Government Senate Confirms Joshua Rudd to Lead NSA and US Cyber Command The leadership structure, commonly referred to as the “dual-hat” arrangement, assigns a single individual to oversee both organizations. By Mike Lennon | March 11, 2026 (3:08 PM ET) Flipboard Reddit Whatsapp Whatsapp Email The U.S. Senate on Tuesday confirmed Army Lt. Gen. Joshua Rudd in a 71–29 vote to lead the National Security Agency (NSA) and U.S. Cyber Command (CYBERCOM), filling a critical national security role that had remained vacant for nearly a year after the firing of the previous director , General Timothy Haugh, in April 2025. The leadership structure, commonly referred to as the “dual-hat” arrangement, assigns a single individual to oversee both organizations. President Donald Trump nominated Rudd to the position in December, when he was serving as deputy commander of U.S. Indo-Pacific Command. Rudd’s confirmation followed reviews by both the Senate Intelligence Committee and the Senate Armed Services Committee due to the unique structure of the role, which bridges military cyber operations and intelligence collection responsibilities. The position had remained unfilled for months after the Haugh was dismissed, leaving the agencies operating under interim leadership amid growing concerns about cyber threats from nation-state adversaries. Haugh had assumed the leadership role in February 2024. Rudd previously held several senior military roles, including leadership positions within Army Special Operations forces and assignments connected to the Army’s elite Delta Force units. Supporters of his nomination pointed to his operational leadership experience and strategic background in national security. Advertisement. Scroll to continue reading. However, the confirmation process also drew scrutiny from some lawmakers who questioned Rudd’s relatively limited experience in cyber operations and signals intelligence compared to previous leaders of the NSA and Cyber Command. Some industry observers say the appointment reflects a broader shift toward integrating cyber operations more directly with military strategy. “This appointment aligns with the current administration’s six-pillar strategy, emphasizing a more aggressive integration of digital and physical military operations,” said John Carberry, Solution Sleuth at Xcape. “For security professionals, this leadership change signals a pivot toward a warfighter’s mindset in the digital domain, prioritizing operational speed and mission impact over traditional intelligence cycles.” Carberry added that as cyber and conventional conflict continue to converge, organizations should prepare for a more assertive federal cybersecurity posture. “As the lines between kinetic and cyber conflict blur, the industry must prepare for a federal posture that treats the internet as a high-stakes battlefield rather than just a data environment,” he said. “Defenders should focus on hardening critical infrastructure resilience and improving real-time threat sharing to keep pace with an increasingly proactive national defense stance.” Others have argued that filling the leadership role was itself the most urgent priority. “The dual-hat NSA/CYBERCOM seat has been empty for nearly a year while the administration published a cyber strategy calling the workforce a ‘strategic asset,’ the U.S. entered an armed conflict with Iran, and China continued daily operations against American infrastructure,” said Michael Bell, founder and CEO of Suzu Labs. Bell said criticism of Rudd’s background may overlook the operational leadership required for the position. “The technical SIGINT and cyber expertise already lives in the career workforce at Fort Meade,” Bell said. “The director’s job is operational leadership, and understanding the China threat from a combatant commander’s perspective may matter more than a traditional signals intelligence resume as offensive cyber becomes part of military campaigns.” Bell added that Rudd’s leadership could help accelerate government collaboration with private-sector cybersecurity talent. “If he applies that playbook to build acquisition frameworks that bring cleared private-sector talent into offensive cyber missions, the strategy will start to mean something,” Bell said. Rudd will now assume leadership of both NSA and Cyber Command at a time when the agencies face mounting pressure to strengthen U.S. cyber defenses, conduct offensive cyber operations, and safeguard critical infrastructure from increasingly sophisticated threats posed by China, Russia, Iran, and North Korea. Rudd’s confirmation comes less than a week after The White House released President Trump’s Cyber Strategy for America , calling for “unprecedented coordination across government and the private sector,” along with investment in top technologies and innovation to boost America’s offensive and defensive cyber capabilities. In January 2026, the NSA announced the appointment of Timothy Kosiba as its 21st Deputy Director. Written By Mike Lennon For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is founder and director of several leading cybersecurity industry conferences around the world. More from Mike Lennon US Cyber Strategy Targets Adversaries, Critical Infrastructure, and Emerging Technologies Zscaler Acquires Browser Security Firm SquareX CrowdStrike to Acquire Browser Security Firm Seraphic for $420 Million Tim Kosiba Named NSA Deputy Director CrowdStrike to Buy Identity Security Firm SGNL for $740 Million in Cash Palo Alto Networks, Google Cloud Strike Multibillion-Dollar AI and Cloud Security Deal Microsoft Names New Operating CISOs in Strategic Move to Strengthen Cyberdefense Agentic Security Firm 7AI Raises $130 Million Latest News MedTech Giant Stryker Crippled by Iran-Linked Hacker Attack Wiz Joins Google Cloud as Landmark Acquisition Closes CISO Conversations: Aimee Cardwell 238,000 Impacted by Bell Ambulance Data Breach Scanner Raises $22 Million for AI-Powered Threat Hunting OpenAI to Acquire AI Security Startup Promptfoo Fortinet, Ivanti, Intel Patch High-Severity Vulnerabilities How to 10x Your Vulnerability Management Program in the Agentic Era Trending Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Securing Fragile OT in an Exposed World March 10, 2026 Get a candid look at the current OT threat landscape as we move past "doom and gloom" to discuss the mechanics of modern OT exposure. Register Virtual Event: Supply Chain Security and Third-Party Risk Summit March 18, 2026 Join the event where top security experts unpack the biggest software supply chain risks. Register People on the Move Ed Jennings has been appointed President and CEO at Darktrace. Ironscales has appointed Steven Malone as CSO and Amit Bluman as SVP of Research & Development. Synack has appointed Angela Heindl-Schober Chief Marketing Officer. More People On The Move Expert Insights How to 10x Your Vulnerability Management Program in the Agentic Era The evolution of vulnerability management in the agentic era is characterized by continuous telemetry, contextual prioritization and the ultimate goal of agentic remediation. (Nadir Izrael) SIM Swaps Expose a Critical Flaw in Identity Security SIM swap attacks exploit misplaced trust in phone numbers and human processes to bypass authentication controls and seize high-value accounts. (Torsten George) Four Risks Boards Cannot Treat as Background Noise The goal isn’t about preventing every attack but about keeping the business running when attacks succeed. (Steve Durbin) How to Eliminate the Technical Debt of Insecure AI-Assisted Software Development Developers must view AI as a collaborator to be closely monitored, rather than an autonomous entity to be unleashed. Without such a mindset, crippling tech debt is inevitable. (Matias Madou) Security in the Dark: Recognizing the Signs of Hidden Information Security failures don’t always start with attackers, sometimes they start with missing truth. (Joshua Goldfarb) Flipboard Reddit Whatsapp Whatsapp Email