERCOM. Nakasone suggested the “dwell time” for those forces is often too short compared to the amount of training and time it takes to become proficient in the cyber domain.
“I’m a pretty demanding customer with the services. I just want their best and I want it all the time,” Nakasone said. “And they have been very, very supportive, in terms of what’s gone on, but I will tell you that we operate in a domain that requires a longer dwell time for our soldiers, sailors, airmen, and Marines than the constant movement. And I think that this has been a concern that I’ve expressed that I think is one of the things that we’re going to have to deal with in the future.”
Nakasone acknowledged that the military services have legitimate needs to assign forces elsewhere.
“They’re trying to balance their readiness as well,” he said. “But this is, I think, the job of the commander of US Cyber Command, to talk about why is the domain different and why do you have to consider recruiting different or retention different or assignment policies different than we have in the past?”
Another major lesson for Nakasone during his time at CYBERCOM, he said, has been the importance of “persistent engagement” in cyberspace, a concept outlined in a 2018 cyber strategy. The idea was bolstered by new authorities passed by Congress that labeled cyber as a “traditional military activity” and allowed CYBERCOM forces to hunt for threats on non-DoD networks.
“If you’re on the sidelines watching this, you’re going to get hit,” Nakasone said. “That’s why I think it’s so important for our forces worldwide to be able to be engaged, and being able to act and understand what our adversaries are doing.”
NSA’s future workforce
Meanwhile, the NSA has also seen major changes during Nakasone’s tenure, including the re-establishment of a cybersecurity directorate and a subsequent shift toward forging more industry partnerships and issuing public cybersecurity advisories.
That shift came to fruition when in 2019, an NSA researcher discovered a severe cyber vulnerability in Windows 10. In January 2020, the NSA issued a public cybersecurity advisory about the bug.
“That was a really important piece because from there on in, we start thinking about how do we have a broader public presence and what we need to do cybersecurity wise,” Nakasone said.
The NSA’s workforce is also in the middle of major changes. Nakasone said NSA is hiring half its civilian workforce over the next five years, and soon, members of Generation Z will make up a significant portion of employees at the spy agency.
Under its “Future Ready Workforce Initiative,” the NSA is considering how work at the agency can be more flexible than it has been in the past.
“We just see that there are tremendous opportunities for our workforce to go other places,” Nakasone said. “So what we’re looking at is maybe not everyone is going to come here for three decades, but boy, when we want them back, it would be really nice to be able to get them back very, very quickly.”
The NSA is also putting a major focus on leadership development through what’s called its “Aspire” program.
“I think that’s just a component that I would like the National Security Agency be known for, the fact that people come here to learn leadership,” Nakasone said. “Much in the same way, in the old private sector days, it was people[who] went to Procter Gamble to learn how to be managers. I want people to come to our agency and learn leadership.”
China and AI
Nakasone highlighted China as the “generational challenge of our time” in cyberspace. During a hearing hosted Wednesday by the House Select Committee on the Chinese Communist Party, Nakasone and other agency leaders highlighted how the U.S. believes the Chinese government is behind infiltrations into the networks of U.S. critical infrastructure.
“We are just at the beginning piece of truly being able to understand how much we’re going to have to change to be able to look at the Beijing Challenge,” Nakasone told reporters Tuesday.
Meanwhile, he also highlighted artificial intelligence and compared the disruption it’s causing in the technology landscape to the smartphone’s emergence in the mid-2000’s.
“I’m just thinking about what it was like before the summer of 2007 and what it was like since then, and I think it’s the same way with generative AI,” Nakasone said.
Last year, the NSA established an AI Security Center within its Cybersecurity Collaboration Center. The AI center focused on partnering with industry to protect their intellectual property, such as their AI models, from foreign theft or meddling.
“We have credible insights operating outside the United States into what our adversaries are doing and being able to have that discussion, in terms of what your adversary is doing, gives us credibility and gives them something that they would really like,” Nakasone said.
“And at the same time, what I call the canary in the coal mine, they provide us with kind of some indicators when we start to see adversaries or tradecraft or techniques that we haven’t seen before, that they identify to us.”