[House Hearing, 112 Congress]
[From the U.S. Government Publishing Office]






                                     

                         [H.A.S.C. No. 112-26]
 
                                HEARING
                                   ON
                   NATIONAL DEFENSE AUTHORIZATION ACT
                          FOR FISCAL YEAR 2012
                                  AND
              OVERSIGHT OF PREVIOUSLY AUTHORIZED PROGRAMS

                               BEFORE THE

                      COMMITTEE ON ARMED SERVICES

                        HOUSE OF REPRESENTATIVES

                      ONE HUNDRED TWELFTH CONGRESS

                             FIRST SESSION

                               __________

       SUBCOMMITTEE ON EMERGING THREATS AND CAPABILITIES HEARING

                                   ON

                 BUDGET REQUEST FOR U.S. CYBER COMMAND

                               __________

                              HEARING HELD
                             MARCH 16, 2011


                                     
[GRAPHIC] [TIFF OMITTED] TONGRESS.#13

                                     

                  U.S. GOVERNMENT PRINTING OFFICE
65-593                    WASHINGTON : 2011
-----------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing Office, 
http://bookstore.gpo.gov. For more information, contact the GPO Customer Contact Center, U.S. Government Printing Office. Phone 202ï¿½09512ï¿½091800, or 866ï¿½09512ï¿½091800 (toll-free). E-mail, [email protected].  
  


           SUBCOMMITTEE ON EMERGING THREATS AND CAPABILITIES

                    MAC THORNBERRY, Texas, Chairman
JEFF MILLER, Florida                 JAMES R. LANGEVIN, Rhode Island
JOHN KLINE, Minnesota                LORETTA SANCHEZ, California
BILL SHUSTER, Pennsylvania           ROBERT ANDREWS, New Jersey
K. MICHAEL CONAWAY, Texas            SUSAN A. DAVIS, California
CHRIS GIBSON, New York               TIM RYAN, Ohio
BOBBY SCHILLING, Illinois            C.A. DUTCH RUPPERSBERGER, Maryland
ALLEN B. WEST, Florida               HANK JOHNSON, Georgia
TRENT FRANKS, Arizona                KATHY CASTOR, Florida
DUNCAN HUNTER, California
                 Kevin Gates, Professional Staff Member
                 Mark Lewis, Professional Staff Member
                      Jeff Cullen, Staff Assistant


                            C O N T E N T S

                              ----------                              

                     CHRONOLOGICAL LIST OF HEARINGS
                                  2011

                                                                   Page

Hearing:

Wednesday, March 16, 2011, Fiscal Year 2012 National Defense 
  Authorization Budget Request for U.S. Cyber Command............     1

Appendix:

Wednesday, March 16, 2011........................................    27
                              ----------                              

                       WEDNESDAY, MARCH 16, 2011
FISCAL YEAR 2012 NATIONAL DEFENSE AUTHORIZATION BUDGET REQUEST FOR U.S. 
                             CYBER COMMAND
              STATEMENTS PRESENTED BY MEMBERS OF CONGRESS

Langevin, Hon. James R., a Representative from Rhode Island, 
  Ranking Member, Subcommittee on Emerging Threats and 
  Capabilities...................................................     6
Thornberry, Hon. Mac, a Representative from Texas, Chairman, 
  Subcommittee on Emerging Threats and Capabilities..............     1

                               WITNESSES

Alexander, GEN Keith B., USA, Commander, U.S. Cyber Command......     4
Miller, Dr. James N., Principal Deputy Under Secretary of Defense 
  for Policy, U.S. Department of Defense.........................     2

                                APPENDIX

Prepared Statements:

    Alexander, GEN Keith B.......................................    48
    Langevin, Hon. James R.......................................    33
    Miller, Dr. James N..........................................    35
    Thornberry, Hon. Mac.........................................    31

Documents Submitted for the Record:

    [There were no Documents submitted.]

Witness Responses to Questions Asked During the Hearing:

    Mr. Johnson..................................................    71
    Mr. Thornberry...............................................    71

Questions Submitted by Members Post Hearing:

    Mr. Ruppersberger............................................    76
    Mr. Thornberry...............................................    75
FISCAL YEAR 2012 NATIONAL DEFENSE AUTHORIZATION BUDGET REQUEST FOR U.S. 
                             CYBER COMMAND

                              ----------                              

                  House of Representatives,
                       Committee on Armed Services,
         Subcommittee on Emerging Threats and Capabilities,
                         Washington, DC, Wednesday, March 16, 2011.
    The subcommittee met, pursuant to call, at 3:50 p.m. in 
room 2212, Rayburn House Office Building, Hon. Mac Thornberry 
(chairman of the subcommittee) presiding.

OPENING STATEMENT OF HON. MAC THORNBERRY, A REPRESENTATIVE FROM 
     TEXAS, CHAIRMAN, SUBCOMMITTEE ON EMERGING THREATS AND 
                          CAPABILITIES

    Mr. Thornberry. As you all can tell, the votes have 
discombobulated the schedule. I think we are going to go ahead 
and get started in the interest of time.
    We appreciate both of our witnesses and all our guests 
being here.
    The first hearing of this subcommittee posed the question, 
What should be the role of the Department of Defense to defend 
the country in cyberspace? Today, we ask the same question.
    The example we used at our previous hearing was, if a 
formation of planes or hostile-acting ships came barreling 
towards the Houston ship channel, I think we would have some 
sort of idea of what we would expect the Government to do in 
protecting those facilities and the Americans in them. But it 
is a harder question to say, if a bunch of packets come 
barreling through the Internet toward the same facilities, what 
would we expect the Government to do to defend them? Is the 
Government capable of doing what we expect, and is the 
Government authorized to do what we expect?
    There seems to be virtually unanimous agreement that the 
threat to our country in cyberspace is growing. DNI [Director 
of National Intelligence] Clapper testified a few weeks ago 
during the worldwide threat hearing that ``the threat is 
increasing in scope and scale, and its impact is difficult to 
overstate.'' He made a number of other statements in his 
testimony, something like two-thirds of U.S. firms report they 
have been the victim of cyberspace incidents or information 
breaches. Almost half of U.S. computers have been compromised, 
according to another survey.
    Today, General Alexander--in addition to the questions I 
posed, today General Alexander will also give us an update on 
Cyber Command and its budget request for 2012 and how it is 
doing in accomplishing its mission of defending DOD [Department 
of Defense] networks.
    But, as Deputy Secretary Lynn wrote in Foreign Affairs, 
``The best-laid plans for defending military networks will 
matter little if civilian infrastructure--which could be 
greatly targeted in a military conflict or held hostage and 
used as a bargaining chip against the U.S. Government--is not 
secure.''
    In sum, I believe that our Government and our country have 
not yet come to grips with the unique national security 
challenges that cyber poses. The changes in technology have 
simply outpaced the modernization of our laws, regulations, and 
policies. A great deal of work has been done in this area from, 
among others, our witnesses and the distinguished ranking 
member of this subcommittee, but yet we still haven't really 
grappled with these key issues.
    For the last 8 months, Congress has waited to receive the 
White House's proposals on cybersecurity. We continue to hear 
that they may come soon. But I do note that in his July 1 
letter asking for the White House proposals, Majority Leader 
Reid and six committee chairmen from the Senate wrote, ``Each 
day, the threat to cyberspace--and to the American citizens, 
businesses, service members, critical infrastructure, and 
Government agencies that depend on it--only increases.''
    And they also said, ``Securing the vast digital 
infrastructure of our Nation's communications networks and 
information systems--our cyberspace--is essential to the future 
of our Government, our economy, and the security of our 
Nation.'' I would submit, gentlemen, that that is the reason we 
are here today.
    When Mr. Langevin comes, I will give him the opportunity to 
make whatever opening comments he would like to make. But until 
then, let me go ahead and yield to our distinguished witnesses 
for a summary of their opening statement.
    Without objection, your complete statements will be made 
part of the record.
    Today we have with us General Keith Alexander, Commander of 
U.S. Cyber Command and Director of the National Security 
Agency, and Dr. James Miller, Principal Deputy Under Secretary 
of Defense for Policy.
    Thank you both for being with us.
    And I presume, Dr. Miller, you will go first.
    [The prepared statement of Mr. Thornberry can be found in 
the Appendix on page 31.]
    Dr. Miller. Thank you, Chairman Thornberry, members of the 
subcommittee, thank you for inviting me to testify.
    Mr. Thornberry. There is a problem with our sound. We all 
may have to really speak up. I worry about the court reporter, 
whose job it is to take down every word you say. Jeff will 
continue to work on this problem, but if you would like to go 
ahead with raised voice.

