U.S. defense officials are insisting that by reorganizing their cybersecurity strategy to give new powers to the director of the National Security Agency, they are not attempting a power grab. The military will continue to focus on protecting its own networks, they said, rather than expanding the military’s role to protecting civilian-run electrical and transportation networks.

Still, the changes the Pentagon has announced for the next 16 months will be significant. The heightened role of the NSA will be reflected in a fourth star. From now on, the NSA director will be either a four-star admiral or general, and this person will lead a new U.S. Cyber Command, dubbed CyberCom, wrote Defense Secretary Robert Gates in a June 23 memo to military leaders.

Army Lt. Gen. Keith Alexander, the director of the NSA, will be promoted to general to lead the new command, which will be organized under Strategic Command, a defense official said. The command will be partially operational by October and fully operational a year from then.

Analysts and military leaders expected the organizational overhaul and creation of a cybercommand for months — Gates’ spokesman called it the “least-best-kept secret” in Washington. But what role, if any, the command would have in protecting civilian-run networks was one of the unanswered questions in the Obama administration’s policy deliberations over cybersecurity. The memo provided an official answer.

The strategy “reinforces but does not expand” the military’s cyberspace role, although the command would provide “support to civil authorities,” Gates told the military services and Joint Chiefs of Staff. The Pentagon did not formally release the Gates memo, but a spokesman verified its contents.

Retired Air Force Lt. Gen. Charles Croom, a former director of the Defense Information Systems Agency (DISA), predicted that the reorganization would leave room for collaboration among U.S. agencies on software and tactics for securing networks, a field in which defense agencies are often regarded as leading civilian networks.

“The sharing of information across all partners, be it industry or Department of Defense or the civil government parts, is really important to this. Nobody has the exact answer,” he said.

The Pentagon plans to dissolve two major cyberagencies that were created in recent years and shift their tasks to the new command. The Joint Task Force for Global Network Operations, which Croom also directed in his role as DISA chief, has been in charge of defensive cybermeasures. A second organization, the Joint Functional Component Command for Network Warfare, has been in charge of possible offensive cyber-operations. Both will be dismantled by October 2010.

The change means that Alexander will be in charge of defensive and offensive cyber-operations in his role as commander of CyberCom. Alexander has been running the network warfare shop, which, like the NSA, is based at Fort Meade, Md.

Some military leaders advocated a larger role for the military in safeguarding civilian networks, but that idea proved controversial in the U.S., where the question of when to apply military forces domestically is always a matter of debate. Protecting civilian infrastructure, especially electric grids, would require digital monitoring of civilian Internet users who attempt to enter networks via electronic gateways, for example. Analysts expect the Department of Homeland Security to work with the White House cybercoordinator to figure out how to protect critical infrastructure networks without violating civil liberties.

Days before Gates sent his memo, he sent his deputy, William Lynn, to the Center for Strategic and International Studies, a think tank closely allied with the Obama administration, to say publicly that the Pentagon is not attempting a power grab. Lynn said “the Department of Defense will defend its computer networks. We will protect this domain. Just as the president has called protecting the nation’s networks a national security priority, protecting our defense networks is a defense priority.”

While all that was unfolding, the Air Force, which abandoned its bid last year to lead military cybersecurity by creating its own cybercommand, was beginning the process of assembling a lower-level cyberwarfare component: the 24th Air Force based at Lackland Air Force Base, Texas. Lackland will be the home of a central command-and-control structure for the Air Force’s offensive and defensive network operations. The 24th Air Force will be part of Air Force Space Command.

If the Air Force was a rebel in the cyber-realm, it is not now: “We believe we’re tracking directly with where the DoD-level [of cyberwarfare planning] is going,” said Brig. Gen. Robert D. Rego, mobilization assistant to the director of air, space and nuclear operations. “And as we take a step back and review [White House cyber-reviewer] Melissa Hathaway’s work for the president, we believe we’re also on track there, although that didn’t necessarily give a lot of detail for below cabinet level activities. I believe our thinking is in line, and we will be able to present the right kinds of forces, both for DoD and for partnership activities between DoD and Homeland Security.”

