Worried by CYBERCOM Firings, Lawmakers Dig Into Hiring Challenges

Members of Congress from both parties expressed frustration and dismay over the abrupt and still-unexplained firing last month of Air Force Gen. Timothy Haugh from his dual role as head of U.S. Cyber Command and director of the National Security Agency.

The unusual comments came at the start of a May 16 hearing of the House Armed Services subcommittee on cyber, information technologies, and innovation in which lawmakers also expressed concern about the military’s ability to recruit and retain troops equipped and trained for cyber jobs in an era of intense civilian competition for the same skills.

“Gen. Haugh was the most cyber-experienced officer to ever hold this position,” said subcommittee Chairman Rep. Don Bacon (R-Neb.) “He was highly respected by his people and his peers and feared by our enemies. Removing him from the cyber battlefield in this way served absolutely no national security interest.”

“All it did,” said Bacon, a former Air Force one-star general who has emerged as one of the most outspoken Republican critics of the administration, “was to help Russia, China, Iran and North Korea to do what they could not do for themselves.”

Bacon did not question either Hartman or Buckholt about the matter, noting “this is not on you.” But he aded, “when the Secretary of Defense comes to the Armed Services Committee, he will have to answer for this.”

Rep. Eugene Vindman (D-Va.) was blunter, calling Haugh’s firing “completely unacceptable.”

Vindman, a retired Army colonel and freshman congressman, rose to prominence while serving as a legal advisor on the White House National Security Council staff during President Trump’s first term. His identical twin brother, also an NSC official, was the whistleblower who exposed Trump’s phone call with Ukrainian President Volodymyr Zelenskyy, in which the president tried to get Zelenskyy to investigate activities related to the Biden family in Ukraine.

Vindman questioned the witnesses about a U.S. order for CYBERCOM to pause offensive operations against Russia, as Trump pushed for a peace deal between Moscow and Ukraine. Both witnesses declined to discuss operational matters in a public setting, but Buckholt confirmed that “defensive and offensive cyber operations [remain] on the table,” for use against Russia.

Bacon intervened as Vindman pursued the question further. “I actually dug into this whole matter,” Bacon said, alluding to a classified briefing he received on the topic. “There was a one-day pause, which is typical for negotiations, and that’s just about as much I can say.”

CYBERCOM 2.0

Buckholt revealed for the first time that the new administration is taking another look at the reorganization plan CYBERCOM had dubbed “CYBERCOM 2.0.”

As authorized by then-Defense Secretary Lloyd J. Austin III last year, the overhaul envisaged a new “force generation model” for the military services to provide personnel to CYBERCOM; a talent management program to help recruit and retain skilled cyber operators; and two new internal centers—one for advanced training and education, and the other for technology innovation.

CYBERCOM 2.0 “was a great effort to improve our workforce management and retention,” said Buckholt. But “we have taken another re-look and decided that we think it needs even more work.”

Pressed by other lawmakers, Hartman said CYBERCOM leaders favor a model similar to that of U.S. Special Operations Command, where the unified combatant command oversees training and force development while geographic combatant commanders retain operational control.

Using new congressionally granted Joint Force trainer authorities, CYBERCOM would be better able “to take a basic trained service member and create an expert trained service member,” rather than relying on the services to do the training. The problem with service-specific training models is that they have resulted in a mish-mash of standards.

A SOCOM model “balances efficiency with flexibility,” he said.

Hartman told the hearing that the same new authorities would also help him with his number one challenge—talent management in a field with constant competition from the private sector. The military is successfully retaining personnel in four specialized roles: interactive on-net operators, otherwise known as “nation-state hackers”; exploitation analysts, who can map enemy networks; and coders who can write software.

One key to success: the uniquely attraction of working on “exquisite” national security missions.

“We offer opportunities no tech company can match,” he said.

But CYBERCOM continues to struggle to attract enough linguists, intelligence analysts and planners, among other specialties. The federal government’s hiring freeze, the “Fork-in-the-Road” job reductions, and early retirement offers to tens of thousands of federal civilian employees have also raised the bar for federal hirign.

Hartman said 5 percent to 8 percent of eligible CYBERCOM staff had accepted the early separation offer, including a disproportionate number of more experienced employees, but he said there was little to do besides deal with the challenge.

“We have a deep and talented workforce, and we have junior leaders that will move up and assume those responsibilities,” he said. “It will be difficult. It will require leadership, but we know who’s leaving. We’ve developed contingency plans, and it’s my job to ensure that we execute those plans and continue to perform our mission.”

“We are working with the [defense] department to address the impact of the hiring freeze. We’re hiring a highly technical workforce, oftentimes with investments over a number of years, in order to create the skill sets that we’re looking for. So … we are hopeful that that freeze will be lifted soon,” he said.

Buckholt added that her policy office is working with the DOD Chief Information Officer’s staff to leverage special authorities to hire “cyber excepted” personnel. “We are working through options now to see how many folks we can bring in under that umbrella,” she said.