   STATEMENT OF DR. JAMES N. MILLER, PRINCIPAL DEPUTY UNDER 
  SECRETARY OF DEFENSE FOR POLICY, U.S. DEPARTMENT OF DEFENSE

    Dr. Miller. Mr. Chairman and members of the subcommittee, 
thank you for inviting me to testify this afternoon. I am very 
pleased to join the CYBERCOM [U.S. Cyber Command] Commander and 
National Security Agency Director, General Keith Alexander.
    As you know, the Department of Defense is investing heavily 
in information technology, with $38.4 billion proposed for 
fiscal year 2012. We are making that investment because IT 
[information technology] is an enormous force multiplier for 
military, intelligence, and business operations. Given DOD's 
reliance on IT, our proposal to spend $3.2 billion for 
cybersecurity in fiscal year 2012, including $159 million for 
USCYBERCOM, makes good sense.
    As I describe in my prepared statement and as the chairman 
alluded to, the threat to DOD and other critical networks is 
large and it is increasing. DOD is undertaking five key 
cyberspace initiatives to improve our posture, and I would like 
to say just a few words about each.
    First, in order to properly train, organize, and equip our 
forces, DOD recognizes cyberspace as a domain for military 
activities, analogous to the maritime, air, land, and space 
domains. CYBERCOM, headed by General Alexander, is a key step 
in improving our posture.
    Because we realize that cyber defense will not always 
succeed, all combatant commands and the services must be 
prepared to operate in a degraded cyber environment in which 
data networks are not fully reliable and access may be 
disrupted.
    DOD's second strategic initiative is to employ new 
operating concepts both for cyberspace hygiene and for active 
cyber defenses. DOD's active cyber defenses include a perimeter 
defense of the dot-mil Internet domain that screens incoming 
traffic for malicious code and malware. And because no 
perimeter defense is fail-proof, DOD also hunts for intrusions 
on our own networks as well. We look for anomalies like 
viruses, worms, and other software that could cause damage to 
our networks and systems.
    DOD's third initiative is to work closely with other U.S. 
Government departments and the private sector to create a 
national approach to cybersecurity. On September 27, 2010, 
Secretary Gates and Secretary of Homeland Security Napolitano 
signed a memorandum of agreement to allow the DHS [Department 
of Homeland Security] to draw on the cybersecurity capabilities 
already established by the National Security Agency and 
USCYBERCOM. A Joint Coordination Element, headed by DHS, now 
resides at Fort Meade and at NSA [the National Security Agency] 
headquarters.
    A great deal of sensitive but unclassified information 
resides on the networks of the 2,600-plus cleared defense 
contractors that work with our military, and DOD is requesting 
$113 million over the Future Years Defense Program to upgrade 
this pilot to a full program. We are also exploring other pilot 
projects with industry that would allow DOD to further extend 
its suite of cybersecurity capabilities to companies in the 
defense industrial base.
    Our fourth strategic cyberspace initiative is to build 
robust relationships with U.S. allies and international 
partners. We have already worked particularly closely with 
Australia, Canada, New Zealand, and the United Kingdom. And, 
over the last year, we have significantly expanded 
collaboration with NATO [the North Atlantic Treaty 
Organization] to implement the Alliance's emphasis on cyber 
defense as agreed in its new Strategic Concept.
    Finally, DOD is working to ensure that we stay on the 
cutting edge with respect to both people and technology for 
cyberspace. We are taking a number of steps to recruit and 
retain talented civilian and military cyber personnel, 
including better utilizing the incredible expertise resident in 
the National Guard and Reserve.
    On the acquisition side, it currently takes the DOD's 
acquisition processes 81 months, on average, to make new 
computing systems operational. That means by the time they are 
fielded, they are already three to four generations behind the 
state of the art. We are working to get cycles of 12 to 36 
months as opposed to 7 or 8 years.
    In conclusion, I want to thank the subcommittee for its 
focus on cyberspace. As a department, I believe we have made a 
lot of progress in developing our approach and in improving 
cybersecurity, but we have a lot of work left to do. I look 
forward to working with Congress and the subcommittee to 
improve our Nation's cyberspace posture as well.
    And I look forward to your questions.
    [The prepared statement of Dr. Miller can be found in the 
Appendix on page 35.]
    Mr. Thornberry. I think they are trying to reset the 
system, and so they are all off--a fascinating thing to have 
happen on a cyberspace hearing. I appreciate everybody's 
indulgence.
    General Alexander, please proceed.

STATEMENT OF GEN KEITH B. ALEXANDER, USA, COMMANDER, U.S. CYBER 
                            COMMAND

    General Alexander. Chairman Thornberry, Ranking Member 
Langevin, distinguished members of the committee, it is an 
honor and a privilege to be here to testify with Dr. Miller.
    Chairman Thornberry, the key points that you made, first, 
on where we are and where we are going, I absolutely agree 100 
percent. I think you hit that correct.
    Thanks for helping us build Cyber Command. I want to hit a 
few key points on what we have done, where we are, where we are 
going, and why we are at where we are today.
    If you recall, a few years ago we looked at the threat. 
What Director Clapper said to you was absolutely right: The 
threat is growing every day. It is something that we have to 
look at from a military perspective. It is the reason we put 
Cyber Command at NSA, to leverage our Nation's capability in 
cyberspace.
    You are seeing what is happening in the commercial sector, 
where we are having exploits going on all the time. Seventy-
five percent of the population's computers have been exploited 
for criminal purposes. If you look at the amount of activity 
that is going on with new devices, the amount of e-mail and 
stuff, this area is exploding rapidly--tremendous opportunities 
and tremendous vulnerabilities.
    In 2008, we had some malware, malicious software, come into 
our networks. When that malware hit our networks, it is what 
started U.S. Cyber Command, because the Secretary of Defense 
realized that we need to bring our defense together with other 
capabilities in the Nation, do that at NSA, leverage that 
platform.
    NSA was one of the initial ones that found the problem, 
came up with a solution for it. And when we looked at that, 
that is what we need in our Nation, and that is what the 
military needs.
    We have moved quickly in putting together Cyber Command. 
May 2010, we had our initial operating capability. October 
2010, full operational capability for the staff. We have stood 
up the four components under that, and we are growing capacity. 
That will take some time, to build that capacity, but every day 
is an improvement.
    We are building plans with the other combatant commands to 
help in cyberspace. And we are defending and operating the 
military networks today--a huge step forward. And we are doing 
that by bringing the full capability of the Defense Department 
and the intel community together under one roof. I can't tell 
you how important that is. It is huge in our capabilities.
    So when you look at that, the Defense Department has a 
tremendous jump forward in what we are doing and how we are 
doing it. And the ability and agility to move quickly between 
operations in defense when events like what has happened in 
Japan to our networks, we can quickly accommodate, whether it 
is a natural disaster or a manmade disaster. I think that is a 
huge step forward.
    So I wanted to leave time for questions, and I know we have 
been asked to go quickly. But there are a few things I would 
like to hit that Secretary Lynn hit in the article that you 
referenced. He mentioned five key areas about cyberspace; it is 
a domain analogous to air, land, sea, and space. He talked 
about the active defense, he talked about critical 
infrastructure, he talked about partnering with our allies, and 
he talked about leveraging technology.
    Two of those are key--they are all key, of course--but two 
of those are key for this discussion, and that is, how are we 
going to defend? And the active defense is what we did in 
leveraging what NSA can do with what the Defense Department is 
doing.
    And, from my perspective, that is key. How are we going to 
hunt in our networks? How do we provide a capability that goes 
beyond what you can commercially buy, by leveraging our 
intelligence community and our military capabilities to help 
expand our defense? How do you leverage that global cryptologic 
platform as an early warning capability? It is those kinds of 
things that we have to look at.
    And, finally, when we prove that that is good for the 
military networks, I think he made a great point that resonates 
with what you said: How do we then extend that, lawfully, while 
protecting civil liberties and security, to the rest of 
Government and critical infrastructure? And, of course, doing 
that right, that is what is taking time, that is what everyone 
is working on. I think that is a huge step forward.
    I will tell you that one of the things that, from my 
perspective, is so important in this area--you know, our Nation 
built the Internet. We are the ones that developed this, the 
iPad and many of the devices that we have. We are an innovation 
nation; we are the ones who came up with that. It seems to me, 
we are the ones that ought to solve this security problem. And 
we can. And it is going to take a partnership between us and 
industry. It is something that we ought to work together. And 
we can do this; we just need to drive through it.
    Mr. Chairman, that is all I have.
    [The prepared statement of General Alexander can be found 
in the Appendix on page 48.]
    Mr. Thornberry. Thank you. I appreciate your comments.
    Let me yield to the ranking member for any comments he 
would like to make. And if he wants to go ahead and do his 
questions right after that. I yield to him.

