Cyber National Mission Force declared sub-unified command

The Cyber National Mission Force has been elevated to a sub-unified command beneath U.S. Cyber Command.
A sign for the National Security Agency (NSA), US Cyber Command and Central Security Service, is seen near the visitor's entrance to the headquarters of the National Security Agency (NSA) at Fort Meade, Maryland, February 14, 2018. (Photo by SAUL LOEB/AFP via Getty Images)

FORT MEADE, Md. — U.S. Cyber Command’s Cyber National Mission Force (CNMF) has been declared a subordinate unified command beneath its parent organization.

This designation signifies the codification of the enduring mission of the CNMF to defend the nation in cyberspace, officials said during a ceremony at Fort Meade, Maryland, on Monday.

The mission of the organization is to protect the nation against cyber threats. Its personnel — largely considered to be the best of the best in the cyber ops arena — form task forces organized against specific threat actors. They are most well known for conducting so-called hunt forward operations which involve physically sending defensively-oriented cyber protection teams to foreign nations to hunt for threats on their networks at the invitation of host nations. They have also worked to defend elections and combat ransomware, among other tasks.

The Cyber National Mission Force was one of several headquarters elements under Cybercom, in addition to Joint Force Headquarters-Department of Defense Information Networks — responsible for operating and maintaining the DOD’s networks globally — and the various Joint Force Headquarters-Cyber, which are each run by the heads of the service cyber components and are responsible for planning and conducting cyber operations on behalf of the combatant commands they are assigned to.


While the sub-unified designation doesn’t mean the CNMF will receive new resources or personnel anytime soon, in practical terms, it signifies maturity of the group and will provide a better resource pipeline for personnel from the services, according to officials.

Currently, when the services — which are responsible for providing the manpower to Cybercom — resource the CNMF, it only shows up as a Cybercom headquarters billet, just like any other combatant command. Now, they’ll be able to see that CNMF identifier, which will allow the services to have greater context for that billet and provide increased training.

Maj. Gen. William Hartman, commander of the CNMF, noted that this won’t create an excess burden on the services to provide that higher fidelity of training given the services must train all cyber operators — offensive and defensive — to the same joint standard set forth by Cybercom. Rather, he told reporters following the ceremony, it will engender an environment where everyone is brought up to a higher level.

Moreover, Hartman equated the Cyber National Mission Force to Special Operations Command’s elite Joint Special Operations Command, which is also a sub-unified organization under Socom. He said JSOC is the most analogous organization to CNMF in that it has a specific and enduring mission, more lengthy duty assignments, unique skill sets and its personnel are trained to an elite standard.

The CNMF was created in 2014 to help meet the U.S. military’s need for an agile force in cyberspace. Now that it has matured, officials said it was time to codify it as a subordinate unified command, noting that its mission is enduring and highlighting the importance of cyberspace as a national security issue.  


With that maturity also comes increased trust and agility. Hartman told reporters that when Cybercom was first created, many of the policies resided at the four-star commander level. However, with the maturation of the CNMF, it could be time to push some of those policies and authorities down to allow the CNMF to respond faster and be even more agile, he said.

Latest Podcasts