When will CYBERCOM Split from NSA?

As soon as Congress passed the FY17 National Defense Authorization Act (NDAA), the clock began to tick on CYBERCOM’s elevation to a fully-fledged combatant command.

The NDAA included a clause that mandated CYBERCOM’s elevation to full COCOM status, although there are a few provisions that give us a clue as to when that may occur. Before CYBERCOM can be formally split from Strategic Command, it must reach full operating capability and Congress must approve of CYBERCOM’s readiness.

So what does that mean for the IT industry? With CYBERCOM’s rising and sizeable budget, there’s a lot of opportunity for cybersecurity vendors. But first it’s important to understand what needs to happen for CYBERCOM to split from STRATCOM.

CYBERCOM is slated to reach full operating capability on Oct. 1, 2018. Word on the street is that CYBERCOM should be able to hit that deadline. However, keep in mind that CYBERCOM will still have few fully mature cyber teams by that date – it’ll continue to grow to full de-facto maturity for the next few years.

Practically speaking, CYBERCOM has operated independently from STRATCOM, which holds authority over CYBERCOM for the moment. STRATCOM just signs off and lets CYBERCOM run its show. CYBERCOM has a very special relationship with the National Security Agency – personnel from CYBERCOM and NSA have worked side-by-side and there will no doubt continue to be a special relationship between the two agencies.

CYBERCOM is about at the size necessary for an independent command. The commander-in-chief has the final decision regarding when to ask Congress to elevate CYBERCOM. It still needs to reach full operating capability and must convince Congress that its missions, systems and organization is ready to fulfill its mission. It’s difficult to pin down an exact date but as the command will reach full operating capability on Oct. 1, 2018, I’d expect it to happen around that time or soon thereafter.

In meantime, CYBERCOM continues to see steadily rising funding and its influence over various COCOMs and their Joint Cyber Centers continues to grow.

The command needs automated cyber solutions that don’t require a lot of manual oversight. It’s also building up a platform for its cyber tools and will require middleware solutions. The command has a special $75 million budget for rapid procurement of cyber tools – if you’re a cybersecurity vendor, you’ll want to pay special attention to CYBERCOM over the next few fiscal years.

Want to hear more about CYBERCOM and the IT priorities of other COCOMs? View my recent webinar, Combatant Commands: Big Challenges, Big Opportunities for Tech. For more guidance on working with the COCOMs, reach out to immixGroup’s Market Intelligence team.