  STATEMENT OF HON. JAMES R. LANGEVIN, A REPRESENTATIVE FROM 
RHODE ISLAND, RANKING MEMBER, SUBCOMMITTEE ON EMERGING THREATS 
                        AND CAPABILITIES

    Mr. Langevin. Thank you, Mr. Chairman, first of all, for 
calling this very important subcommittee hearing.
    I want to thank Dr. Miller and General Alexander for being 
here today. I want to welcome you.
    And, in particular, General, I want to just take a moment 
to commend you on the successful stand-up of your new command 
over the past months.
    And I want to thank you both for appearing today to discuss 
what I believe is one of the most important missions and 
national security issues facing our Nation today.
    It is difficult to fully appreciate the importance of 
cybersecurity issues to our national security. From day-to-day 
tasks to critical operations, our warfighters depend on the 
integrity of our networks.
    At the same time, cyberspace itself has become weaponized. 
The STUXNET virus as well as massive denial-of-service attacks 
successfully targeting our allies in Georgia and Estonia have 
given us a glimpse of the damage cyber-weapons can cause.
    In some ways, thinking about conflict in cyberspace reminds 
us of some warfighting basics. The principles of offense and 
defense appear to remain largely the same, but the speed of 
information is so fast that complexity increases exponentially. 
Also, unlike the land, sea, or air, this virtual, manmade 
domain is limitless.
    I believe that we must better understand how the United 
States should safeguard our critical networks, while at the 
same time developing the full spectrum of cyber tools to deal 
with conflict in a new environment.
    General Alexander, last September, when you appeared before 
the Armed Services Committee, I asked you about your role in 
defending critical infrastructure from cyber attack that may 
reside in other parts of the Government or in private hands. 
You noted that your role as head of USCYBERCOM was to protect 
only military networks. And that is within your authority, and 
it, for the most part, is limited there.
    At an Emerging Threats Subcommittee hearing later that day 
with the chiefs of our Services' cyber components, I revisited 
your answer and asked what they were doing to protect military 
bases that solely rely on civilian critical infrastructure. 
Their answers, unfortunately, were grim but not unexpected. For 
example, Vice Admiral Barry McCullough, head of the Navy's 10th 
Fleet, testified that, and I quote, ``These systems are very 
vulnerable to attack,'' end quote, noting that much of the 
power and water systems for our military bases are served by 
single sources that have only very limited backup capabilities.
    With an attack like the one demonstrated by Idaho National 
Labs in their Aurora experiment on a power station, potentially 
requiring weeks or months to recover from, our bases could face 
serious problems maintaining operational status. Beyond even 
the massive damage to our economy and civilian institutions 
that a major attack on our critical infrastructure could have, 
clearly this is a vital military concern, as well.
    Today, I reintroduced language, which the House passed in 
our National Defense Authorization Act last year, which would 
enable the White House to better coordinate our Federal cyber 
defenses and secure our critical infrastructure. I believe it 
is essential that we continue to make progress in managing this 
threat.
    Although we have not yet faced a catastrophic cyber 
attack--and that is very fortunate--I do recognize that every 
day we see lower-level intrusions and thefts of everything from 
sensitive defense information to information on our financial 
system and critical infrastructure, as suggested in numerous 
press reports. While I am certainly thankful that we have so 
far been spared a major attack, the low level of these 
incidents has in some ways hindered our ability to move forward 
on solving this issue.
    As the commander of CYBERCOM and the director of the 
National Security Agency, General, you direct our Nation's most 
powerful capabilities in the cyber realm. And I know, from 
speaking with you, that you also share my concerns that we have 
not yet fully seen the extent of the damage that cyber-weapons 
can wreak.
    I know that defending against a collapse of our financial 
system or a meltdown of our power grid is outside the scope of 
the Department of Defense's responsibilities, in many ways, but 
if done intentionally, it would still amount to an act of war.
    Today, I look forward to discussing and hearing further 
about how Cyber Command is growing and how your component 
commands are coming on line. I also look forward to hearing how 
the Administration is developing an overarching approach to 
cybersecurity and how DOD's role may need to evolve.
    Most of all, I hope to understand what the Administration 
plans to do to fill the gap between these growing threats and 
our ability in the public and private sectors to manage them. 
What authorities should we examine and what tools can the 
Government develop to increase our ability on a national level 
to meet these challenges?
    Again, I want to thank you both for being here today. I 
appreciate your testimony, and I look forward to our question-
and-answer period. Thank you.
    Mr. Chairman, with that, I will yield back to you, unless 
you want me to go into my questions.
    [The prepared statement of Mr. Langevin can be found in the 
Appendix on page 33.]
    Mr. Thornberry. I think if the gentleman wants to proceed 
with his questions, we will operate under the 5-minute rule.
    Mr. Langevin. Thank you, Mr. Chairman.
    General, if I could, perhaps I would begin with you.
    It is clear that if enemy bombers were heading to the 
United States and we had actionable intelligence that they were 
clearly targeting critical infrastructure within our Nation, 
that the Air Force and other components of the military would 
take them down. And it is clearly the responsibility of DOD to 
stop that attack.
    If there were an attack in cyberspace, an attack on the 
SCADA [Supervisory Control and Data Acquisition] system, with 
the clear intention of taking down sectors of our electric 
grid, do you have the authority to stop that attack? And, if 
not, who does?
    General Alexander. We do not have the authority to stop 
that attack. And on the critical infrastructure, I think that 
would fall to DHS. DHS has some of the authority, and I think 
extending that to critical infrastructure is something that the 
Government is addressing in the White House-led legislative 
proposals to ensure that we encompass that.
    Right?
    Dr. Miller. That is right.
    Mr. Langevin. General, then, let me ask you this: How do 
you think CYBERCOM should work with other Government agencies 
and the private sector to leverage the powerful capabilities 
that you possess for the protection of networks and 
infrastructure not specifically within the dot-mil domain? In 
particular--well, let me stop there, and I will come back if I 
need to.
    General Alexander. To answer that question, I am going to 
give you two, Congressman, two pieces of that, break it out 
into components.
    First, for Cyber Command, technically there are two things 
that we can do, the Defense Department and the intel community, 
Cyber Command. It is, we can provide malicious software 
signatures to help protect that, and early warning. So those 
are the two capabilities.
    The issue that you raise is, so how do we go about doing 
that, the roles and responsibilities between the Defense 
Department, DHS, and the intel community? And I think that is 
where the partnership that Secretary Gates and Secretary 
Napolitano addressed, and their initial memorandum of agreement 
in September 2010 is focused on addressing that. We have to 
bring those two departments together. I think both Secretaries 
see that.
    And the intent of that memorandum of agreement is a first 
step in how we leverage the capabilities that NSA has to help 
DHS. So I think that is a step in the right direction.
    Mr. Langevin. General, we know that the Tutelage program is 
designed to provide perimeter defense to the dot-mil network. 
What is the best way to extend similar protection to the dot-
gov network? And who does that? How do we do it?
    General Alexander. I believe the best way is to take that 
capability and work with industry to do that in a manner 
similar to what we are trying in the Defense Industrial Base 
Pilot with DHS and the Defense Department.
    In that pilot, the Department of Homeland Security and the 
Defense Department are working with the Tier 1 Internet service 
providers to provide that technical capability to them, along 
with some of the signatures and stuff, to defend a couple of 
defense industrial base companies. About 30 of them I think is 
what it will end up being. And it is showing that you can do 
that, that it scales across that level. We will demonstrate 
that with a few of the capabilities that we have.
    I think concurrent with that, as we are doing that, we have 
to look at the authorities and legislation to do the rest: What 
is required, and how do we quickly move to do that? 
Technically, we can do that very quickly. We want to make sure 
that we then have the authorities to do that, as well. And the 
pilot would show that we can do that.
    Mr. Langevin. And so then you have touched on, perhaps, 
