Splitting Commands, Building Capabilities: DefenseScoop’s Mark Pomerleau on the DoD’s Cyber Future
Season 2 Episode 22 •Show Notes
In this episode of Cyber Focus, host Frank Cilluffo sits down with Mark Pomerleau, senior reporter for DefenseScoop, to discuss the evolving landscape of U.S. cyber operations and military doctrine. Pomerleau unpacks the ongoing debate over splitting NSA and U.S. Cyber Command, the rising role of offensive cyber capabilities, and what “Cybercom 2.0” might look like in practice. He also explores the integration of cyber, electronic warfare, and space as part of a new operational triad, and shares lessons learned from Ukraine that are reshaping U.S. strategy. Together, they examine whether U.S. deterrence efforts are keeping pace with adversaries—and what needs to change to meet tomorrow’s threats.
Main Topics Covered:
- The origins and implications of the NSA-Cyber Command dual-hat debate
- Tactical cyber at the edge: how services are enabling cyber in battlefield operations
- The emerging cyber-electronic warfare-space triad
- Cybercom 2.0 and the effort to modernize doctrine, authorities, and force generation
- The limits of cyber deterrence and the need for a more assertive posture
Key Quotes:
“As a Title 50 intelligence organization, your goal is to not get caught… using that same infrastructure for military operations… can undermine that [intelligence] mission. And so Cyber Command has been working to really build up its own infrastructure, its own tools.” — Mark Pomerleau
“The modern triad… really includes space, special operations forces and cyber. And the notion is that all of these together will be greater than the sum of their parts and be able to provide some really unique mission packages and capabilities for commanders.” — Mark Pomerleau
“One of the big lessons that the Department of Defense came away with is that cyber does have a role to play in future conflict, but it’s not the role that they necessarily thought it was a few years ago. And that cyber by itself likely isn’t going to have the effect that they… initially thought it was.” — Mark Pomerleau
“EW is going to be a huge enabler going forward… The faster commanders realize how to harness that and maneuver within that space, combine it with other effects like cyber and RF… we’re really going to see that take off.” — Mark Pomerleau
“Ultimately, those that are integrating [cyber and EW] into their warfighting strategy, doctrine, and practice are the ones that are going to dominate.” — Frank Cilluffo
Relevant Links and Resources:
Guest Bio:
Mark Pomerleau is a senior reporter for DefenseScoop, covering information warfare, cyber, electronic warfare, information operations, intelligence, and battlefield networks. With over a decade of experience, he is widely regarded as one of the most authoritative voices reporting on military cyber and EW strategy. His reporting regularly shapes the national conversation around U.S. cyber policy and defense modernization.
Transcript
1
00:00:00,000 –> 00:00:01,000
Mark Pomerleau [00:00:00]:
The services now have discovered that they have their own unique organic service needs for some of these capabilities. A classic example is in the Army, right. If you are about to assault a village, maybe can we use some, you know, quote unquote, tactical cyber means to hack into a CCTV to be able to get advanced warning of maybe what they’re going to go into and prep the battlefield that way.
2
00:00:01,000 –> 00:00:02,000
Frank Cilluffo [00:00:27]:
Welcome to Cyber Focus from the McCrary Institute, where we explore the people and ideas shaping and defending our digital world. I’m your host, Frank Cilluffo, and this week I have the privilege to sit down with one of the top reporters covering cyber at the Department of Defense, looking at these issues holistically. Everything from cyber warfare, information operations, cyber operations, electronic warfare. But Mark Pomerleau is one of the crackerjack reporters in this space. Anytime he writes a piece, my phone lights up. All my buddies are paying attention, which normally means he’s doing it right. So, Mark, thank you so much for joining us today.
3
00:00:02,000 –> 00:00:03,000
Mark Pomerleau [00:01:06]:
Excellent. Really excited to be here. Thanks for having me.
4
00:00:03,000 –> 00:00:04,000
Frank Cilluffo [00:01:08]:
Well, firstly, I mean, you’ve carved out a really good niche and beat for yourself. And I think we first met probably about 10 years ago when you were writing on some of these issues, and it was a very backwater kind of niche. You’ve been able to build that into an important focus that is more than a niche now. It’s actually integral to everything our warfighters do as well as our defenders do. And I thought we’d start with, and we’re going to make all of your recent articles available on our show notes, so I think we have six. So normally we keep it to three, but you’re just too prolific.
5
00:00:04,000 –> 00:00:05,000
Frank Cilluffo [00:01:44]:
But thought I wanted to start with a discussion around one of the issues that is dominating both ends of Pennsylvania Avenue, and that is the potential split between the National Security Agency and Cyber Command.
6
00:00:05,000 –> 00:00:06,000
Mark Pomerleau [00:02:01]:
The gift that keeps on giving, right?
7
00:00:06,000 –> 00:00:07,000
Frank Cilluffo [00:02:02]:
Exactly, exactly. And for transparency, we do have a task force looking at this issue, but I’m not gonna tip my hand, so I get to be on the other side in this case. But curious if you can sort of bring us back into how it was created a little bit. And what you, if you think that the momentum is actually going in the direction of a split.