One of the first tasks will be to find ways to speed up procurement processes for cyberdefense systems to match the pace of innovations by would-be attackers. Brig. Gen. John E. Hyten, Space Command’s director of requirements, is currently leading the examination of cyberprocurement and is expected to present a plan later this year to Gen. C. Robert Kehler, commander of Air Force Space Command.

With the formation of the 24th Air Force, “the Air Force has anticipated the subunified command, and postured itself like it does with most other forces,” said retired Air Force Maj. Gen. Dale Meyerrose, now an executive at Harris Corp. “So organizationally, the Air Force probably sees itself as doing the right thing, doing the right thing at the right time.”

The 24th Air Force’s mission will be focused on what Air Force officials call “the Blue Net” — the Air Force’s own data and communications networks, and the ability to operate that network out to the battlefield.

“The things we think about in cyber now run the spectrum from establishing the Air Force’s networks, sustaining and maintaining the Air Force’s networks, operating those networks, defending those networks, and then, if called upon, exploiting and attacking in, through and from those networks,” Rego said. “Those things comprise the mission set for us, and those would be the things that the 24th Air Force would do, and that the operations center [at Lackland] would be the command-and-control node for.”

Those missions, according to defense officials, will be restricted to military networks and overseas operations.

The mission of CyberCom, and of the 24th Air Force as a component of it, “would be to protect and defend our defense and military networks — the dot-mil,” Lynn said in his think-tank talk. “Responsibility for protecting federal civilian networks would remain with the Department of Homeland Security. Likewise, responsibility for protecting private-sector networks would remain with the private sector.”

However, those distinctions may be difficult to make in practice, since the roles of “offense” and “defense” on military networks — and the Internet — are interrelated. “This is an area where again there’s lots of things to be done and determinations to be made,” Meyerrose said. “However, the Air Force isn’t going to be the predominant leader in this business as far as policy.”

Meyerrose said that much of the Defense Department’s efforts regarding commercial networks would likely be through what defense officials refer to as the defense-industrial base (DIB). These are companies that exchange information with the Pentagon via the Internet, making them potential conduits for cyberspies or hackers. The Pentagon recently tightened cybersecurity reporting requirements for these companies.

“There are 280-plus companies that fall under the DIB umbrella. And so the business about reporting your own problems plus reporting your status of following DIB standards is becoming more strict and disciplined.” Meyerrose said. “And I think this is where this issue is going to be wrestled with, and the Air Force, the Army and the Navy won’t be forced to wrestle with it solely on their own.”

The 24th Air Force inherits the mission of the Air Force’s provisional Cyberspace Command, which was formed in September 2007 by then-Air Force Secretary Michael Wynne. The goal of AFCyber was to bring together all of the Air Force’s cybercapabilities — network operations and support, network security and cyberattack — under a single commander. But in the wake of scandals over the handling of nuclear security and the forced resignation of Wynne and Air Force Chief of Staff Gen. T. Michael Moseley in June 2008, the Air Force scrapped its plans for a major command dedicated exclusively to cyberoperations.

The new Air Force leadership gave Air Force Space Command the cyberwarfare mission, linking up responsibility for the Air Force’s networks with the responsibility for the satellites that those networks depend on.

In one sense, the Air Force did not give up its cyber-initiative, Rego said. “We in fact do have a major command for cyber, and that’s us here at Air Force Space Command.”

As part of the shuffle, the cyberwarfare capabilities that previously fell under the Air Combat Command’s 8th Air Force — including the Air Force Information Operations Center and 67th Network Warfare Wing, both at Lackland — will be moved into the 24th Air Force under Space Command. Air Combat Command will retain its ISR and electronic warfare missions.

The Air Force chose Lackland because it is already the home of two of the Air Force’s largest network warfare units, Rego said. “In the selection of our preferred alternative — that’s Lackland — one of our primary criteria ... was to co-locate with existing cyberactivities,” he said.

Lackland will now also be home to a headquarters unit for 24th Air Force and a new operations center for the centralized command-and-control of the Air Force’s networks. More than 400 Air Force personnel will be assigned to the 24th’s headquarters and operations center, to be built at Lackland, Rego said.