Pentagon officials addressed emerging cyber challenges and the game plan to confront them in remarks before the Senate Armed Services Committee hearing on foreign cyber threats to the United States here today.
Marcel Lettre, undersecretary of defense for intelligence, appeared with Navy Adm. Michael S. Rogers, commander of U.S. Cyber Command and director of the National Security Agency, to clarify the tasks at hand.
“We confront no fewer than five immediate, but also distinct and evolving challenges across all operating domains,” Lettre said. “We are countering the prospect of Russian aggression and coercion, especially in Europe, something we’ve … energetically had to renew our focus on in the last several years.”
Lettre said DoD is managing historic change in what he called perhaps the most consequential region for America’s future, the Asia-Pacific. In addition to monitoring risks associated with China’s destabilizing actions in the region, he noted DoD is checking Iran’s aggressive influence across the Middle East.
The undersecretary also outlined efforts to bolster deterrent defense forces in the face of North Korea’s continued nuclear and missile provocations, as well achieving lasting defeat of the Islamic State of Iraq and the Levant and al-Qaida.
Lettre explained the DoD has named the efforts “4-plus-1,” or the four state-based challenges and an ongoing condition of battling terrorism. “Each of these security challenges — China, Russia, Iran, North Korea and global terrorist groups such as ISIL — presents a significant cyber threat dimension to the U.S. military.”
And cyber, Lettre emphasized, is an operating domain that is real, complex, dynamic, and contested. In recent years, DoD has pursued a comprehensive strategy for maintaining the necessary strategic dominance in this domain, he said.
Defending Against Cyber Threats
Defense Secretary Ash Carter has pressed for DoD to change, adapt and innovate to not only meet today’s challenges, but to ensure effective defense against cyber threats well into the future, Lettre said.
“We have built and continue to build the means and methods that will strengthen our relative position against of each of these dimensions of the cyber threat,” he added.
The U.S. government’s cyber policies reflected in presidential policy directives and executive orders provide guidance on the absolute necessity of a whole-of-government approach, critical to protecting the United States, the undersecretary said.
Currently, DoD has developed and refined cyber mission objectives, he said, which include defending defense networks, providing cyber options for military commanders and defending the nation against cyberattacks.
Since 2009, DoD has matured the cyber command to ensure clear command responsibility, authority and growing capabilities essential to cyber operations, Lettre said.
He also said DoD will continue to develop and refine its national cyber policy framework, which includes the evolution of all dimensions of the deterrence posture, encompassing the nation’s ability to deny the adversary’s objectives, impose costs, and ensure a resilient infrastructure to execute a multi-domain mission. “This refinement and evolution and our deterrent thinking capability will further empower decision-making at net speed.”
Cyber command, Lettre asserted, is doing more to protect the nation and support global operations than ever before. “We need to continue, in fact accelerate this maturation.”
Lettre also said he champions a deepened partnership between the government and the private sector, and between the U.S. government and allies.
Assistance From U.S. Industry
“We must continue to seek help from American industry, the source of much of the world’s greatest technology talent in innovating to find cyber defense solutions, build resiliency into our critical infrastructure systems and strengthen our deterrence, he said.”
Rogers warned of taking for granted the interconnectivity built into every facet of users’ lives.
“Those who would seek to harm our fellow Americans and our nation utilize the same Internet, the same communications devices, and the same social media platforms that we, our families, and our friends here and around the world use,” he said. “We must keep pace with such changes in order to provide policy makers and our operational commanders the intelligence and cyber capabilities they need to keep us safe.”
This, Rogers emphasized, includes understanding adversaries, their motives and their attack methods. And while it presents as a global problem, the tactics are often used in the homeland, he added.
“We continue to make investments in technologies and capabilities to improve detection of malicious cyber activity,” Rogers said.
Confronting cyber threats requires technology assets, as well as talented, motivated people, he said.
“We are investing more than ever in the recruitment and retention of a skilled workforce that is knowledgeable, passionate and dedicated to protecting the nation for the safety of our citizens and of our friends and allies around the world,” Rogers said. “We need to invigorate the cyber workforce to think creatively about challenges that do not ascribe to traditional understandings of borders and boundaries.”