8
00:00:07,000 –> 00:00:08,000
Mark Pomerleau [00:02:24]:
Sure, yeah. I mean, this topic has definitely been beaten to death over the last few years, but really the Cliff Notes version is obviously when Cyber Command was being stood up 15 years ago, they just celebrated their 15th birthday last week I believe, the thinking was to co-locate it with NSA to give it a jump start. Now, whether or not that was going to be temporary or not, I think is up to interpretation for a lot of folks. But the thinking was, okay, at some point we’ll stand up U.S. Cyber Command on its own, separate it from NSA. Now, obviously, as time has gone by, there’s been a lot of synergies that have been seen between both of those organizations. And to me, at least, it seemed for a while that this was a settled discussion.
9
00:00:08,000 –> 00:00:09,000
Mark Pomerleau [00:03:13]:
We had the Dunford Report, we had a lot of top members of Congress recently coming out in favor of the dual hat, a lot of members of the military establishment. You look back at some of the work with the Russia small group and defending elections and the synergies that they discussed between having the Title 50 signals intelligence insights informing the Title 10 military insights for US Cyber Command. Obviously at the end of the last Trump administration, there was a push to end that dual hat. Now I think people also forget too that this happened at the end of the Obama administration too. Right?
10
00:00:09,000 –> 00:00:10,000
Frank Cilluffo [00:03:54]:
And the discussion, yeah.
11
00:00:10,000 –> 00:00:11,000
Mark Pomerleau [00:03:55]:
And the discussion. There was some 11th hour discussion at the end of the Obama administration on whether or not to sever that dual hat. Whether or not we’ll see that soon I think is still a little bit up in the air. The outset of the Trump administration, there was some discussion that they might want to do that. Now, the firing of General Tim Hawk, who was the commander of Cyber Command and Director of NSA, I think has spurred the discussion again. And a lot of folks believe that maybe that was a precursor to doing this and installing a civilian at the top of the National Security Agency and another uniformed military four star General, US Cyber Command. Again…
12
00:00:11,000 –> 00:00:12,000
Frank Cilluffo [00:04:36]:
Which I think would need Congress to get it to four star again. Right? Or the NSA role.
13
00:00:12,000 –> 00:00:13,000
Mark Pomerleau [00:04:41]:
The NSA, well traditionally the NSA role has been a three star and as a combatant command, four star for U.S. Cyber Command. So I think that that would probably stay in that capacity.
14
00:00:13,000 –> 00:00:14,000
Frank Cilluffo [00:04:54]:
And you’ve also had nominees such as General Kaine, who’s nominated for Chairman of Joint Staff. He made a pretty eloquent case for keeping it together. But you hear others making an argument. Truth is, is I don’t know if there is a right or a wrong answer to all this. I think there is a capability issue. At the end of the day, whatever it is, we need to make sure we have the capability to be able to project power in a way that marries up with all the discussion on leaning forward. So do you think a split would actually undermine U.S. Cyber Command? Do they have the horses in the stable?
15
00:00:14,000 –> 00:00:15,000
Mark Pomerleau [00:05:35]:
I think that’s a big discussion that a lot of folks are having right now. I mean, there’s some that are in the camp that, look, Cyber Command isn’t ready to stand on its own. It still is, is requiring some of the capability, some of the personnel from NSA. Then you have others on the other side that say, look, people are going to continue to say that for years and years and years. And until you actually firmly split, Cyber Command is never actually going to be able to stand up on its own. Now they have made some progress in terms of beginning to build out their own capabilities. That’s part of the discussion in terms of needing to split, right, is because as a Title 50 intelligence organization, your goal is to not get caught. Right?
16
00:00:15,000 –> 00:00:16,000
Frank Cilluffo [00:06:17]:
Exactly.
17
00:00:16,000 –> 00:00:17,000
Mark Pomerleau [00:06:17]:
And so using that same infrastructure for military operations where you’re doing destruction operations very out in the open, it can undermine that Title 50 intelligence mission. And so Cyber Command has been working to really build up its own infrastructure, its own tools, separate from the intelligence side.
18
00:00:17,000 –> 00:00:18,000
Frank Cilluffo [00:06:36]:
And to pull that thread a little further, any thoughts on strong arguments for and against? And in fairness, we did have George Barnes and Chris Inglis debate this, both of whom know a little bit. But I’d be curious, the pros and the cons that potentially could be at play.
19
00:00:18,000 –> 00:00:19,000
Mark Pomerleau [00:06:54]:
Sure. The cons, as I just mentioned, right, is this job is too big for one person. There’s just too many responsibilities between…
20
00:00:19,000 –> 00:00:20,000
Frank Cilluffo [00:07:02]:
Admiral Rogers discussed that recently here too, right?
21
00:00:20,000 –> 00:00:21,000
Mark Pomerleau [00:07:05]:
I mean, the biggest intelligence agency in, in the United States and a combatant command, two very important roles. Again, the using intelligence infrastructure for military operations, that constant intel gain loss discussion is, is definitely in the con bucket. Pros, I think, are you have a person at the top there that can call balls and strikes on either side, right? Now if you split, you’re going to have to, you know, elevate those conversations maybe to DNI to SecDef, National Security Advisor. Here you have one person at the top that has equities in both agencies, in both organizations and can really call those, again, the synergies. As a signals intelligence organization, the NSA obviously has tentacles all the way out in the world and can really help inform some of U.S. Cyber Command’s operations.
