- 5/21/2025
The Senate Armed Services Committee holds a hearing on the "defense of the Department of Defense information network."
Category
🗞
NewsTranscript
00:00You did an excellent job at the Army Cyber Center of Excellence on Fort Eisenhower, and
00:12it is great to see that the Army is cultivating and rewarding capable cyber operators and
00:17leaders like yourself.
00:19Your testimony on securing and defending the Doden comes at a critical juncture for our
00:23nation's cyber security posture.
00:26Our military must maintain a ceaseless vigil against relentless attacks on our networks
00:32from sophisticated adversaries.
00:36This is not a theoretical battle.
00:39Cyber operators actively defend our networks against state and non-state actors 24-7, 365
00:47days a year.
00:48The fundamentals of the cyber domain present a persistent challenge.
00:52These require only a single successful breach, while we must maintain perfect defensive integrity
00:58across all systems at all times.
01:01The Department has invested billions in active defense of the network that supports the entire
01:05DoD.
01:07Defense Information Systems Agency, or DISA, is the organization responsible for providing
01:12and running the Department's secure systems and networks.
01:17The organization responsible for protecting and securing the daily operations of those
01:22networks is an organization called the Joint Force Headquarters Department of Defense Information
01:27Network, or JFHQ-DODEN, and Lieutenant General Stanton oversees both, and as such is one
01:34of the many individuals across the Department that is dual-hatted.
01:39The DODEN has been around for 10 years, and the directive to elevate it to a sub-unified
01:45command represents a significant organizational milestone.
01:49Making it a sub-unified command allows it to be task-oriented underneath cyber command
01:55to focus on running and securing the DoD's networks and will further strengthen our defense.
02:02DISA and JFHQ-DODEN use different tools to protect DoD networks, such as Thunderdome
02:08and the Zero Trust Security Program, both of which are being implemented very quickly.
02:14Today, we will hear about these two systems, which will be ready by 2027, along with other
02:20important network security programs.
02:24Despite progress in these security programs, the road ahead demands continued focus and
02:29urgency, from securing the operational technology in end-user devices and weapons systems to
02:36implementing artificial intelligence capabilities that can detect adversary activities before
02:41they approach our networks or hunt them down if they make it in.
02:46The technological imperatives are clear.
02:48We must develop and implement emerging technologies in innovative ways, securely and quickly.
02:54Our adversaries are rapidly innovating, and we must do the same.
02:59The threat of cyber attacks is not diminishing.
03:02It grows more sophisticated each day.
03:04When we examine the resources near-peer competitors like China are devoting to developing their
03:09cyber forces, the gravity of the threat becomes more stark.
03:14They are aggressively pursuing technology to enhance their effectiveness in cyberspace
03:19and continue to make significant investments in artificial intelligence to build more sophisticated
03:24capabilities.
03:26American technological superiority has historically been our asymmetric advantage, and we must
03:31maintain this in the cyber domain.
03:34We cannot permit a capability gap to develop in such an all-encompassing and important
03:39domain of warfare.
03:42The first proverbial shots to be fired will take place in this domain.
03:47Any attack in any other domain will be preceded by an attack on our vital cyber networks.
03:54While initiatives to develop capabilities such as exquisite AI-enabled cyber defense
03:58are underway, the timelines associated with delivery of these needed cybersecurity capabilities
04:04and environments are clearly too slow.
04:08Extended deployment schedules create operational risks that our forces have to mitigate through
04:13other means.
04:15Our adversaries operate on compressed timelines.
04:17Our response capabilities much match or exceed their tempo.
04:23Today, I look forward to understanding more of the notable achievements in securing and
04:28defending the DODIN.
04:32I am particularly interested in how DSUB and JFHQ-DODIN intend to accelerate delivery
04:37of these critical systems to enhance our defensive capabilities from the cell phone to the laptop
04:43to the enterprise network.
04:45This subcommittee stands ready to provide the support needed to guarantee these vital
04:50efforts succeed in protecting our nation's most critical networks.
04:55I'll now recognize my friend and colleague, the Ranking Member, Senator Rosen, for opening remarks.
05:00Senator Rosen.
05:01Well, thank you, Chairman Browns, and I'd like to begin by welcoming our witness, General
05:07Stanton, and thanking him for joining us today to discuss the security and resilience of
05:12the Department of Defense Information Network, what we know as DODIN.