taking the next step. Then, also, what is the best way to 
defend the dot-com network, particularly on critical 
infrastructure? So much of it is owned and operated in private 
hands. How do we then take that to the next step? And where do 
those responsibilities and authorities lie?
    General Alexander. From a technical perspective, the 
easiest way to do that is to partner with the Tier 1 Internet 
service providers. Government traffic and critical 
infrastructure traffic can be segregated in those areas and 
protected by those companies easiest. And our ability to work 
with them in a classified environment to ensure they have the 
signatures and stuff is probably the technically quickest way 
to go and the best way to go. It scales, and it shows it. And 
that is what the pilot would do.
    If we can do it for the Government, the way the Government 
is spread out, that would scale also to critical infrastructure 
if we deemed it necessary to do those, as well.
    Mr. Langevin. Very good.
    I see my time has expired. I have other questions, but 
thank you for your answers. And I will yield back at this time.
    Mr. Thornberry. I thank the gentleman.
    Dr. Miller, let me, just to be clear, ask you: Do you agree 
with Secretary Lynn's comments that the best-laid plans for 
defending military networks will matter little if civilian 
infrastructure is not secure?
    Dr. Miller. Yes, sir, I do.
    Mr. Thornberry. And my understanding, from the exchange 
from Mr. Langevin and General Alexander, is that, currently, 
Cyber Command does not have authority to make civilian networks 
secure.
    Dr. Miller. That is correct. CYBERCOM's mission is to 
provide the connectivity and oversight of our networks and to 
protect them and to be prepared to conduct full-spectrum 
cyberspace operations as directed by the President and 
Secretary of Defense.
    The National Security Agency, as you know, has provided 
technical assistance to our interagency partners, in particular 
working with the Department of Homeland Security. And the cyber 
pilot program that General Alexander talked about is a great 
example of that. We think we need to do more of that and to 
move forward as quickly as possible.
    Mr. Thornberry. Well, that gets me to the next question. In 
the same article, Deputy Secretary Lynn said that the Pentagon 
was working with Homeland Security and the private sector to 
look for innovative ways to use the military's cyber defense 
capabilities to protect the defense industry, as a start.
    So what are some of those innovative ways?
    Dr. Miller. Sir, the principal one that we are focused on 
now in bringing the innovation and new technologies to them is 
to look at the application of the systems that you referred to 
earlier and that General Alexander spoke about to help on 
perimeter defense. That is working with the ISPs [Internet 
service providers], as General Alexander noted.
    The other side of it, just like for DOD, we need to think 
about the cyber hygiene and what we can do internally. We need 
to think about how to hunt on our own networks and look for the 
problems that may already exist. And we need to work on that 
perimeter defense. I think all of those apply, as well, to dot-
gov, to the rest of the Government. And all those principles 
apply, as well, to the critical infrastructure in particular, 
the 18 designated areas of critical infrastructure.
    And so, as we look at what can be done to improve the 
posture from where we are today, the legislative proposals that 
the Administration is considering could span all of those: What 
are the incentives and assistance that can be provided for 
cyber hygiene, for example, as well as for the active defense?
    Mr. Thornberry. Yeah. Well, as I say, we are anxiously 
awaiting those.
    Last question: General Alexander, are you convinced that 
you can share some of this sensitive information to help 
provide greater perimeter defense and protect national security 
at the same time?
    General Alexander. Mr. Chairman, I am convinced that the 
Internet service providers can protect sensitive information.
    Mr. Thornberry. Okay.
    Let me yield at this point to Mr. Kline.
    Mr. Kline. Thank you. Thank you, Mr. Chairman.
    And thank you, gentlemen, for being here, for your 
testimony.
    I find myself still scratching my head over the same issues 
that we have heard discussed here, and that is, how do you even 
make a distinction between an attack on defense and keep it 
separate from an attack on something that is directly related 
to defense? A critical infrastructure question. Clearly, if you 
shut down the financial system in the United States, it would 
affect defense, it would affect everything.
    So I want to make sure I am clear on two things. One, I 
understand we are all anticipating this prospective 
legislation--although I must say, we have way too much 
experience in this committee with legislation, putting things 
into law, directing the Department of Defense to do stuff, and 
then the Department of Defense just deciding not to do it, 
frankly.
    We have put in law, for example, Mr. Thornberry and I 
worked very hard a couple of years ago on the NDAA [National 
Defense Authorization Act] directing the Secretary of Defense 
and the DNI to come up with a charter for the National 
Reconnaissance Office. It is a year and a half late now. It has 
been in law, but we haven't seen the results. And I know people 
are working. In fact, we have had interim reports.
    So while I am delighted that there is prospective 
legislation, I am just suggesting that might not be the whole 
answer. I trust, General and Mr. Secretary, that you are 
working on how to fight this in any case, despite the 
legislation.
    I want to see if I understand this. I am looking at the 
mission of USCYBERCOM as stated here in front of me: Plan, 
coordinate, and so forth. And it says, ``and when directed, 
conduct full-spectrum military cyberspace operations in order 
to enable actions in all domains, ensure U.S./Allied freedom of 
action in cyberspace, and deny the same to our adversaries.''
    So, if directed, then you would step in and provide 
defense, active or passive, in the event of an attack on 
infrastructure? Is that correct or not correct?
    General Alexander. Well, that is correct as you stated. Let 
me just give you, if I could, Congressman, a couple points on 
that.
    What that really drives to is--as part of my confirmation 
hearing, Senator Levin asked a very similar question, which 
was, so what does that mean? And the specifics of it are: If we 
are overseas in an area of hostilities, Cyber Command would be 
operating under Title 10 authorities----
    Mr. Kline. Uh-huh.
    General Alexander [continuing]. And we would be taking on 
the adversary, and we would have the authority to operate in 
cyberspace in that case.
    The issue becomes a little bit more difficult when you 
start looking at cyberspace as a global capability and bouncing 
through neutral countries. Now what are the authorities of land 
warfare? What are the laws and what are the policies on it? You 
have the inherent right of self-defense, but what can you do to 
stop somebody in a neutral country? And in cyberspace it is 
easy to jump through neutral countries to attack someone. And 
the third and the most difficult is what happens if they use 
the United States infrastructure to attack the United States? 
How do you do that? All of those are key things.
    For us to operate overseas, it is an execute order from the 
Secretary of Defense and the President. And that is what that 
specifically lays out. And that execute order gives us the 
authority to operate under those conditions and defines those 
conditions for us.
    Mr. Kline. What about if it is not overseas, which is kind 
of an antiquated, bizarre concept when we are talking about 
cyberspace, but what if it is not overseas? Is there a ``when 
directed'' still possible here?
    General Alexander. That is correct. There is a ``when 
directed.'' And that is----
    Mr. Kline. And by whom?
    General Alexander. It would be by the Secretary of Defense 
and the President.
    Mr. Kline. Okay.
    I have just about run out of time, but very quickly, there 
are a number of issues about getting adequately trained 
personnel in high-technical areas. It is true in space, and I 
would think it would be true in cyberspace.
    And so, are you having difficulties or is there anything we 
could do that would help you recruit and retain people who can 
actually take on this task?
    General Alexander. There are some things, Congressman, that 
I think we will need to work jointly. And that is, like we do, 
proficiency pay for linguists and others, what is it that we 
need for our cyber personnel? We are going out to hire, the 
services are. Right now, that is not an issue. But the services 
are discussing that type of pay for those to get it. We do want 
to create a force.
    I think the other thing that we are looking at is how do we 
collapse some of our military occupational specialties down 
into a few that allow us to look at the full spectrum: Defend, 
operate, all the way through. I think we need to do that, and 
the Services have been wonderful in setting that up. And the 
way that we would define that is by looking at how we are going 
to operate in those foreign areas, how do we need our forces to 
be developed.
    This is a very technical area. There is discussion, and we 
will evolve how this command works, I think, over the next few 