22
00:00:21,000 –> 00:00:22,000
Frank Cilluffo [00:07:59]:
And in fairness, NSA is a, is a combat support agency to other combatant commands, right?
23
00:00:22,000 –> 00:00:23,000
Mark Pomerleau [00:08:06]:
That supports a lot of other roles, right, exactly. So it’s not just Cyber Command they’re supporting. They have so many different other customers that they really need to support.
24
00:00:23,000 –> 00:00:24,000
Frank Cilluffo [00:08:16]:
Both functional and non, and geographic commands.
25
00:00:24,000 –> 00:00:25,000
Mark Pomerleau [00:08:19]:
Exactly.
26
00:00:25,000 –> 00:00:26,000
Frank Cilluffo [00:08:20]:
Let me ask, and this is maybe an unfair question because we don’t know where we’re going to go. But if a split does occur, does that open up a real discussion around whether or not we need a Cyber Force?
27
00:00:26,000 –> 00:00:27,000
Mark Pomerleau [00:08:34]:
I’m not entirely sure about that, to be honest. I think that it may possibly strengthen the argument. But again, I think that the Cyber Force issue is slightly different from the NSA and Cyber Command discussion. I think, because as some of the roadmaps have really charted, a Cyber Force would still be feeding up to a U.S. Cyber Command. So U.S. Cyber Command would still need some of those resources and capabilities absent a Cyber Force, if they were to split. You know, there’s also a cyber intelligence discussion here as well. I mean, I think since its founding, right, Cyber Command has kind of lacked a cyber intelligence capability.
28
00:00:27,000 –> 00:00:28,000
Frank Cilluffo [00:09:22]:
They needed it because they have NSA, right?
29
00:00:28,000 –> 00:00:29,000
Mark Pomerleau [00:09:23]:
Right. And so, you know, the Defense Intelligence Agency has been working some pilots with the command. They’ve been working on improving their foundational cyber intelligence capability. I think from a traditional perspective, there’s a lot that’s known, right? The military knows exactly what a Russian tank looks like, what goes into that. I think some of the intelligence that is needed to map networks is a little bit lacking on the Cyber Command side. And that’s why they’ve needed a lot of that NSA support as well.
30
00:00:29,000 –> 00:00:30,000
Frank Cilluffo [00:09:52]:
Exactly. And it would reopen or re-energize maybe a discussion around sort of collection priorities and how to go about it. Because, because a human collector, human intelligence collector, is not necessarily going to know what to look for in a technical environment. And quite honestly, I see those worlds kind of coming together. It’s human enabled technology and technically enabled human, right?
31
00:00:30,000 –> 00:00:31,000
Mark Pomerleau [00:10:15]:
Exactly. Yeah.
32
00:00:31,000 –> 00:00:32,000
Frank Cilluffo [00:10:17]:
And, and those don’t grow on trees. They’re limited number of people who can sort of cross both worlds naturally.
33
00:00:32,000 –> 00:00:33,000
Mark Pomerleau [00:10:24]:
Totally. Yeah, absolutely. I think the other point I would bring up too is we touched on the intel gain loss discussion as well. And I think that there’s some proponents on the Cyber Command side that have said that the relationship with NSA has limited the command too much, right? There’s always a desire to not disrupt because you want to collect.
34
00:00:33,000 –> 00:00:34,000
Frank Cilluffo [00:10:44]:
It’s an exquisite means to collect. Exactly.
35
00:00:34,000 –> 00:00:35,000
Mark Pomerleau [00:10:49]:
Exactly. I think if you look, if you look back at, you know, the first foray into conducting operations against ISIS Joint Task Force Ares, if you recall, you know, the cyber bombs that they called, I think that from top leadership of the Department of Defense, they were a little bit underwhelmed with what Cyber Command was able to do. I think a little bit of that delved into the intel gain loss discussion, right? Is NSA is getting some exquisite intel collection on some of these assets and they didn’t really want to give it up just to disrupt media operations or certain communication channels. And you know, from folks that I’ve talked to, they’ve said that in an all out war the military is going to win out on that discussion. But as you know, a lot of this is happening in kind of the gray zone below threshold, and so…
36
00:00:35,000 –> 00:00:36,000
Frank Cilluffo [00:11:35]:
That’s actually a great point. And if I’m being fully transparent, that’s where I was eight years ago. I’m now convinced at least that the Title 10 side of the House is getting, getting its, they are being respected and listened to. And if you have the right commander actually operationalized. But five, six years ago, that wasn’t always the case. And if you collect for a living, you don’t want to burn that source, that method, that technique, whatever it is.
37
00:00:36,000 –> 00:00:37,000
Mark Pomerleau [00:12:06]:
And as we’re seeing cyber threats proliferate and a need to be more aggressive from some in this administration and outside, you know, you really need an untethered or unrestricted US Cyber Command that can go out there and isn’t necessarily worried about that intel gain loss discussion and necessarily burning the accesses that others are using for purely collection means.