05:16So much easier to say DODIN, lots faster.
05:20This is a critical issue, not just for cybersecurity professionals, but for every person in uniform
05:26and for every single mission around the globe.
05:30We must rely on trusted, real-time access to information and communication.
05:38As a director of the Defense Information Systems Agency and the commander of the Joint Force
05:42Headquarters, DODIN, so we have JFHQ and DODIN, we're going to be an alphabet, lots of acronyms
05:50today, but General Stanton, we're so proud you oversee one of the largest, most complex,
05:54and most targeted networks in the world, one that supports the President, the Secretary
05:59of Defense, the Joint Chiefs of Staff, and our warfighters operating across the globe.
06:07That is no small task, sir, and I want to recognize the incredible scope of your mission
06:12and the personnel who support it.
06:17We are operating in an era of persistent threats, cyber threats, where our adversaries, they're
06:22probing, they're testing our systems every single day, seeking any opportunity, however
06:29small, to degrade our command and control, to disrupt our operations, or steal our most
06:34sensitive information.
06:36This makes defense of the DODIN a linchpin for our national security, for our national
06:42safety, our personal security.
06:45As a former systems analyst and computer programmer, I've seen how much the technological
06:49landscape has evolved since I began, and how deeply integrated digital infrastructure has
06:56become to our operations and, frankly, every single bit of our lives.
07:01But with that evolution comes an expanded attack surface, and as we integrate to more
07:07cloud-based services, AI tools, zero-trust architectures, we also face increasingly complex
07:14security challenges.
07:16In this hearing, I hope we can explore how DISA is managing that complexity, how you're
07:22building resilience into the system, how you're attracting and retaining cyber talent, and
07:29integrating innovation into what you do without compromising our operational security.
07:36I'm also particularly interested in how your team is implementing zero-trust principles
07:41across such a vast and, frankly, diverse enterprise, and what this subcommittee can
07:46do to support this critical effort.
07:49We know that the threats are evolving faster than ever, and that's not ever going to change,
07:56I don't think.
07:57So we must evolve our defenses to meet the ever-changing threat.
08:03So I look forward to today's discussion, to working with you, with Chairman Rounds, and
08:07our colleagues on both sides of the aisle to ensure the DODIN remains well-protected,
08:12agile, and always mission-ready.
08:15So thank you, Mr. Chairman, I yield back.
08:19And Lieutenant General Stanton, you may begin.
08:21If you have opening remarks, your full statement will be in the record.
08:27Chairman Rounds, Ranking Member Rosen, thank you for your support and the privilege of
08:31representing the men and women of the Joint Force Headquarters Department of Defense Information
08:35Network and the Defense Information System Agency.
08:38I appreciate the opportunity to share our progress in designing, building, deploying,
08:43and defending the Department of Defense Information Network.
08:46It's a central resource and critical weapons system for meeting our nation's objectives,
08:51including defending the homeland, deterring China, and rebuilding our military.
08:56Our mission never rests.
08:58It's hard to imagine any aspect of planning, preparing, or executing modern warfighting
09:02that does not include data production, consumption, transport, or analysis.
09:07Joint Force Headquarters, DODIN, and DISA have the responsibility of securely delivering
09:11real-time, globally accessible information to the joint warfighter.
09:15We ensure the right data is at the right place at the right time, empowering commanders to
09:20make better and faster decisions than our adversaries.
09:24We are warfighters supporting warfighting.
09:26We inculcate the warrior ethos.
09:30Joint Force Headquarters, DODIN, and DISA maintain distinct responsibilities, yet support
09:33one another to balance performance and security in the context of risk.
09:38On behalf of U.S. Cyber Command, the Joint Force Headquarters, DODIN, organizes, observes,
09:42and maneuvers within cyberspace to defeat enemy aggression and preserve functionality
09:47for friendly operations.
09:49Under the direction of the DOD Chief Information Officer, DISA designs, builds, and securely
09:54operates the DODIN.
09:56Together, we enable the inherently joint, partner, and enterprise-scale capabilities
10:01that ensure mission success.
10:03Accordingly, our priorities to meet the urgency of our challenges are consistent for both
10:08the command and the agency.
10:11First, we are building collective readiness across the Department and with our industry
10:15partners.
10:17Success in warfighting requires forces that are manned, organized, trained, and equipped
10:21to operate effectively at both the individual and collective levels.
