Defense Secretary Robert Gates today approved the creation of a unified U.S. Cyber Command to oversee the protection of military networks against cyber threats.
In a memorandum issued to the Joint Chiefs of Staff, Gates said he intends to recommend to the president that the new command be led by the director of the National Security Agency (NSA) Lt. Gen. Keith Alexander.
Gates directed the commander of the U.S. Strategic Command, Gen. Kevin Chilton, to develop implementation plans for Cybercom, as the new unified command will be called.
The plans are due by Sept. 1 and need to include the new command's mission, roles and responsibilities, reporting structures and accountability measures, Gates said.
The new command will most likely be headquartered in Fort Meade, Md., and will reach initial operating capabilities by October, and full operating capability by October 2010, Gates said in his memo.
The "subordinate unified" cyber command will operate under U.S. Strategic Command for military cyberspace operations.
Gates also ordered the undersecretary of defense for policy to develop policies and strategies for a comprehensive approach to the Defense Department's cyberspace operations.
The proposal to create the new command has been expected for some time and is part of an effort to address growing threats to Defense Department and Pentagon networks from foreign and domestic threats. As part of its mission, Cybercom is also expected to develop a range of offensive cyber warfare capabilities.
The proposal for Cybercom is part of a broader effort by the Obama administration to bolster federal and military cybersecurity capabilities. It comes a few weeks after President Obama announced the creation of a White House cyber security coordinator role and plans to develop a comprehensive national strategy for protecting U.S. interests in cyberspace.
That effort is largely targeted at protecting U.S. civilian government and critical infrastructure targets in cyberspace, while the new command's mission is to do the same for DoD networks.
Alan Paller, director of research at SANS Institute, a security training and certification body, said the move to create a unified cybercommand across the Defense Department is a "spectacular idea."
Melding both defensive and offensive missions under the same command will allow for better threat preparedness, he said. A unified command also increases the "potential for interoperability and both process sharing and real time information sharing among the services," Paller said.
He said the only downside is the possibility that the cybercommand will "so militarize the Information Assurance Division of NSA" that it could harm the public-private partnerships that are important for security.