38
00:00:37,000 –> 00:00:38,000
Frank Cilluffo [00:12:30]:
You know, and I want to pull this when we talk to one of your most recent pieces around Cybercom 2.0 and back to the drawing board a little bit. But have the services, so we have the Cyber National Mission Force, have the services equally played ball in this? And I’m not putting you on the spot to pick and choose your favorite service. I’m not going to ask you to grade them. But isn’t that part of the challenge here that not all services are leaning as forward or they’re not structured in such a way to enable what the next generation of warfighter needs to look like?
39
00:00:38,000 –> 00:00:39,000
Mark Pomerleau [00:13:06]:
Right. And I think that this is part of the discussion that you mentioned surrounding a Cyber Force. And as, as the government is looking at the next generation of what US Cyber Command is and how the military is going to fight cyber, part of it is that each service decided to do it slightly differently over the years, right? The Army was the first to create a cyber branch where, you know, you go in and all you do is cyber, right? We talk about the relationship between Special Operations Forces, Special Operations Command and Cyber Command.
40
00:00:39,000 –> 00:00:40,000
Mark Pomerleau [00:13:41]:
In SOCOM, right, you go in and all you do is special operations for the duration of your career. That wasn’t the case with all of the services in cyber. To a degree, it still isn’t now, right? Even though the army created a cyber branch, the Air Force created its own function, Marine Corps and now the Navy, who by the way was told to do so by Congress because they didn’t.
41
00:00:40,000 –> 00:00:41,000
Frank Cilluffo [00:14:00]:
They didn’t. Yeah, that’s worth noting.
42
00:00:41,000 –> 00:00:42,000
Mark Pomerleau [00:14:02]:
Yes. You still, while you are in a cyber field, you still aren’t necessarily only doing say, cyber mission force operations for U.S. Cyber Command. If you take say, the IONs, right, the interactive on net operators, the offensive cyber operators, that’s a really intensive course. It takes about three years to get some of those folks spun up onto those missions. And a lot of times they’ll do that for maybe a couple years and then their service will take them off to do something else related in cyber for their own service. And so a lot of opponents are saying that that takes a lot of time and investment to take these folks off of that. And then once they go back to it, there’s still a lot of training.
43
00:00:42,000 –> 00:00:43,000
Mark Pomerleau [00:14:47]:
So even though you are in cyber and there are cyber military occupational specialties, they’re still not doing the on net operations for just US Cyber Command.
44
00:00:43,000 –> 00:00:44,000
Frank Cilluffo [00:14:57]:
Which is critical because it’s putting the reps in. It’s the scar tissue. It’s learning. And that takes time. You can’t just snap a finger and expect that to go from 0 to 160.
45
00:00:44,000 –> 00:00:45,000
Mark Pomerleau [00:15:09]:
And to answer, so to answer your question, yes, each of the services have developed their own way of how to fill those responsibilities for U.S. Cyber Command. Some have been a little bit more efficient than others, but I think that that is part of the discussion and what we’re seeing with things like Cyber Force and Cyber Command 2.0.
46
00:00:45,000 –> 00:00:46,000
Frank Cilluffo [00:15:26]:
So we’ll get to Cyber Command 2.0 in a second. But you’ve done some really good reporting on the Tactical Edge, specifically in the Title 10 environment, which we’ve had a lot of discussion around that. But we’re actually starting to see some action where we’re translating some of those nouns into the verbs, and I’d like to get a sense of and how we’re deploying cyber in conjunction with conventional force, power projection and the like. How are the different services going about this?
47
00:00:46,000 –> 00:00:47,000
Mark Pomerleau [00:16:01]:
Right. I think just to start this discussion, we need to rewind a little bit. And I’m sure you recall when Cyber Command was first created, there was this discussion in relationship to nuclear weapons and nuclear weapon doctrine, right?
48
00:00:47,000 –> 00:00:48,000
Frank Cilluffo [00:16:14]:
And deterrence.
49
00:00:48,000 –> 00:00:49,000
Mark Pomerleau [00:16:14]:
Yeah. And deterrence and how these authorities were held at the highest levels of government because they thought that it would be escalatory and disruptive and the President would have to sign off on any cyber operation.
50
00:00:49,000 –> 00:00:50,000
Frank Cilluffo [00:16:25]:
At the same level as like a covert action. I mean it literally, every operation.
51
00:00:50,000 –> 00:00:51,000
Mark Pomerleau [00:16:29]:
Right. And so as, as there’s been, as time has gone on and there’s been some more reps and sets, they’ve realized that, okay, it’s not at that level. And the services now have discovered that they have their own unique organic service needs for some of these capabilities. A classic example is in the Army, right? If you are about to assault a village, maybe can we use some quote unquote, tactical cyber means to hack into a CCTV to be able to get advanced warning of maybe what they’re going to go into and prep the battlefield that way. So there’s been this, this push for tactical commanders to need these capabilities. And each of the services over the years have started to build those out using radio frequency electronic warfare means which are very closely held to tactical commanders. They don’t need to go up to strategic means to get those authorities. And so a few years ago, DoD updated its cyber doctrine and created a new term called expeditionary cyber operations, which is really the manifestation of cyber in the physical domains, right?