10:26Our operations require combining skill sets such as host, network, and data analysis towards
10:30mutually supporting outcomes.
10:33Each must do his or her part with confidence and competence.
10:38Importantly, our headquarters must also confidently issue DODIN-wide orders, knowing that receiving
10:45organizations are ready to execute.
10:47The elevation of Joint Force Headquarters, DODIN, to a sub-unified command will significantly
10:52increase readiness by establishing a unified command structure that drives consistent training
10:58standards and readiness evaluations across all 45 organizations that own a portion of
11:04the DODIN battlespace.
11:06Our second priority is campaigning.
11:09We are proactively planning and prioritizing to defeat cyber adversaries and to provide
11:14functionally relevant capability to warfighters at the time and place of need.
11:20Defeating cyberspace dependencies, the enemy's intent, the enemy's capabilities, and the
11:25potential for the enemy's capability to actually impact the mission provides focus for our
11:31defensive operations.
11:33We prioritize our limited resources against the most critical systems and preserve our
11:38freedom of action while imposing cost on the adversary.
11:43Just as fast as capabilities are in place, they require upgrades.
11:47Our third priority is, therefore, continuous modernization.
11:50We actively field emerging technologies and iterate within our development process.
11:56We design for extensibility with the understanding that technology and the operating environment
12:01will inevitably change.
12:04As we rebuild our military, we shape the information environment according to how we intend to
12:08use it.
12:09We ensure it is always ready to meet expeditionary warfighting requirements.
12:14Our final priority is to establish lethality.
12:17We impose cost on our enemies and provide decision advantage to our warfighters.
12:23Deterrence in the cyber domain includes raising the cost of attack beyond that which an adversary
12:28is willing or able to bear.
12:30Thinking beyond cyberspace, all battlefield operations are subject to the proliferation
12:34of data.
12:35We must transform it to enable lethal and oftentimes kinetic action.
12:40We are charged with sensing and transporting disparate data streams into a coherent and
12:44comprehensive picture that empowers decision-makers at all levels.
12:50Securing our nation requires a robust, resilient, and well-defended cyber environment.
12:54I'm proud to represent the individuals serving Joint Force Headquarters Doden and DISA who
12:59carry out this mission every day.
13:01With the continued support of this committee, our cyber forces will remain prepared to meet
13:06the challenges of today and the threats of tomorrow.
13:10Thank you, and I look forward to your questions.
13:12Lieutenant General Stanton, thank you.
13:14I'll begin, and we'll move back and forth in five-minute rounds, and we'll do a couple
13:18of them, and then if we have other members join, they'll be welcome to come in as well.
13:22In April, the Zero Trust Portfolio Management Office announced a 2030 timeline for full
13:28implementation of Zero Trust across operational technology devices and a date of 2035 for
13:36weapon systems.
13:38Given the rapid evolution of threats targeting these systems, what interim security measures
13:43are being deployed to mitigate risks during this extended period?
13:47Senator, I appreciate your question.
13:52DISA has introduced Thunderdome, which is our implementation of Zero Trust.
13:58So we are able to look at individual systems, the individuals that are using those, make
14:04informed decisions about what resources they are able to access.
14:09We follow the Zero Trust principles.
14:11In fact, Thunderdome was recently assessed by a third party, meeting all 132 of the 132
14:17Department of Defense standards and activities for Zero Trust.
14:21We have it in action already.
14:23We have implemented Zero Trust in coordination with SOUTHCOM, and in addition, we have it
14:29embedded into the evolution of what we refer to as DoDnet, the modern and secure infrastructure
14:36and architecture that DISA is providing.
14:38Since this is an open session, let's talk a little bit about Thunderdome.
14:43Can you give us a little bit of an indication here so that the folks that are listening
14:46to it, it sounds interesting, but just exactly how does it work?
14:51Yes, Senator.
14:54We have a number of appliances and software products that are state of the art provided
14:59by our commercial industry partners that we integrate into a coherent solution.
15:05We first check to see who individuals are in the environment.
15:10We also check the state and security of the device upon which they are operating.
15:15We put those two together to make sure that the user on the device are authorized to access
15:20resources, and then we have fine-grained controls that determine which resources they are able
15:25to access.
15:27When you're doing this, and for the next couple of years, it really is a challenge for any
15:33defense system to actually modernize while still maintaining that operational capability.