years. We have had great success, on the NSA side, of hiring a 
highly talented workforce and keeping them. Our retention is 
amongst the best in Government. So I think we can do the same 
in cyberspace. And I think we will get a lot of people that 
want to take this mission on.
    Mr. Kline. Okay. Thank you. I trust you will let us know if 
you need legislative assistance.
    I yield back. Thank you.
    Mr. Thornberry. Mr. Gibson.
    Mr. Gibson. Thanks, Mr. Chairman.
    And I thank the distinguished panelists here today. I thank 
them not only for their testimony, which has been illuminating, 
but also for their leadership in this key area. And as we 
proceed, you know, given classification issues, if we start to 
move into an area, I assume that you will make it clear to me.
    But I am interested in probing a little bit further the 
issue of unity of effort. And I have a question both on the 
governmental side, the whole Government side, and then also on 
the private side. I think I will start with the private side; 
it looks to be simpler.
    Do we have a list of instructions for individuals, what to 
do if they sense they are under some kind of cyber attack, 
similar to our SAEDA [Subversion and Espionage Directed Against 
the Army] instructions of how to report, that we pass out to 
infrastructure or proliferate in any way?
    Dr. Miller. This is outside the scope of the Department of 
Defense responsibilities. What we have is a--as a Government, 
working together on a National Cyber Incident Response Plan, 
part of that is to clarify what those activities and responses 
would be. I think it is fair to say we have some more work to 
do there. And I would be happy to respond for the record with 
more details.
    [The information referred to can be found in the Appendix 
on page 71.]
    General Alexander. Could I add, Congressman, a couple 
things on that? And I did throw that over on Dr. Miller, 
because I think the first part is, it is really, how do we 
train our teams to hunt and operate within our systems? So 
system administrators today need to evolve to people who can 
police networks tomorrow.
    And when they do that, part of the training that we give 
our red, our blue, and some of our what we call green teams is 
just what you are talking about. That has to be a continuous 
process, not something that happens once every 2 years. So how 
do we evolve that force will be a key part of the defense, and 
that is part of that active defense that I referred to.
    Mr. Gibson. Yeah. Very good. And I think you would 
appreciate that standardized reporting format would probably be 
helpful as we go forward.
    And then, related--now we are in the governmental realm--I 
am trying to get a sense of--and I can imagine the challenge 
that you have, trying to coordinate this effort toward unity of 
effort.
    So is this event-driven, or is it battle rhythm-driven? Is 
there a working group that meets across the intelligence 
communities, the DHS and the DOD? How do you go about 
coordinating your effort now, given the challenges that you 
have?
    General Alexander. Sir, we do have meetings, especially in 
the area--let me focus just a little bit more into looking at 
malicious software, tactics, techniques, and procedures, people 
that are trying to get into the networks. We do have meetings 
both within the Government that looks at this--so the Computer 
Emergency Response Teams at DHS, within DOD and across the 
Government work that.
    Private industry, selected parts of those, also participate 
in that at times, because they have some expertise. And going 
back and forth on those is key. And the reason private industry 
is brought in is, some of the signatures for the antivirus 
community that private industry creates helps protect 
Government systems. And we want to ensure that that is done 
right and that they have the full advantage of that.
    Mr. Gibson. Thanks very much.
    Chairman, I yield back.
    Mr. Thornberry. Mr. West.
    Mr. West. Thank you, Mr. Chairman and Mr. Ranking Member.
    And, sirs, it is a pleasure and honor to see you all here 
today.
    Four elements of national power, the DIME [Diplomatic, 
Information, Military and Economic] theory, and, of course, the 
``I'' stands for ``information.'' So I think it is very 
important that we recognize that aspect here on this modern 
battlefield. And we, you know, congratulate you on standing up 
the CYBERCOM.
    But this is one of my big concerns: You know, what can we 
do to combat the proliferation of Islamic terrorism propaganda 
on the Internet? Because I see this as just another weapon on 
this modern-day battlefield. And if we are serious about this 
global war on terror, this propaganda is truly a tool or a 
weapon that they are levying against us.
    Now, does that fall under CYBERCOM's purview? And, if not, 
who is contending or dealing with that?
    General Alexander. I think that is a policy issue, in terms 
of whether we choose to stem the flow of radical propaganda and 
how. Technically, Cyber Command could be one of the agencies 
given that mission to go do. We have not been given that 
mission, under either a CT [counterterrorism] or a CYBERCOM 
authority.
    So I think the question is, one, has a decision been made 
to do just that? And, to my knowledge, there is no decision to 
block the radical propaganda on the networks. If it was, then 
it could technically go to either Cyber Command or one of the 
other agencies.
    Mr. West. So who makes the decision?
    General Alexander. That would be the White House and the 
Principals Committee.
    Dr. Miller. That would be a decision at the level of the 
President and, as the general said, of the Cabinet, as well.
    There is no question that this Administration, as past 
administrations, are working to counter the ideology that you 
spoke about. The Internet has an important role in that, in 
terms of how we get our message out. And, obviously, it is part 
of how these groups have used--you know, it is something that 
these groups have used, as well.
    But you have put your finger on a central policy question 
that remains, essentially, open.
    Mr. West. Well, my fear is that the longer it remains open, 
the more we get exploited and the more we get infiltrated 
across this country. So at what point in time are we going to 
tackle this question?
    Dr. Miller. The authorities for dealing with that are not 
principally Department of Defense authorities.
    General Alexander. And there is one other thing, 
Congressman, if I could, on this, just to add on that.
    If we see this on U.S. infrastructure and it is wrong, we 
can reach out, through the FBI [Federal Bureau of 
Investigation], and ask that that be removed. And we have a 
high success rate in getting that done. So when we see things 
that are particularly wrong, we reach out. And all the 
companies, when they see that, they take it off, both here and 
global.
    Mr. West. Okay.
    General Alexander. And so, there is a way of doing that 
when we see those. So I didn't want you to think--the way I 
answered it is, we are not reaching out and causing it to be 
removed globally. We can reach out and ask that it be removed 
globally. And we are having a pretty good success at doing 
that.
    Dr. Miller. And if I could just add very briefly, the ``D'' 
in your DIME model, sir, the diplomatic effort is absolutely 
important.
    Mr. West. Absolutely.
    Dr. Miller. And that is something that this Administration 
has obviously pursued.
    Mr. West. Okay. I got it, but, you know, we are getting our 
butts handed to us on that means. And when I think about Major 
Hasan and some of the things that he was able to utilize the 
Internet for, you know, I don't want to see a repeat of those 
type of circumstances.
    So thank you very much, and I yield back.
    Mr. Thornberry. I thank the gentleman. And as I am sure he 
knows, there is a number of folks who have served in-theater 
who share his frustration, who think there is a lot more we 
could be doing but are not doing. And I am very sympathetic 
with that view, as well.
    General Alexander, let me follow up on what Mr. Kline was 
asking about on people. And I know you said you would get back 
to us on additional authorities. And you said you have a great 
record of retaining people at NSA. But those are not 
necessarily military folks who may go through basic training 
and all the rest.
    Can you get and keep the kind of people you need for 
CYBERCOM with the military requirements? Or does there have to 
be some greater flexibility than we are used to?
    General Alexander. Well, I am an optimist, Chairman. I 
think we can, one, get them. I do think it may require more 
authorities, but we have to look at that.
    And, more importantly, I would like to put forward this 
thought: We want NSA to have one certain level, technical level 
of expertise that Cyber Command can use. And we want Cyber 
Command to have a breadth and a deployment capability.
    And so, these two have to work together. And I think we can 
do both. I think we can get the service people on one side. 
That may require some additional authorities. We have to look 
at it and come back to you. And I think we want the NSA 
infrastructure to have this technical depth that we can rely on 
back and forth. I think that is absolutely vital.
    Dr. Miller. I would just briefly add that we owe a report 
on this issue, Section, I think, 934 of the National Defense 
Authorization Act.