52
00:00:51,000 –> 00:00:52,000
Mark Pomerleau [00:17:39]:
U.S. Cyber Command is focused mostly on IP based networks. And I think we’re finding out more and more now that a lot of these targets aren’t necessarily available through remote means. And so part of this is dual focused, right? The first being that tactical commanders need this for their own organic purposes. But also they can really be kind of a proximal tactical extension of U.S. Cyber Command and be able to get that proximal access and pass it back. You know, things like radars, right, that might not be penetrable remotely, but if you get somebody close enough.
53
00:00:52,000 –> 00:00:53,000
Frank Cilluffo [00:18:17]:
Are we a little too cute having separate worlds for EW, RF cyber? In, in a, in a, so we tend to look at the world through our boxes and org charts, but if you’re looking at it from a mission based perspective, are they not converging?
54
00:00:53,000 –> 00:00:54,000
Mark Pomerleau [00:18:34]:
They’re absolutely converging. I think you’re, the Army a few years ago…
55
00:00:54,000 –> 00:00:55,000
Frank Cilluffo [00:18:38]:
They’re leaning forward.
56
00:00:55,000 –> 00:00:56,000
Mark Pomerleau [00:18:39]:
Yes, they, they merged their electronic warfare and cyber branch. So if you go to the cyber school, you’re also learning electronic warfare. There’s, there’s definitely similarities between the two and there’s definitely a lot of convergence. Again, a lot of this at the tactical level is manifesting in what they call RF enabled cyber or radio frequency targeting. Things like WiFi, using, you know, different electronic warfare means to be able to digitally affect certain targets.
57
00:00:56,000 –> 00:00:57,000
Frank Cilluffo [00:19:09]:
And I don’t know how you can do it without that as, as an enabler, as maybe the outcome itself, right?
58
00:00:57,000 –> 00:00:58,000
Mark Pomerleau [00:19:15]:
Exactly. Yeah.
59
00:00:58,000 –> 00:00:59,000
Frank Cilluffo [00:19:17]:
And I’m glad you’re seeing that actually in practice. And I mean, in a defend forward environment, a lot of discussion around strategy, policy, but is the doctrine there?
60
00:00:59,000 –> 00:01:00,000
Mark Pomerleau [00:19:33]:
I think again, they updated the verbiage to include things like expeditionary cyber in the doctrine. Now I think that there’s still a lot that the services are doing to build that out in terms of operational concepts, right? The army created its own cyber battalion. They were approved to create a second. The Navy has recently been creating these non-kinetic effects teams that are located on ships. The Air Force now has these cyber enabled air superiority teams that they just created. So I think that these are still pretty nascent.
61
00:01:00,000 –> 00:01:01,000
Mark Pomerleau [00:20:10]:
There’s also this emerging Triad concept.
62
00:01:01,000 –> 00:01:02,000
Frank Cilluffo [00:20:13]:
I want you to talk about the Triad because you’ve written some really good pieces on that and it just blends with some of my thinking. So I don’t want to lead the witness here, but you want to share some thoughts on the Triad?
63
00:01:02,000 –> 00:01:03,000
Mark Pomerleau [00:20:25]:
Sure. I think the Army really leaned forward and started to mature this and essentially what it is is it harkens to the nuclear Triad. The three legs being the land, air and sea. This is the modern Triad, which really includes space, special operations forces and cyber. And the notion is that all of these together will be greater than the sum of their parts and be able to provide some really unique mission packages and capabilities for commanders. They’ve done some exercises and begun working operational concepts and now it’s starting to trickle up to the joint force with the now combatant commands being Cyber Command, Space Command and Special Operations Command. They’re starting to look at this with a little bit more rigor as well.
64
00:01:03,000 –> 00:01:04,000
Frank Cilluffo [00:21:16]:
And do you see this right now? It’s nascent, it’s conceptual, good concepts I think, but obviously it’s got to be played in the real world. And we all know that strategy doesn’t always translate into, into operations in the way we envision. But is this a one off or do you see this becoming sort of sustained?
65
00:01:04,000 –> 00:01:05,000
Mark Pomerleau [00:21:39]:
I think it’s going to be sustained.
66
00:01:05,000 –> 00:01:06,000
Frank Cilluffo [00:21:41]:
I think it has to be.
67
00:01:06,000 –> 00:01:07,000
Mark Pomerleau [00:21:43]:
Right. I mean you’re, we’re starting to see the importance of space in, in military operations and some of the capabilities that that can provide. And again, harkening back to this tactical or expeditionary cyber notion, these special operations forces, you know, you’re talking about what they call placement and access, right? Your average soldier or average person on the ground isn’t necessarily going to have the mission set or wherewithal to be in close proximity to some of these targets, right? It’s really only the special operations forces that are embedded with partner forces that are doing some of these covert or clandestine operations that are getting close enough to some of these targets to get that proximal access where they can then pass it off to the cyber folks that can actually affect it. And so I think that’s the real key in terms of why this is gaining so much traction and why it’s not a one off and is going to be here to stay.
68
00:01:07,000 –> 00:01:08,000
Frank Cilluffo [00:22:39]:
I hope you’re right on that. And I hope we learn and obviously adapt based on outcomes. Are any other countries doing this right?