15:39What you've done is taken Thunderdome, and during this interim time period, you've integrated
15:45into the systems, and basically every single user, along with the platform that they're
15:52on, is checked before it's authorized entrance into the DODIN.
15:57Accurate?
15:58Yes, Senator.
16:01Successful in terms of, is it 100% successful?
16:05What's the probability of somebody getting around that, and what's the biggest risk to
16:09it?
16:11Another inherent principle to Zero Trust is to continuously evaluate the access to the
16:16resources.
16:18It's not just getting into the DODIN, but it's each time that you go to access resources,
16:22you're re-evaluated.
16:24The risk of someone gaining access, that exists.
16:29We will never be 100% secure.
16:33However, we check and validate every subsequent access, and if the enemy gained a foothold
16:40into the environment, now they can't operate without impunity, and we log everything to
16:46track what is happening in the environment.
16:49Kind of leads me into the next question, which is, the September 2024 DODIN Command Operational
16:56Framework introduced new requirements for reporting readiness through the department's
17:01readiness tool, called the Defense Readiness Reporting System, or DARS-S. What specific
17:06cybersecurity metrics, what are the metrics for being, what are you capturing with that,
17:14and how do these metrics provide a more comprehensive view of the DODIN operational readiness?
17:19Readiness is my number one priority, and the question you're asking is exactly what we're
17:24driving towards.
17:26We have baseline metrics that assess the effectiveness of a cybersecurity service provider.
17:33The Joint Force Headquarters DODIN has evaluations teams that travel out to the 45 DODIN areas
17:38of operation, and assess the effectiveness of their CSSPs.
17:43We record that in the Defense Readiness Reporting System, DARS.
17:47We can do better, and we're working on establishing additional metrics that can develop a more
17:54comprehensive picture for us to have confidence that all of the DODIN areas of operation can
17:59operate effectively.
18:02Well, thank you.
18:05I was going to ask something different about the workforce first, but I'm going to build
18:09on the Zero Trust architecture.
18:13I understand what you're saying, who is the person, user, who is the device?
18:17You're going to check them every time.
18:18We have that a lot in our own, in other things that regular people do with banking, other
18:23kinds of things.
18:24But I would think, as I'm listening to you, I'm thinking about how does the user or device
18:31get into the registry, if you will.
18:35And I'm thinking that that could be a point of vulnerability.
18:39I know there's many ways that people gain access, understanding that you have things
18:44all around the globe.
18:46But thinking that there's a point of vulnerability, because if somehow someone can put themselves
18:50as a trusted user or device, then that's one maybe big way they can get into the system,
18:59not the silent way.
19:00So how are you securing that piece, if you will?
19:05Yes, Senator.
19:07Enterprise Identity Credentialing and Access Management, or EICAM as we refer to it, is
19:13a central component to the effective employment of a Zero Trust environment.
19:17So making sure that we know who you are and we have multiple different forms of validating
19:22your identity is an inherent principle.
19:26Additionally, once we issue a certificate, it authenticates you into the environment.
19:32That certificate is time bound and continuously checked.
19:36And we have measures by which we can revoke it.
19:38So in the event that we see something that is anomalous through our logging, we can revoke
19:43that certificate on the spot and deny further access into the environment.
19:49That answers the question for me.
19:50And I guess the question we always ask, do you have the resources that you need now to
19:56continue to build out your Zero Trust architecture going forward as we're entering into the
20:02NDAA season, if you will?
20:05Thank you, Senator.
20:06There are two primary initiatives through which DISA is implementing Zero Trust.
20:12So DoDnet is our initiative to establish a modern and secure infrastructure for the defense
20:19agencies and field activities.
20:20They had independently run their networks previously.
20:23We're in the process of migrating them.
20:25As we do, we build in the Thunderdome Zero Trust model into that environment.
20:30Additionally, we're working with the multi-partner environment executive agent to incorporate
20:35Thunderdome into our implementation of the multi-partner environment, or MPE as we refer
20:41to it.
20:42We're not waiting.
20:43We're moving out aggressively.
20:45Very good.
20:46This all leads to my first question that I was going to ask is about, well, it's kind
20:51of two part, the impacts of recent civilian workforce cuts and DoDNET's ability to conduct
20:57your assigned missions.
20:58I think it's more than that.
21:00Because sometimes the workforce cuts, we understand we want to streamline, do things better.
21:04We're going to do things better with computing for sure.