    And in addition to the factors that the general talked 
about, I think we need to look hard at what we can do under 
existing authorities, including making better use of the Guard 
and Reserve. That is an essential part of what we need to do.
    The type of people that we are looking for will span a 
wider range than the profile of people that we--the type of 
people that we are looking for with the skills for cyber will 
span a wider range than the standard profile for military 
service. And we need to have a higher degree of flexibility and 
continue to look to target those groups and to work on some of 
the pilot programs we have under way now, to work with them and 
to have outreach, so they see what DOD can provide for their 
education and see that they can make a contribution to national 
security, as well.
    Mr. Thornberry. Well, we want to work with you. You made an 
impression on me in your written statement, General, where you 
said this was the thing you were most concerned about, or 
however you phrased it.
    But, please, go ahead.
    General Alexander. I was going to add that--I hate to give 
the Navy all the credit here, with him sitting right behind 
me--but the Navy Postgraduate School has also started a 
master's degree course in January that will produce a master's 
in cyber that is a technical degree, either in computer science 
or EE [electrical engineering], with the majority of the 
courses being in cyber- and cybersecurity-related things.
    So that is a step in the right direction and some of the 
things that we need to do more of.
    Mr. Thornberry. Okay.
    Dr. Miller, one hears--and maybe one of you all mentioned 
it in your written testimony, back to the authorities issues--
about the military's ability to provide support to civilian 
authorities when called upon to do so. How does that fit in a 
cyber context?
    Dr. Miller. Sir, let me talk about both sides of that, if I 
can.
    The first, as we were discussing earlier, is that the 
Department does recognize that we are dependent on both our 
partners in Government, so the dot-gov, and our partners in the 
industry to be able to conduct just military operations and to 
succeed in those operations so that we have a stake, in 
addition to the stake we have in the broader security of the 
Nation, we have a stake in just our ability to operate, itself.
    The Department of Defense, as you alluded to, has 
authorities to provide defense support to civilian authorities 
under existing law. And the challenge associated with that in 
this area is that it gives a good set of authorities for 
responding to an incident. And what is not so clear is that it 
gives the appropriate set of authorities to assist in 
prevention of attack in the first place.
    And as we have looked at possible legislation, we are 
looking at what additional authorities may be required for the 
Department of Homeland Security so that it can provide that 
degree of protection, and then what set of authorities may be 
necessary or changes may be necessary for the Department of 
Defense to assist in providing that prevention, as opposed to 
solely focusing on response.
    You have asked exactly the right question. We intend to 
address it in legislation. And we understand that there are 
legitimate concerns about imposing costs on private industry, 
and we need to think through that. But we also understand that, 
as we have discussed earlier, that we have a lot of catching up 
to do.
    Mr. Thornberry. Yeah. Well, and as your answer recognizes, 
response after the fact to a cyber event is not really a very 
good answer to the challenges we face there.
    So, let me just ask about a couple more things, and then I 
will yield to the ranking member and Mr. Gibson, if they have 
other questions.
    Again, I can't remember exactly which of you talked about 
this. But there were two efforts under way: One is the Enduring 
Security Framework, and the other is the Defense Industrial 
Base Pilot.
    Could either or both of you all expand a little on what 
those are and where we are with them?
    General Alexander. The Enduring Security Framework is a 
partnership between Government with DHS, DOD, the DNI, and 
industry to look at critical cybersecurity issues throughout 
the different components from communications devices, 
computers, and others.
    I think that is a great partnership between the Government 
and industry in identifying problems and solutions to those 
problems. If we can identify those problems, it has been our 
experience that industry, in developing much of that equipment, 
will go solve those, free to the Government.
    That is a huge step forward, and we have made some 
tremendous jumps in that area. I think industry has more than 
done their share. It has been a privilege and honor to work on 
that. That has been great.
    The Defense Industrial Base Pilot takes the technology that 
we have within the Department and uses some of that with some 
of the Tier 1 Internet service providers to test and ensure 
that that would work under the concept that I discussed 
earlier, where the Tier 1 Internet providers ensure that we can 
do what we are doing now for the Defense Department for these 
defense industrial base companies.
    Once we have done that, the key is now identifying the 
authorities and ensure that we have the authorities to do the 
rest of it. So we are only going to do a few narrow things 
under the DIB [Defense Industrial Base] Pilot, a few narrow 
activities. Once we have shown that we can do those, the rest 
of those activities will be added.
    We will have to ensure that we have the legal framework for 
that and everybody agrees with that for the rest of those. And 
that may be parts of the stuff that come forward from the White 
House on the legislative proposals that we have.
    Dr. Miller. And, sir, if I could add very briefly, the 
Enduring Security Framework, we have found that the industry 
that participate help both on helping us understand the problem 
and working the solution. And that is, as the general said, 
very important.
    I want to distinguish, as we talk about the DIB Pilot, 
there are really two things under way. One is a broad Defense 
Industrial Base Pilot, in which we are sharing information 
about potential threats and looking at how to do that more 
effectively. It has been a two-way street. It has been very 
effective. And we are looking to continue that and grow that.
    It has been focused primarily on the cyber-hygiene side, if 
you will, on defending the networks better. The new element 
that the general has been referring to has been added to that, 
and we are currently examining how to implement that. We have 
called that, for shorthand, the Opt-In Pilot because companies 
would opt in to participate on that. And as the general said, 
we are working with a number of defense industrial base 
companies and several Internet service providers. That has not 
yet kicked off. It is something that I hope that we are very 
close to initiating.
    And by way of analog, it is looking for part of the dot-com 
to bring what Einstein 3 is supposed to bring to that dot-gov. 
And, as General Alexander said, it is not the full suite, but 
we are looking at a way to get started and show that we can do 
this and to make it work.
    Mr. Thornberry. And about how long would it take, do you 
think, to prove that it can work?
    Dr. Miller. About 90 days we are looking at to execute this 
pilot.
    Mr. Thornberry. Okay, good. Thank you.
    Mr. Langevin.
    Mr. Langevin. Thank you, Mr. Chairman.
    General Alexander, CYBERCOM has maybe two, maybe, primary 
missions among several, but two primary missions: First, to 
ensure that our military networks stay online, and, also, to 
support our warfighters in their missions around the world.
    We talked before about the network defense side of the 
issue, but I would like to turn to the second side, if I could, 
of support to the warfighter. You rightly recognize that 
cyberspace is a new domain, similar to land, air, sea, and 
space. How do you make sure that cyber is treated equally and 
not just as a supporting entity?
    Can you outline the command structure for integrating 
nonkinetic cyber effects into both tactical and operational 
levels of a conflict? And beyond the use of cyber domain, how 
are cyber mission areas different from the electronic warfare 
mission areas?
    General Alexander. Well, let me start with the first one, 
and then I will come back to electronic warfare, if I could.
    On the first one, our staff is organized like the rest of 
the COCOM staffs, the combatant commander staffs, with the J3, 
J5, J2, J6, et cetera. Our planning folks reach out to the 
combatant commands, and we are working with those combatant 
commands on their plans to integrate cyber into those plans 
from both a defense and a full-spectrum capability.
    My experience to date is that the commands have jumped on 
this. Every one of them has been eager and helpful to do that. 
I am extremely pleased that they are rolling this into the full 
spectrum. They realize the importance of it, both to defending 
our capabilities and extending those out.
    If you were to make bubbles on the role of cyber and 
electronic warfare, they are going to touch together, 
electronic warfare predominantly being looked at primarily 
today, if you will, for jamming radars back and forth. I mean, 
that is the way we look at it, in physical space by radio 