69
00:01:08,000 –> 00:01:09,000
Mark Pomerleau [00:22:50]:
I think we were just talking that the Brits have recently just…
70
00:01:09,000 –> 00:01:10,000
Frank Cilluffo [00:22:56]:
Designated a new Cyber and Electromagnetic Command.
71
00:01:10,000 –> 00:01:11,000
Mark Pomerleau [00:22:58]:
Right, exactly.
72
00:01:11,000 –> 00:01:12,000
Frank Cilluffo [00:23:00]:
It seems in the title itself it recognizes some of the convergence, right?
73
00:01:12,000 –> 00:01:13,000
Mark Pomerleau [00:23:03]:
Right. I think some of our NATO partners are looking at bolstering their electronic warfare capabilities and marrying it up to some of their cyber capabilities as well. I think everybody has been watching what’s happened in Ukraine with Russia and have really tried to evolve their thinking on both cyber’s effectiveness in conflict and maybe how other things like electronic warfare can play there.
74
00:01:13,000 –> 00:01:14,000
Frank Cilluffo [00:23:29]:
Any lesson, because you did write also about some of the EW lessons learned, hopefully learned, but lessons coming out of Ukraine and what that means strategically, doctrinally.
75
00:01:14,000 –> 00:01:15,000
Mark Pomerleau [00:23:41]:
Right. I think one of the big lessons that the Department of Defense came away with is that cyber does have a role to play in future conflict, but it’s not the role that they necessarily thought it was a few years ago. And that cyber by itself likely isn’t going to have the effect that they initially thought it was. It’s always going to have to be paired with something else. Again, maybe in a tactical instantiation with the timing and tempo of a commander, maybe, and the opening salvos, knocking down radars to allow penetrating aircraft to come in and drop bombs. But it’s, it’s, by itself, it’s not going to have this huge strategic effect. It’s going to be things like…
76
00:01:15,000 –> 00:01:16,000
Frank Cilluffo [00:24:23]:
But EW had its day in the sun, right?
77
00:01:16,000 –> 00:01:17,000
Mark Pomerleau [00:24:24]:
Oh, EW is going to be a huge enabler going forward. You know, you hear military commanders all the time say if they can’t talk, if they can’t communicate, then they can’t do anything. And so this localized jamming and protection against jamming, I think is going to be hugely important. And the faster commanders realize how to harness that and maneuver within that space, combine it with other effects like cyber and RF. I think we’re really going to see that take off.
78
00:01:17,000 –> 00:01:18,000
Frank Cilluffo [00:24:52]:
And I’m glad you brought that up because ultimately lots of countries talk about strategic capabilities, but ultimately those that are integrating it into their war fighting strategy, doctrine and practice are the ones that are going to dominate, right?
79
00:01:18,000 –> 00:01:19,000
Mark Pomerleau [00:25:06]:
And look, I mean, look at how long it takes to execute a cyber effect, right, it’s not like in Hollywood where you just hit the enter button. That access takes a long time to get, and then even once you get that access, it takes a long time to map those networks where we’re seeing, you know…
80
00:01:19,000 –> 00:01:20,000
Frank Cilluffo [00:25:20]:
And when you burn it, you burn it. Right?
81
00:01:20,000 –> 00:01:21,000
Mark Pomerleau [00:25:22]:
Exactly.
82
00:01:21,000 –> 00:01:22,000
Frank Cilluffo [00:25:22]:
And it can boomerang too.
83
00:01:22,000 –> 00:01:23,000
Mark Pomerleau [00:25:23]:
And on the battlefield things are going to move a lot faster than that. And if you just hit the on switch on a jammer, that’s going to have a much quicker and a much more immediate effect than trying to gain access or blowing that access.
84
00:01:23,000 –> 00:01:24,000
Frank Cilluffo [00:25:35]:
So let’s talk about some of your reporting around Cybercom 2.0. Sure seems like it’s back to the drawing board a little bit. Do you think this is going to be tectonic changes and you have heard much more discussion publicly about the, the need to engage in offensive capabilities to dissuade, deter, compel bad activity, to impose cost and consequence. What do you think this means for Cybercom 2.0 and you’re reporting? I’m not going to ask you, but you’ve done some really good reporting there and there have been hearings on the Hill. So I’d be curious what your thoughts are.
85
00:01:24,000 –> 00:01:25,000
Mark Pomerleau [00:26:13]:
Right. So obviously this 2.0 effort started about a year and a half ago as a way to one – respond to some congressional reports asking about force generation. And I think the second thing that gets lost in this as well is regardless of if there’s a cyber force or not, part of this is really trying to realize the authorities that Congress bestowed on, on Cyber Command, these enhanced budget authorities which really give Cyber Command these service like authorities and control over its budget. Right now they’re executing almost a $3 billion budget with some of these authorities. And so part of this effort is really trying to modernize the command and realize what Congress gave it, right? The command was created 15 years ago, way before a lot of these sophisticated threats and adversaries have been a lot more active in this space. And so…
86
00:01:25,000 –> 00:01:26,000
Frank Cilluffo [00:27:07]:
So do you think it’s a tweak or is it a big change?
