Pentagon fast-tracks ‘Cyber Command 2.0’ review, requests authorities wish list

Defense Secretary Pete Hegseth recently backed a Biden-era plan to revamp U.S. Cyber Command but only gave the military’s top digital warfighting organization until next month to hammer out the details of how to do it.

Hegseth was briefed on the overhaul, known as “Cyber Command 2.0,” on February 5, according to three sources familiar with the matter. The plan was approved by his predecessor, Lloyd Austin, late last year, and the command immediately started work on an implementation plan to be delivered to the Pentagon within 180 days.

But after being apprised of the initiative, the Defense chief told the command to come back with a plan in 45 days, said these sources, who requested anonymity because they were not authorized to speak publicly about the process. 

The new deadline, which surprised Cyber Command’s leadership, cuts the prep time in half and means the blueprint would need to be turned in on or before March 22.

The abbreviated timeline is in keeping with the Trump administration’s belief the U.S. must be more confrontational in cyberspace in the wake of unprecedented hacks and espionage campaigns by China, though what that entails has yet to be fully explained.

In that vein, shortly after Donald Trump was sworn back into office, the Pentagon asked Cyber Command to compile a list of authorities it needs to be more effective, as well as any regulations that hinder its ability to conduct operations online, according to a former U.S. official, who spoke on the condition of anonymity.

The parallel tasks, which may eventually cross over or even merge together, represent the command’s first big test with Hegseth, who has hinted he might end its longtime leadership structure and has hewed closely to Trump’s campaign promises to rid the U.S. military of those found disloyal.

In a statement, a command spokesperson said the organization is “actively engaged in the implementation planning to innovate and refine our cyber force generation model” in order to “cultivate a highly skilled, agile, and specialized cyber workforce, promoting a focus on lethality, warfighting and readiness” within the DOD’s digital warriors.

The goal is to “achieve domain mastery through the proficient and judicious application of knowledge, skills, and abilities, enabling us to achieve unity of the cyber domain, reinforce the warrior ethos, and challenges at scale.”

Cyber Command 2.0

Recorded Future News reported last year the contours of the 2.0 plan had finally begun to take shape.

Since then, the makeover has coalesced into four main efforts:

• A cyberwarfare innovation center to better engage with industry.
• An advanced cyber training center to scale training across the military’s cyber forces.
• A new force generation model within the military branches.
• A talent management task force to oversee a hodgepodge of workforce-related steps, like standardized retention pay and bonuses.

None of the revamp’s details have been shared publicly, however members of the House Armed Services Committee reportedly were filled in on the plan last week. Staffers on the Senate Armed Services Committee and within personal Senate offices received the same presentation, though it’s unclear when senators themselves will be briefed, according to a congressional source.

Cyber Command has assigned a cross-functional planning team to each aspect of the renovation, the former official said.

Team members “believe this is a huge opportunity and that there’s going to be to some actual teeth in the this implementation plan,” they said, speculating the final document would contain a mix of specific benchmarks to be met and evergreen goals so the command can remain agile and take on new missions and responsibilities as threats change and evolve.

“They realize that this is the first shot out of the gate for the command” with Hegseth, the former official said. “It's got to be a solid, solid product.”

Still, those who have followed the lengthy 2.0 process worry Hegseth’s deadline doesn’t give Cyber Command enough time to negotiate with the military branches over the manpower and funding it will need to successfully pull off any implementation scheme.

“The timeframe makes it impossible to get the services and Cyber Command in alignment on what they're going to do,” according to one U.S. official. “At best, you're going to have an effort at the command to write an implementation plan to satisfy [Hegseth’s] direction, then send it to the services and see who's willing to non-concur.”

A second former U.S. official disagreed, arguing any sticking points are "well-known to Cyber Command and the services” and Hegseth’s role will be to resolve potential impasses.

“Hegseth is saying, ‘We have to get this right. Therefore I want to go faster.’ If they come back to him with their concerns, that may give him a great opportunity to then give very specific feedback on how he wants to proceed to the services,” according to this official. 

“By then everyone's had their day in court, everyone's had a chance to voice their concerns, and let's move out.”

Shifting focus

While Cyber Command has a hard deadline to submit its modernization game plan, it’s less clear when it will deliver its analysis of possible new authorities.

“What the command doesn't want to do is answer the question in context of now and then answer the question in context two weeks from now and then a month from now,” the first former official said. “You end up peppering the department with, ‘It's this authority. And this authority. And this authority.’ They're trying to do the right thing and do some analysis and really look at building a collection of authorities.”

There is precedent for such a request, especially at the beginning of a new administration. Cyber Command, along with Special Operations Command, received a similar petition in 2017, at the start of Trump’s first term. The previous Trump administration also conducted a wide-ranging review of all of the military’s combatant commands in 2020; the deep-dive led to Cyber Command’s Cyber Mission Force being expanded by 14 teams.

It’s unclear if the DOD’s other 10 combatant commands received the same summons this time.

As for Cyber Command, its leaders view the request as an opportunity to mature ideas dating back years and enshrined in the Pentagon’s 2018 Cyber Strategy, according to multiple sources.

That document shifted the U.S. from a mostly responsive footing to a strategy of “Defend Forward,” meant to counter adversary behavior as close to the source as possible. The command executes it through “persistent engagement” where American operators constantly, and quickly, interact with adversaries in cyberspace.

The command now hopes to evolve both ideas and traditional digital operations — which are typically discrete, isolated events — into a “campaign” model where a series of linked and ongoing efforts are used to achieve an overarching strategic objective.

“This has been the vision,” said retired Lt. Gen. Charles “Tuna” Moore, who served as Cyber Command’s deputy chief until 2022.

“What we've shown is great success in doing one-off operations, which have had great impacts in our ability to not only stop things that are happening against the United States and our friends and allies, but prevent them from occurring in the first place, or to impose cost upon them,” added Moore, now a distinguished visiting professor at Vanderbilt University. 

“But the question is, what extra little authority is required, or guidance is required, to now perform those operations at speed and with agility? Because we can't continue this one-off approach; it truly does have to be about campaigning.”

Today, the Pentagon has broad authorities to launch cyber operations under a National Security Policy Memorandum instituted by Trump in 2018. It streamlined the approval process for digital strikes, like the one to disrupt internet access at a Russian troll farm infamous for its role in spreading disinformation around the 2016 election.

The second Trump administration is widely expected to review the memorandum, a process that could be influenced by Cyber Command’s impending answers to DOD on authorities.

Once a campaign is built, for example against China, by the command and approved under a new policy framework, the organization would then have the freedom to execute its objectives and delegate authorities down to a more tactical level, the first former official explained, rather than having to frequently return to the process and obtain okays for each individual step, according to the first former official.

They also cautioned such campaigns “wouldn’t be open-ended” as the digital environment changes rapidly and requires continuous assessment.

“Persistent engagement really is campaigning endlessly. Cyber is the one domain that's in the fight every day,” they noted. “But for these campaigns, there would be a shelf life on them. There’s a left and right limit where you've got to execute, assess and pivot.”

The command spokesperson declined to comment on the analysis. 

“Cybercom, like other combatant commands, regularly assesses its operational requirements. We have no comment to provide on a review at this time.”