Amid lawmaker concerns, CYBERCOM head says SOCOM-like model is best way forward

Lieutenant General William Hartman, acting commander of the US Cyber Command and performing the duties of director of the National Security Agency, during a House Armed Services Subcommittee on Intelligence and Special Operations hearing in Washington, DC, US, on Thursday, May 15, 2025. (Photographer: Kent Nishimura/Bloomberg via Getty Images)

WASHINGTON — As Congress continues to weigh the idea of a separate cyber force, the head of US Cyber Command told lawmakers today that internal Pentagon findings point to a different solution. 

Instead of a stand-alone cyber force or siloing each service’s cyber operations, Lt. Gen. William Hartman, the acting head of CYBERCOM who is also performing the duties of the NSA chief, said the combatant command would benefit by adopting a model more in line with the structure of US Special Operations Command (SOCOM). 

“We had a requirement from Congress, NDA section 1533 [from the 2023 National Defense Authorization Act], to analyze the force presentation model for the cyber force. We developed an operational planning team from CYBERCOM and across the Department of Defense in order to look at three models,” he told members of the House Armed Services subcommittee on cyber, information technologies and innovation. 

Hartman, who recently took over for ousted NSA and CYBERCOM head Gen. Timothy Haugh, explained the three potential force structures were a separate cyber force, siloed cyber operations in each service, or to adopt a “SOCOM-like model.” 

“Our preference was the SOCOM-like model,” Hartman said, though he did not provide details on how CYBERCOM will adopt such a force structure. 

As it is now, military services provide a set number of digital personnel to CYBERCOM for its operations. Similarly, services provide their own special operations warfighters to various parts of SOCOM. But both models bring inconsistencies since each service has its own recruitment and training regulations, promotion structures and pay and incentive models. Because of this, lawmakers voiced concerns over CYBERCOM adopting a SOCOM-like model. 

Republican Rep. Richard McCormick of Georgia said that such a move would cause CYBERCOM to be more siloed instead of operating as a cohesive, unified combatant command. He added that since SOCOM personnel are trained in accordance with their specific missions, the force model may not carry over well to CYBERCOM — pointing out that Hartman, and Haugh before him, have said CYBERCOM personnel should be uniformly trained so they can be “interchangeable” between missions. 

“The different services of special operations, or SOF operations, are each unique and perform different missions, like SEALs versus joint tactical attack controllers. You talk about CYBERCOM managing common training requirements so that regardless of uniform, everyone is trained to operate as interchangeable,” McCormick said. 

“That’s what worries me, is that we’re bumping up against this. The services want to have their own silos […] it hampers us to do the mission correctly. I’m just really worried that we should put a lot of thought process into this before we jump on this, that we understand that we look before we lead.” 

Rep. Don Bacon, R-Neb., who chairs the subcommittee, said that he believes the SOCOM-like model for CYBERCOM is “the best,” but it does have its pros and cons. One of the cons, he said, is that CYBERCOM personnel must do “service buy-ins,” or become a member of a service before joining CYBERCOM. He said this hinders the command’s ability to have a uniform, interchangeable workforce, as opposed to having one cyber service where every warfighter is trained the same. 

“One of the things it takes to make the SOCOM model work is service buy-ins, and that means they got to recruit and they got to provide trained people to Cyber Command at a level that they need. They also got to develop cyber leaders within their promotion system and growing leadership,” Bacon said. “I’m not sure that we’re doing adequate there.” 

Hartman countered that the services “have done a good job at presenting forces to CYBERCOM,” but admitted they could do better with a “more efficient model.” 

“Our assessment is that there is a more efficient model in order to take a basic trained service member and create an expert trained service member that gets at the idea we call ‘mastery,”’ he said. “So instead of trying to do that across all the services, we do believe there’s an opportunity using CYBERCOM service like authorities, CYBERCOM joint force trainer authorities, in order to build that mastery in the force.”

He did not expand on what such authorities would look like.

The DoD’s wish to move forward with a SOCOM-like structure for CYBERCOM comes as the department is moving forward with its CYBERCOM 2.0 initiative — a plan unveiled by former CYBERCOM head Gen. Paul Nakasone to create a comprehensive evaluation of the command to determine what needs to be improved for the future. 

Broadly, CYBERCOM 2.0 aims to create a cyber warfare innovation center to bolster relationships with industry; an advanced cyber training center; a new force generation model within the military branches; and a talent management task force.