87
00:01:26,000 –> 00:01:27,000
Mark Pomerleau [00:27:10]:
I think we’re going to have to see on that. You know, from folks that I’ve talked to, it’s understandable that a new administration would want to maybe put their stamp on this. You know, the last plan was signed in the last hours of the last administration. The Trump administration has really two big policy goals when it comes to the military, and that’s homeland defense and focusing on deterring China in the Indo Pacific. And folks that I’ve talked to have said that deterring China in the Pacific is going to require a lot, especially from a cyber perspective. And the plan that was put forth is probably not necessarily going to get there. And so it’s reasonable that they would want to not necessarily go completely back to the drawing board, but maybe ask them to relook a few things and figure out a few other different modalities and metrics going forward.
88
00:01:27,000 –> 00:01:28,000
Frank Cilluffo [00:28:03]:
And the expansion of the Cyber Mission Force, how does that fit into all of this from your perspective?
89
00:01:28,000 –> 00:01:29,000
Mark Pomerleau [00:28:09]:
Right, so a few years ago they were authorized growth to grow 14 more teams. Originally when it was stood up, they were authorized 133 teams and…
90
00:01:29,000 –> 00:01:30,000
Frank Cilluffo [00:28:21]:
Bodies aren’t there.
91
00:01:30,000 –> 00:01:31,000
Mark Pomerleau [00:28:22]:
Bodies aren’t there. There was, you know, a lot of double counting for some of those bodies and you know, look a lot, again, a lot of these threats didn’t exist when the Cyber Mission Force was architected. And there was always this, this feeling that it would get a relook. But you know, when you’re building the plane while you’re flying it, it’s tough to kind of get a breather and stop, relook, and re-evaluate. And so for a while the answer was just to task organize a lot of these teams to better fit the threat. And now that they’re getting some authorized growth, up to these 14 additional teams I think is a chance to put some more bodies at it, be able to maybe get that reconstitution, get a little bit more breathing room.
92
00:01:31,000 –> 00:01:32,000
Mark Pomerleau [00:29:05]:
But again, as we’re talking about Cybercom 2.0, it’s a way to maybe look at a better way of how the services can provide those bodies, provide that training and maybe make these teams a little bit more effective and a little bit more lethal.
93
00:01:32,000 –> 00:01:33,000
Frank Cilluffo [00:29:19]:
And it all has to align, right? I mean that synchronizing all of this gives you a headache because there’s a lot of moving parts. But if you’re going to do it, you do it right. And I think that is where some of the thinking is. Now, how do you feel the deterrence discussion fits into all of this? You’ve had the National Security Advisor talk about leaning forward. You’ve had Sec Def, you’ve had all the combatant commanders. It seems things that were whispered a few years ago are being publicly discussed.
94
00:01:33,000 –> 00:01:34,000
Frank Cilluffo [00:29:56]:
What do you think that that means and how do you translate that into reality and what are the implications?
95
00:01:34,000 –> 00:01:35,000
Mark Pomerleau [00:30:02]:
Right. I think there’s a little bit that gets lost in the cyber deterrence discussion. A lot of the cyber activity, obviously that we’re talking about is occurring below this threshold of conflict, below the threshold of this gray zone. And you’re never going to deter espionage activity, right? We do it. Everybody else does it.
96
00:01:35,000 –> 00:01:36,000
Frank Cilluffo [00:30:21]:
Been around for a long time.
97
00:01:36,000 –> 00:01:37,000
Mark Pomerleau [00:30:22]:
There’s just no way that you’re going to deter something like that. And I think that that was one of the reasons that things like Salt Typhoon was so, was such a watershed is because there was no real intelligence value in terms of gaining access.
98
00:01:37,000 –> 00:01:38,000
Frank Cilluffo [00:30:37]:
Volt Typhoon.
99
00:01:38,000 –> 00:01:39,000
Mark Pomerleau [00:30:38]:
Volt Typhoon, excuse me, in gaining access to some of these critical infrastructure companies, right? That’s really prepositioning for conflict. And so that I think is where we need to focus the discussion when it comes to deterrence. And not just deterring, quote, unquote, malicious cyber activity, it’s things like that, the destruction things like the Sony hack, right? Things like ransomware. You know, Senator Angus King, this is one of his pet projects. Every single cyber hearing, he’s always talking about cyber deterrence.
100
00:01:39,000 –> 00:01:40,000
Mark Pomerleau [00:31:12]:
General Nakasone, the previous Cybercom commander, famously said at his confirmation hearing that adversaries don’t fear us. And so where I see the deterrence discussion going is we’ve seen the administration say that they want to get a lot more aggressive, but when you just look at the sheer numbers, it just doesn’t seem as though adversaries are deterred from taking some of this action against US and US companies.
101
00:01:40,000 –> 00:01:41,000
Frank Cilluffo [00:31:37]:
And if you go back, and you rightfully pointed back to the counter ISIS campaign, do we need something similar now? Is it cartels, is it, that may be below the threshold of escalation, but, but at the same time, there should be red lines, I would imagine, at least my view. Volt Typhoon crossed the line.
102
00:01:41,000 –> 00:01:42,000
Mark Pomerleau [00:32:02]:
Right.