21:07But that can have an impact on both our future recruitment, retention, morale, which is key
21:13to maintaining our readiness and preparing for the future.
21:15We know we have these issues, particularly when the public sector can be very lucrative
21:21for folks who work in that.
21:24If you would kind of speak of the snapshot of the impact of these cuts from deferred
21:30retirement, probationary employees, planned reductions in force, and how is this really
21:35going to impact you going forward?
21:39Thank you, Senator.
21:41First, I'd like to acknowledge that I personally have the utmost respect for anyone that has
21:46raised his or her right hand and sworn an oath to support and defend the Constitution
21:50of the United States, as do all of our civilian and uniformed service members that operate
21:54within the Joint Force Headquarters and within DISA.
21:58We will suffer about a 10% loss in terms of the numbers of individuals that are within
22:06the Defense Information Systems Agency.
22:09It's giving us an opportunity to ruthlessly realign and optimize how we are addressing
22:17what is an evolving mission.
22:20Things like the multi-partner environment and initiatives like DoDNet are driving our
22:25workforce to perform roles that they hadn't previously.
22:28We are doing a realignment, and we're going back to the department to ask for what we
22:33refer to as a surgical rehiring.
22:36We need to hire the right people back into the right positions to then lead us forward.
22:42We'll talk about those resources.
22:45This is my last part on this question, because on April 10th, there was a memo that was issued
22:50by Secretary of Defense that announced the termination of the several contracts and insourcing
22:55of IT consulting and management services to our civilian workforce.
23:00Could you provide any details to us in this open hearing?
23:04If not, we could do it in the closed.
23:06What are your security concerns here?
23:08Everyone does take an oath, but you have these public-private partnerships.
23:14With all of this happening, how is that really impacting you?
23:19Thank you, Senator.
23:20Reviewing contracts is a necessary part of our business in the IT world.
23:25As technology changes, we have to continually evaluate whether or not we have the right
23:30industry partner performing the right mission.
23:33We routinely evaluate our contracts.
23:35You just want to be sure it's strategic and surgical, not just across the board.
23:41That's absolutely correct.
23:43That has been our approach, and the Department of Defense has given us within DISA the opportunity
23:49to handle it through a surgical lens.
23:53Our contracts are aligned to the highly technical IT and cybersecurity workforce.
23:58They're not consulting contracts.
24:00These are individuals that are putting hands on keyboard, that are running fiber optic
24:04cables, that are performing server maintenance in a global footprint.
24:10Our contracts are healthy and are in a good spot.
24:16The impetus and drive from the department is, however, forcing our industry partners
24:21to evaluate how they are presenting their technical force to us, and we're gaining
24:26some efficiencies in the process.
24:29I appreciate it.
24:32Let's follow that up a little bit.
24:35You not only have to have the tools, but you've got to have the manpower as well.
24:40Talk a little bit about just the size and the scope of what this is to begin with.
24:46You're protecting the Department of Defense's entire system.
24:53Talk about how big that is, and about the number of people that you employ either in
24:57uniform or by contract to begin with.
25:00Yes, Senator.
25:01Our population size is roughly 20,000.
25:05Slightly more than half are contracted.
25:09About 6,800 are civilians, and about 1,200 are active duty military service members.
25:16Then the pipeline for bringing in individuals, what types of professional backgrounds or
25:25what types of training are you looking for for the majority of these individuals?
25:30Can you give us a sense for the folks that are out there that are looking at it, wondering
25:33whether or not some young man or young woman decided they want to be involved in this?
25:38Talk about what the qualifications are that you're looking for, or that you can train
25:43for.
25:44Senator, I'll tell you that the first characteristic that we target in recruiting is inquisitiveness
25:50and the ability to innovate.
25:52Someone that's going to be a lifelong learner that's going to adjust on the fly.
25:56The technology that we put in their hands today won't be that which they're using two
26:00years down the road.
26:02Someone has to be willing to engage with and learn on their own so that they can incorporate
26:08new technology.
26:09I'm quite proud of our scholarship for service program that we have within DISA, where we
26:14actively recruit highly technical folks and help pay for the remaining two years of their
26:21tuition in order to bring them onto our team for three to five years.
26:27I'll just take an example.
26:29Dakota State University in Madison, South Dakota is known for their cyber security operations.
