Department of Defense Memorandum
- Secretary of Defense, Robert M. Gates
- 3 pages
- June 23, 2009
SUBJECT: Establishment of a Subordinate Unified U.S. Cyber Command Under U.S. Strategic Command for Military Cyberspace Operations
Cyberspace and its associated technologies offer unprecedented opportunities to the United States and are vital to our Nation’s security and, by extension, to all aspects of military operations. Yet our increasing dependency on cyberspace, alongside a growing array of cyber threats and vulnerabilities, adds a new element of risk to our national security. To address this risk effectively and to sccure freedom of action in cyberspace, the Department of Defense requires a command that posscsses the required technical capability and remains fbcused on the integration or cyberspace operations. Further, this command must be capable or synchronizing wartIghting effects across the global security environment as well as providing support to civil authorities and intemnational partners.
Effective immediately, Commander, U.S. Strategic Command (CDRUSSTRATCOM) is directed to establish a subordinate unified command designated as U.S. Cyber Conmiand (USCYBERCOM). In conjunction with the establishment of USCYBERCOM and the development of a new national strategy for cybersecurity, the Under Secretary of Defense for Policy will lead a review of policy and strategy to develop a comprehensive approach to DoD cyberspace operations.
I intend to recommend that the President redesignate the position of Director, National Security Agency (DIRNSA) as the Dircctor, National Security Agency and Commander, U.S. Cyber Command as a position or importance and responsibility under the provisions of title 10, United States Code, Section 6o1 and authorize it to carry the grade of General or Admiral. I also intend to recommend that the President designate the position of Deputy Commander, U.S. Cyber Command as a position of importance and responsibility under the provisions of title 10, United States Code, Section 601 and authorize it to carry the grade of Lieutenant General or Vice Admiral. should the DIRNSA position become vacant, the Deputy Commander, USCYBERCOM assumes duties as Commander, USCYBERCOM and the Deputy Director, National Security Agency assumes duties as DIRNSA until an active duty general or flag officer tills the DIRNSA position.
This command will reach initial operating capability (IOC) not later than October 2009 and full operating capability (FOC) not later than October 2o10. while the preferred location for the command headquarters is Fort Meade, Maryland, CDRUSSTRATCOM will ensure that all phases or establishing this command and selecting the final command headquarters location are implemented in accordance with existing laws and regulations.
CDRUSSTRATCOM shall disestablish the Joint Task Force-Global Network Operations (JTF-GNO) and Joint Functional Component Command- Network Warfare (JFCC-NW) prior to FOC. The Military Departments shall identify and provide, for my approval, appropriate component support to USCYBERCOM to be in place and functioning prior to FOG. Upon disestablishment of JTF-GNO, the officer formerly serving as both Director, Defense information Systems Agency (DIRDiSA) and Commander, JTF-GNO will retain the position and duties as DIRDISA, relinquishing all duties as Commander, JTF-GNO, and continue to provide network and information assurance teclmical assistance to USCYI3ERCOM as required. Upon disestablishment of JTF-GNO, I also intend to recommend that tbe President redesignate the position of DIRDISA and Commander, JTF-GNO as DIRDiSA, a position of importance and responsibility under the provisions of title 10, United States Code, Section 601. and authorize it to carry the grade of Lieutenant General or Vice Admiral.
The Chairman of the Joint Chiefs of Staff shall issue a planning order directing CDRUSSTRATCOM to develop an implementation plan for USCYBERCOM, to be submitted for my approval by 1 September 2009. The implementation plan must delineate USCYI3ERCOM’s mission, roles and responsibilities; command and control. reporting and support relationships with combatant commands, Services, and U.S. Government departments and agencics; minimum requirements to achieve IOC and FOC; and accountability measures with Service and DISA network operating centers. CDRUSSTRATCOM shall delegate authority to conduct the specified cyberspace operations detailed in Section 1 8.d.(3) of the Unified Command Plan (UCP) to the Commander, USCYBERCOM. The implementation plan will contain a phased approach for this delegation, to include those authorities required at IOC, by FOC, and a recommendation for the authorities that will be retained by CDRUSSTRATCOM. CDRUSSTRATCOM shall submit this implementation plan to the Joint Staff and the Office of the Under Secretary of Defense (Policy) for coordination with combatant commands. Services, and appropriate DoD agencies.
This memorandum reinforces, but does not expand, USSTRATCOM authorities and responsibilities for military cyberspace operations. In exercising CDRUSSTRAICOM’s UCP assigned responsibilities, USCYBERCOM shall establish and maintain direct liaison with combatant commands, Services, and DoD agencies according to the approved implementation plan. Further, combatant commanders, Services, and DoD agencies shall remain responsible for compliance with USSTRATCOM’s direction, as stipulated by UsCYBERCOM, for operation and defense of the Global information Grid.