103
00:01:42,000 –> 00:01:43,000
Frank Cilluffo [00:32:03]:
Salt, as brutal as it was and effective and efficient, I think we’re still learning the consequences of just how significant of a breach that was. That is espionage. That, as much as you hate to do it, it’s going to happen. But I don’t see red lines. And if, and I think people lose, it’s not just deterring. You don’t deter cyber, you deter actors from engaging. And what deters China may not be the same as Russia or Iran or North Korea or the cartels or, you name the ransomware gangs.
104
00:01:43,000 –> 00:01:44,000
Mark Pomerleau [00:32:42]:
And part of this too is that this is a whole of government activity, right? You know, you don’t necessarily have to respond to cyber with cyber, but I think with that, you know, we’ve heard about this risk aversion to taking actions in cyberspace. I think part of loosening the reins with some of the authorities over the past few years and some of the, the tough talk on getting more aggressive is, you know, not necessarily being so risk averse. And I think that there’s something to be said maybe about just putting sand in the gears. I think that was part of the persistent engagement discussion was, you know, it’s tough to, as you were saying, it’s tough to deter some of this activity in cyberspace. You’re never going to deter cyber. But if there’s a way to create more friction and make it harder for them to do their job, they might think twice about it.
105
00:01:44,000 –> 00:01:45,000
Mark Pomerleau [00:33:33]:
Just being present in the space and making it a little bit more hard for them to take that cyber operation is better than doing nothing or at least is maybe deterring them from putting in a little bit more effort because they know it’s going to take more effort to do that action.
106
00:01:45,000 –> 00:01:46,000
Frank Cilluffo [00:33:50]:
And having honest to goodness plans in place. We don’t have to guess who our adversaries are.
107
00:01:46,000 –> 00:01:47,000
Mark Pomerleau [00:33:56]:
Right, exactly.
108
00:01:47,000 –> 00:01:48,000
Frank Cilluffo [00:33:56]:
But we do have to figure delineate red lines. It just shocks me sometimes that we’re like the ostrich with its head in the sand and act surprised when we get kicked in the most obvious place. There should be plans in place, I would argue. And again, Russia is not China, China’s not Iran, Iran’s not North Korea, North Korea is not whoever else. So we need to get a little granular in our thinking around this. Mark, and that’s, sorry to opine too much there, but what questions didn’t I ask that I should have? Well, what’s got you excited and interested these days?
109
00:01:48,000 –> 00:01:49,000
Mark Pomerleau [00:34:35]:
I think again, going back to this more aggressive posture, I think I and everyone else in this space are really interested to see how that manifests itself. I mean, there’s, there’s been this, this tough talk in cyberspace for a long time. And I think everybody is really curious about what it means to be more aggressive in cyberspace and what this administration thinks that that means. I think that I and others are really curious to see how that manifests. And if we’re going to see more action in cyberspace, maybe we won’t because they don’t want us to.
110
00:01:49,000 –> 00:01:50,000
Frank Cilluffo [00:35:09]:
That’s a good point, though. Don’t we have to be public? I mean, not to go back to Dr. Strangelove, but what good is having the doomsday machine if no one knows you got it? But ultimately we can be a little too cutesy in terms of responding because we want to signal not only to the perpetrator behind X, but everyone else watching. No?
111
00:01:50,000 –> 00:01:51,000
Mark Pomerleau [00:35:31]:
Right. I mean, it is tricky in cyberspace just because, as you know, the second you, yeah, you know, that access can go away once the enemy knows about it. But there is something to be said, I think, about being a little bit more public or at least creating maybe some doubt to the adversary, at least being more public and saying, we may do this, we might not. Just keeping them on their toes.
112
00:01:51,000 –> 00:01:52,000
Frank Cilluffo [00:35:54]:
Looking over their shoulders.
113
00:01:52,000 –> 00:01:53,000
Mark Pomerleau [00:35:59]:
Right. The budget is soon approaching. I’m curious to see what that means for US Cybercom and some of their forces. Where is this administration going to be placing some of that, right? Talk is cheap, right? When you want to see where the priorities are, you look at the money. And I think that once those funding lines come out, we’ll be able to see maybe what some of their big priorities are in terms of cyberspace and cyberspace operations.
114
00:01:53,000 –> 00:01:54,000
Frank Cilluffo [00:36:23]:
Mark, that was a perfect way to wrap it up. Thank you for spending so much time with us for our viewers and listeners to get insights on issues that are not discussed every day in our environment. But thank you for keeping, for fighting the good fight. And I hope you continue to break stories and most importantly, you open minds and ideas. So keep doing that. And thank you for joining us today.
115
00:01:54,000 –> 00:01:55,000
Mark Pomerleau [00:36:49]:
Awesome. It was great to be here. Thanks so much.
116
00:01:55,000 –> 00:01:56,000
Frank Cilluffo [00:36:51]:
Thank you. Mark. Thank you for joining us for this episode of Cyber Focus. If you liked what you heard, please consider subscribing. Your ratings and reviews help us reach more listeners. Drop us a line if you have any ideas in terms of topics, themes, or individuals you’d like for us to host. Until next time, stay safe, stay informed, and stay curious.