26:35You would actually look for someone who had an interest in coming to work, either in uniform
26:40or outside of uniform, bring them in and offer to pick up their cost of education basically
26:47for the two years with an agreement that they come to work for you.
26:50Is that what we're talking about?
26:51Yes, Senator, absolutely.
26:53What type of an appetite do you have for young men and women who want to serve?
26:59How many are you talking?
27:02In this past year, we brought 39 individuals into our scholarship for service program.
27:11Could you do 100?
27:12Yes, Senator, we can.
27:14Could you do 150?
27:15Yes, Senator, we can.
27:16Could you do 200?
27:17Yes, Senator.
27:18For young men and women out there, this is not like a selected group only.
27:22This is to where you need more individuals that have this interest.
27:27We do, Senator.
27:30We recently in February published our workforce strategy within DISA.
27:35Part of it is to do exactly what we're discussing, create a pipeline, not necessarily hire an
27:41individual and expect them to stay for 30 years and become a member of the senior executive
27:46service.
27:47Some will, and we need that, but many will stay on our team for three to five years,
27:53be enthused by being able to execute the mission, be in contact with the adversary, support
27:58our nation, and then they'll move on and do other things.
28:01Let me ask a question.
28:02Could you talk about ... Give a job description.
28:04You talk about people going into the phone lines, like hardware, software.
28:09Could you just ... If we were talking to young folks and we go back home, give us a couple
28:14of actual job descriptions that you might ... We're just sitting here chatting.
28:21If that's all right with you, I'd like to be able to tell some of those young folks.
28:25This is important because it's not just the type of a job description, but the types of
28:30tools they're going to be working with as well.
28:32I was a software developer.
28:35Don't make me work and put the tools to put the hardware in, but let me code away.
28:40There are different kinds of things.
28:42Maybe you might give us some insight.
28:44When we talk to young people, which we do all the time, we might share with them the
28:49jobs that you are thinking about filling.
28:52Fantastic, Senator.
28:53We need data analysts.
28:55We need data engineers.
28:57We need data scientists.
28:59We need folks that understand routing and large-scale routing.
29:05Folks that know how to configure a router securely.
29:11We need folks that are also very willing to dive into newest cybersecurity tools and
29:21actually implement them.
29:25When we establish a defense, our intent is to gain and maintain contact with the adversary.
29:32Folks that understand host analysis and network analysis from a cybersecurity perspective
29:37are at the top of our list as well.
29:39Fair to say that these young men and women that want to come and participate on this
29:44would have the opportunity to learn tools that enable or that are part of an artificial
29:52intelligence system or agent in terms of accelerating inquiries as to people trying to get into
30:02the systems.
30:03It would be fair to also say that quantum is not far off with regards to what they would
30:08be working, the environment that they would be working in.
30:11Yes, Senator, I'll start with artificial intelligence.
30:15It's central to our way forward.
30:17It's central to our current operations, but absolutely central to the direction that we're
30:22headed.
30:23Quantum is a little bit further out, but as I said previously, as soon as quantum breaks
30:28and becomes a technology that's readily available, it will proliferate very rapidly.
30:36We need individuals that can adjust dynamically to the change in the technology.
30:43Senator Rosen?
30:44I'm just going to build.
30:45We're just going to have a good time building on each other here.
30:48How are you leveraging the AI?
30:49We know that quantum is a little ways away, but how are you leveraging the AI capabilities,
30:55particularly as you're modernizing, streamlining, and thinking about all of your architecture?
31:00Just to build off each other a bit.
31:03Yes, Senator.
31:04First, I'll start with what I think would be obvious, large language models and chatbot
31:09capabilities across different classification levels.
31:13I have them on all of my machines currently, and I use them on a daily basis.
31:21to help make the workforce more efficient.
31:25We're also using AI to help us model and understand our transport network.
31:32If you think about undersea cables as an example, if one were to be cut based off of an anchor
31:38that was dragged across the ocean floor, can we do the what-if analysis to understand how
31:44much bandwidth we have left so that we can dynamically reallocate how we move data from
31:50one spot to the next?
31:52We're using AI in that context.
31:55We're also using it for network defense.
31:57Senator, to your point earlier, we need to be able to see the enemy's campaign and not
32:01just an incident or an event in isolation.
32:05Being able to make correlations across very large data sets in real time is key to our
32:10success.
32:12We're using AI inside of our Thunderdome Zero Trust environment.
32:16We log everything.