waves. In cyber, we are acting within networks.
    You can picture a time in the future where those two may 
come together, and it may be that the Department begins to 
bring some of that together, from both a technical perspective 
and an operational perspective. We are not there today because 
the way we build our EW [electronic warfare] capabilities is 
separate and apart, as part of the defensive systems of 
aircraft and other things like that.
    I did go to school in some of that, so I do understand 
those parts. And I think you can see them coming together as 
the digital technology matures.
    Mr. Langevin. Thank you. Anything else in the area of 
electronic warfare that you want to get into?
    General Alexander. Not that I can think of, Congressman.
    Mr. Langevin. Okay.
    Dr. Miller, and also to you, General, in addition to the 
$159 million provided in the President's fiscal year 2012 
budget to support CYBERCOM, what other costs are associated 
with cyber operations across the Department for fiscal year 
2012? To what extent will DOD's current efficiency and cost-
saving efforts impact CYBERCOM's current and future 
cybersecurity funding, if at all? And to what extent is DOD 
taking steps to ensure that CYBERCOM and associated military 
components are organizing in a manner that prevents or 
minimizes duplication?
    Dr. Miller. Sir, let me first say, glad to provide for the 
record the breakdown of the costs in more detail than I did in 
my prepared statement. What I could do is refer to a $3.2 
billion total for cybersecurity and the $159 million associated 
with USCYBERCOM.
    The other--the largest single category is information 
assurance, which includes our public key infrastructure and key 
management initiative. That is at a little over $2 billion for 
fiscal year 2012.
    Rather than go through each of the other categories, I 
would just, I guess, add, we have noted the importance of 
science and technology, and about $258 million of that is in 
the S&T realm. We will provide the rest of those, if you like, 
for the record.
    As we look at the work on efficiencies and the importance 
of both saving money and improving security--I will turn it 
over to General Alexander--one of the most innovative and 
interesting ideas and concepts for how to pursue those in 
tandem is to look at how we can move to a cloud-based 
architecture in a way that improves security.
    If we do it the wrong way, it could increase our 
cybersecurity challenges. If we do it appropriately over time 
and move to virtualization of some of the, if you will, 
interior of the architecture, we will have the ability to 
present a much more challenging target to those who want to 
attack us.
    I think General Alexander can speak in much more detail 
than I can to that issue.
    General Alexander. Congressman, let me answer two parts of 
that, taking off from what Dr. Miller said.
    First, on the IT efficiencies, one of the things that we 
looked at: What was the best way that we could help secure the 
Defense Department's networks, given the vast topology of those 
networks? And it was our opinion that the best way was to go to 
a thin cloud, virtual cloud environment, analogous to the way 
that Google, AT&T, and others are doing, but do that for the 
Defense Department.
    As we looked at that, we also believe that we can do that 
more efficiently in terms of manpower and moneys. That is yet 
to be proven, but it does give us a much more defensible way.
    So the IT efficiencies is something that Secretary Gates 
has pushed out that we are looking at how can we now help do 
that. And what our intent is, if we can do this right, we can 
now take part of the workforce that we have in IT and train 
them to be full-spectrum cyber capability. That is something 
that, working with the service, will help build the capacity 
quicker, that I mentioned is that shortfall.
    So I think that is one of the things that we are looking 
at. We have discussed it with the service chiefs. That is 
something that we have to walk through. The service components 
are looking at it. That is a huge step. Now, to get there, NSA 
is actually testing out parts of that right now in our 
infrastructure, and we will prove that that is right.
    The other thing, that duplication of effort, I would just 
tell you that that is one of the things, as a CYBERCOM 
commander, that I take very seriously. How do we ensure that 
the services are doing this as a joint team versus each one of 
them doing the same tool four times?
    We have great cooperation with the services in doing that. 
Our components said, we are bringing all of that together. Our 
J3 and J5 will take that on. Our suite of tools will be looked 
at and scrubbed in that way. And we have already started that 
with our planning process.
    Mr. Langevin. Very good.
    With that, gentlemen, thank you very much for your 
testimony. I know that this is an enormous challenge that we 
all face in cyberspace, and I just appreciate your dedication 
and the work you are doing.
    Thank you.
    Mr. Thornberry. Mr. Gibson.
    Mr. Gibson. Thanks, Mr. Chairman.
    And, really, just a summary of what I am taking away from 
the hearing and from also reviewing the written testimony, I 
think Cyber Command is doing a tremendous job in gaining 
situational awareness, getting organized, trying to get their 
arms around the threat and to take concerted action.
    But, to a degree, our country is hampered, the effort 
toward unity of effort--that we need mission clarity, 
authorities, legal framework, and organizational design. And 
what strikes me is that these are similar findings to the QDR 
[Quadrennial Defense Review] independent panel and the need 
towards looking at both congressional, organizational reform so 
that we can facilitate better, legislate better, and provide 
better oversight, and then also executive reform, executive 
branch reform, so that the DOD can get the guidance it needs to 
move forward.
    So these are areas of interest to me, Mr. Chairman. And I 
look forward to--I appreciate you calling this hearing and the 
testimony from our expert witnesses here. And I look forward to 
working with you as we go forward.
    I yield back.
    Mr. Thornberry. I thank the gentleman.
    The areas he identified are also of interest to me, as he 
knows, so I want to pursue it along with the gentleman.
    General Alexander, following up on your conversation with 
Mr. Langevin, do you have the authority you need, as CYBERCOM 
commander, to eliminate duplication in the services?
    General Alexander. I believe I have all the authority I 
need to eliminate duplication with the services. More 
importantly, I have their support in doing it. They want to do 
this. It makes sense. Nobody is pushing back. The key is 
finding all of that for all of us, because there is a lot of 
ingenuity that goes on.
    To date, I have not found anyone that has pushed back on 
that. I believe that, through both the Joint Staff and the JROC 
[Joint Requirements Oversight Council] process, we can push 
that. And through the Deputy Secretary and the policy level, we 
will get all the support we need. I don't see any issues with 
that. It is more of just making sure that they surface.
    Mr. Thornberry. I am always concerned when something 
becomes a very, you know, high-priority issue, then all sorts 
of programs have that label put on them to take advantage of 
the budgetary things that go with it. And ferreting out what is 
real and needed versus what may be an effort to gain more of 
the defense pie is an important capability, I think, for you to 
have.
    Can you talk a little more generally, though, about budget? 
Obviously, we are going to be in a limited budget for the 
Government, for the Defense Department for some years to come.
    As we think about cyber and spending money, you know, it 
doesn't cost very much money to send an electron through a 
fiberglass pipe. But where is our money going to have to go in 
order to defend the country properly? I mean, I assume people 
has got to be number one.
    But can you elaborate, not just on this year's budget, but 
on those trends over the next several years and what you see 
the most growth in when it comes to cyber?
    General Alexander. Chairman, I think you hit it on the 
head. People is the big thing here in cyber and for our future. 
Investing in people is key.
    We are building capacity. And, as you correctly noted, that 
is one of the key things that we have to go build and go work, 
and the Services are helping us do that. In my budget, both the 
military and the civilian side, that is the biggest portion of 
the budget--
people.
    The next is facilities to operate in, the IT infrastructure 
that we need to operate. That accounts for another 25 percent 
of the budget. And operations is the last part. So, if you 
break it out, people is the biggest share of the budget.
    One of the things that I would just highlight is we did 
look at building an integrated cyber center that brings 
together all the different elements that we have within the 
Department, all the different centers within our Department and 
potentially across the Government into one facility that allows 
us to operate seamlessly from peace time to crisis, back and 
forth. I think that is huge, and in this budget here is the 
planning and development of that 
facility.
    Dr. Miller. Sir, if I could add very briefly, for overall 
IT, the request for fiscal year 2011 was $36.6 billion, for 