32:17All of those logs from every ... Then we learn from it, absolutely, Senator.
32:24Then lastly, looking at the threat detection, again, from a campaign perspective, being
32:31able to zoom out and not just look at the incident that manifests in an alert from our
32:36cyber security system, but how do I trace that all the way back to the enemy's infrastructure
32:42that they used to gain access?
32:44You've mentioned something that is going to be a little bit of a hot button coming forward.
32:51I just want to know if you have any opinion on this.
32:54You said, what if an anchor cut an undersea cable, and how would you dynamically move
33:01things around?
33:02So we think about all this computing, and of course we can't do a lot of it without
33:07spectrum.
33:10And so do you have an opinion about spectrum in this regard?
33:16We know that there are other things that use the DoD spectrum, our airplanes and all of
33:24our military, our tanks, airplanes, radar and all of that.
33:29But do you have an opinion about spectrum?
33:31And of course, while there is no dynamic spectrum sharing right now, we understand that.
33:35But if you would, you don't have to, but I know that's not why you're here, but I just
33:39know we're going to be talking about it a lot.
33:41Yes, Senator.
33:42So I think any discussion about spectrum has to be conducted through the lens of the military
33:49war fighting capability upon which that spectrum depends.
33:53So if we take what's colloquially known as the lower three bands, as an example, that's
34:00where we maintain our station keeping radars.
34:03And so a station keeping radar is required to track objects that move at Mach 15.
34:09That's 15 miles per second.
34:11There's no room for error, and there's no room for ambiguity or disambiguation and latency
34:18associated with that analysis.
34:20So we need to be very, very clear that we understand what systems are operating within
34:27the portions of the spectrum, and then be incredibly confident that we can de-conflict
34:33the military operations from however it might be used commercially.
34:39I know as we move a little bit closer to the NDA, this is going to be, we can maybe dig
34:45deeper in the classified, but this is going to be an area for discussion, so you can give
34:49us any other input that you can't do in an open setting.
34:53Yes, ma'am.
34:55I think you were referring specifically to the 3.1 to 3.45 gigahertz portion, which always
35:02seems to be under attack.
35:04Nonetheless, it's just the physics of it are such that it's the best place to have the
35:08radar and a lot of our other capabilities located today and fully utilized today.
35:14Let me go back to this just a little bit, because I think the young men and women that
35:19are out there that are looking at this, some of them would love to have the uniform on.
35:23Some would say that maybe they don't want to have the uniform on, but they would still
35:27love to participate and to help their country.
35:30Can you talk a little bit about, okay, a young man, young woman come in, they want to participate
35:35in this, love the excitement of actually engaging with adversaries on a, you know, in the protection
35:43of our system, but at some stage of the game, industry is going to come and industry is
35:49going to look at these folks and say, you realize how valuable you are?
35:53That happens on a regular basis now.
35:55Can you talk about how you can compete with industry that recognizes just how valuable
35:59these young, talented individuals are and what we can do to perhaps keep them with us
36:04for a little bit longer before they finally decide to head on out and join the business
36:09community?
36:10Yes, Senator.
36:11So first, in my experience, in my personal opinion, the mission is the most enticing
36:21characteristic that we have to offer young men and women, old men and women, too.
36:26Being in the game, in contact with our adversaries in defense of the nation is exhilarating.
36:33It's challenging, but it is also motivating.
36:37So I think that there are a number of the folks that we bring in when they're young
36:42that will get that taste and stay with us.
36:47But I also think that we need to be willing to let folks go.
36:51So the concept of a pipeline, I think, is critically important.
36:55Knowing that today's youth switch jobs readily.
37:01My daughter had her first job for a year and she already has a new job.
37:05She has a master's degree in nursing and is quite talented.
37:10But that's how our youth is switching jobs now.
37:14We have to be receptive of that concept and we have to acknowledge that coming to work
37:20for us, gaining security clearances, gaining operational experience is going to make them
37:25better when they go to industry.
37:27When we partner with industry, we have to recognize that folks that learned how to fight
37:32defensively in cyberspace with us are now defending industry.
37:36I think that there's a positive aspect to that.
37:40Some subset of them will stay on our team and we need to make sure that we develop them
37:45effectively.
37:46Do you have the resources to be able to compete enough to keep some of those top level folks
37:52there today?
37:54Have we provided you with the authorizations and the funding to be able to do that, to
37:58make it worth their time to stay with the team?
38:01Senator, I believe that we do.
38:04And again, it's a combination.
38:06I don't think we'll ever be able to pay an individual as much as they would make in the
38:12private sector.
38:13However, we can pay them enough and we can give them the mission that is the reason why
38:19they stay.
38:20And for some of them, we're talking not just defensive operations, but offensive operations
38:25as well.
38:27Private sector doesn't give them the opportunity to reach out and touch someone.
38:32Whereas within the operations here, within cyber comm, occasionally they have the opportunity
38:39to reach out and actually touch someone and make a difference.
38:42Fair enough?
38:43Gaining and maintaining contact with the enemy is central to the evolution of defensive cyber
38:48operations.
38:49Doctrinally, the United States military goes on the defense to posture for the offense.
38:54Why is cyberspace any different?
38:55It's not.
38:57Great.
38:58Senator Rosen?
38:59I'm going to build on this one because I speak from personal experience in writing software,
39:05designing it.
39:06When you hit that energy, boy, you're a bummer, a hero.
39:08It is dynamic.
39:09It is exciting.
39:10It is challenging.
39:11You solve problems.
39:12And it is a, I speak a lot from personal experience on that.
39:16I understand the mission.
39:18We've talked a lot about for folks in some of these very specific kinds of jobs where
39:23if you rotate out, sometimes people have to rotate in order to gain experience for the
39:28next promotions, you end up losing some of your skills if you don't keep them up all
39:33the time.
39:34We've talked about not rotating certain folks so they can maintain and grow in the cyber
39:39area.
39:40And I've also set up, because I did this for a living, something that I thought of on others
39:45as well, a civilian cyber reserve.
39:48So there's a lot of jobs in cybersecurity that they could be engineering, they could
39:53be programming, linguistics, there's so many areas that you might be a professor, you might
39:59be someone who's a little bit older who wants to give back but doesn't want to quit their
40:04other jobs.
40:05So standing up a civilian cyber reserve so we can surge up or have people come to teach
40:10us.
40:11We have some pilot programs out there.
40:13And just wondering if you, I know it's kind of off the cuff how you feel about, this would
40:19allow for some of those folks that may leave to continue to stay engaged in a reserve component
40:28if you will, like we do in other areas of our military.
40:32Yes, Senator.
40:33So first, just to nerd out for a second, I wrote my first computer program in 1985 in
40:38the basic programming language on an Apple IIc computer.
40:41I'm a little bit ahead of you because I wrote my first programs on key punch cards in basic,
40:47okay?
40:48I walked around campus like that.
40:50I absolutely share that thrill of when the compiler actually completes.
40:55When the compiler, oh yeah, it's true.
40:58It's real.
40:59It's real.
41:00Yes, Senator.
41:01But to the core, I think that retaining our talent through the reserves and keeping them
41:07engaged is critical to our success.
41:12And it also gives the opportunity for gaining different perspective that's incredibly valuable
41:19for the ultimate defense of the nation.
41:23As if someone operating, for instance, in the joint force headquarters, Doden, leaves
41:30and goes to industry and works at a bank or works at an oil company, they're gaining a
41:34very different perspective that is certainly relevant to defense.
41:41Keeping them in the reserves allows them to bring that perspective and infuse it into
41:46our forces at the time of need.
41:50We must do that.
41:55We want to give you a little bit of a break.
41:57We will be going into a closed session in the SCIF shortly, and we wanted to give you
42:02a little bit of a break.
42:03I've really appreciated your responses to these, and hopefully we're giving folks back
42:07home a little bit of a sense of just what you do and the opportunities that are out
42:12there for young men and women to come in to help us in this very challenging environment.
42:16And Senator Rose, do you have anything else to add before we close out?
42:19No, no.
42:20We'll give you a break.
42:21This is a topic I think both of us could talk about, all of us could talk about all day.
42:24There's so many important issues.
42:26So just appreciate, we'll look forward to what we can talk about in the closed session.
42:30Thank you, Mr. Chairman.
42:31Very good.
42:32And with that, this will conclude the open portion of today's Cybersecurity Subcommittee
42:36hearing.
42:37For the information of members who will not be joining us for the closed briefing, questions
42:41for the record will be due to the committee within two business days of the conclusion
42:45of this hearing.
42:46And with that, the open portion of the hearing will stand adjourned.