2012 was $38.4 billion. We actually hope that that number will 
come down over time, as we move to a different architecture and 
be able to make some savings there.
    For overall expenditures relating to cybersecurity, the 
numbers, in fiscal year 2010 the number was about $2.96 
billion, 2011 request was $3.2 billion or a little under, and 
for 2012 we are a little over $3.2 billion.
    So we have increased somewhat. Particularly, I think, we 
are focusing those resources better, as we look to, for 
example, increase substantially how much we hunt on our own 
networks and so forth. But we would be happy to provide the 
next level of granularity, if you like. I am afraid that if I 
did it real-time, you would, you know----
    Mr. Thornberry. Yeah. The staff could take it, but I am not 
sure that I could. But it is, I think, helpful for us to see 
the longer-term trends, because I think we are all going to be 
challenged in that regard.
    Dr. Miller, one thing we really haven't touched on too much 
today is the whole subject of international cooperation in 
getting any of this done. We have talked about how geography 
doesn't matter very much in cyber, but can you just briefly 
touch on the international aspect of this?
    Dr. Miller. Sir, I would be very glad to.
    As I had talked about before, working with our 
international allies and partners is one of the key five 
initiatives that we have under way as part of our strategy. So 
we recognize its importance. And we recognize that, because we 
operate in fighting the coalition, that the security of our 
information, the security of our operations is also going to be 
dependent on the security of our partners' and allies' 
networks, as well.
    As we have begun really pushing out on cybersecurity 
efforts internationally, the first focus--I should put that 
differently--a very significant focus has been on working with 
our allies, Great Britain, Australia, New Zealand, and Canada. 
We have long-standing relationships with them on intelligence 
issues, and that has been a good foundation for what we do in 
cyber, as well.
    A very significant effort over the last year with NATO. And 
having cybersecurity being one of the key thrusts of the NATO 
Strategic Concept that was brought forward at the Lisbon 
summit, I think, is a good accomplishment. The cybersecurity 
center that has been established has begun to operate, and we 
have a lot more work to do there in NATO, in terms of 
implementing that effort.
    We have also worked with other partners and allies around 
the globe, including, for example, the Republic of Korea and 
Japan, and are beginning to have, I think, useful conversations 
there.
    One of the other areas, sir, that I just want to add is 
that we need also to have conversations about cyber and other 
strategic issues with Russia and with China. I think we have 
made some headway with respect to Russia and having the initial 
conversations on cybersecurity. Our lead on this for the 
national security staff, Howard Schmidt, took a team there just 
a little over a month ago to have this--to begin this 
conversation. And so far, with China, we have not yet really 
been able to have the same level of conversation.
    I think transparency and understanding about how each of us 
approaches this challenge is very important to avoid any 
misunderstandings or miscalculations.
    Mr. Thornberry. Finally, for me, I think, General 
Alexander, if you had to grade our ability to defend DOD 
networks, what sort of grade would you give us at this stage, 
like, A through F?
    General Alexander. I would give us today probably a C, 
going up. And the reason I say a C is, we are working extremely 
hard on building the hardening part of our networks. We have 
done an awful lot of work to bring in the host-based security 
system and made tremendous movements. And we are moving in that 
range and building that up and training the force and hardening 
that. And it has made tremendous progress over the last 2 
years. When you looked at the problems we had on our networks a 
few years ago to where we are today, it is a huge improvement.
    I would like to say an A, but I think it is going to take 
some time to get us to an A. And an A is where I believe nobody 
could penetrate that network. But we have made it extremely 
difficult for adversaries to get in, and every day we improve 
that.
    And that has the visibility and support of the Joint Staff 
and the Secretary. They have personally gotten involved. I had 
to take the reports up to both of them. And they are looking at 
that across all of the services. And each of the services are 
working it hard. We do that by network, by service, by COCOM, 
by agency. And we are looking at it in a very detailed way on 
our network operations and network security.
    But I would say a C today and going up.
    Mr. Thornberry. Well, and the ``going up'' was really my 
follow-up question. In earlier hearings, we have heard 
testimony that the advantage is with the attacker, and not only 
that, but the gap is growing so that the attacker has more 
advantage, if you look at the Internet as a whole, and versus 
the attempts to defend.
    But I take it from what you have said that that gap, when 
it comes to defending military networks, is closing, that our 
ability to defend is--well, as I say, the gap is closing versus 
the attackers. Is that right?
    General Alexander. That is correct.
    Mr. Thornberry. A significant difference from what we have 
heard from the civilian infrastructure, I would say.
    I understand Mr. Johnson has a question.
    Mr. Johnson. Yes, I do. Thank you, Mr. Chairman, for 
holding this very important hearing.
    And we certainly need to be attuned to the fact that, for 
us to get on the dean's list, General Alexander, we are going 
to have to spend a lot more money than we are spending, and we 
will have to spend in accordance with long-term budgets, as 
opposed to short-term continuing resolutions. And it is the 
welfare of the people that is at stake.
    Dr. Miller, you are, no doubt, familiar with the firm 
Palantir Technologies, are you not?
    Dr. Miller. I am not deeply familiar. I know the name, sir.
    Mr. Johnson. And what about Berico Technologies?
    Dr. Miller. I also know the name.
    Mr. Johnson. All right.
    General Alexander, have you worked with Palantir in any of 
your official capacities?
    General Alexander. I am familiar with it. We have seen some 
of their technology, and they have demonstrated that. I am not 
sure of the number of contracts that we have with Palantir, to 
be honest.
    Mr. Johnson. What about Berico?
    General Alexander. The same. I know the name. I would have 
to go back and look and see exactly what the contracts are with 
Berico.
    Mr. Johnson. General, can you explain what services and 
capabilities those two firms offer to the Department of Defense 
and the intelligence community?
    General Alexander. My recollection of Palantir was a way of 
visualizing what is going on in the networks. One of the 
problems that we have is, how do you see what is going on in 
cyberspace? How do you actually see a network in a way that is 
meaningful to help defend and operate that? Especially if you 
have a network that has 15,000 different enclaves and all these 
different pieces, how do you make that meaningful?
    And my recollection, working with Palantir, was, here is an 
idea that we could use for how to look at networks and how to 
secure it. We are looking at multiple options for how you 
actually see that. That is one of the things I think I put in 
my statement, you know, situational awareness, how do you 
actually see? I think that is an important step for us to all 
have that common situational awareness.
    Mr. Johnson. Are those tools that are developed for use by 
the defense and intelligence communities by those contractors, 
do those contractors have the ability to use those tools, or 
the authority, actually, to use those tools in the private 
sector? Can they market those tools, in other words, to the 
private sector?
    General Alexander. I think every contract is written 
differently that gives you authorities to do things, and I 
would have to go look at how those contracts were written. I am 
not personally familiar with the contracts, so I would have to 
go look at that. And I don't know who those contracts are with 
specifically, so I would have to check that out.
    But, generally speaking, in the development of a tool or a 
capability, in the contract it specifies whether that can be 
used broadly or whether it can be used only for the Government. 
And it depends on where it is being developed, for whom, and 
how.
    Mr. Johnson. Dr. Miller, anything you want to add on that?
    Dr. Miller. Sir, General Alexander has it exactly right. 
And I can't provide any more details. We would have to go back 
and look at the individual contracts to answer those questions.
    Mr. Johnson. Dr. Miller, would you be so kind as to provide 
my office with the DOD contracts with Palantir Technologies, 
Berico Technologies, and the firm HBGary Federal as soon as 
possible?
    Dr. Miller. Sir, I will do everything possible to do so. 
What I will need to do is, frankly, talk to our general counsel 
and make sure that the provision of that type of information is 
allowed contractually. And, in any case, we will get back to 
you as quickly as possible with as much information as 
possible.
    Mr. Johnson. The contract could bar the executive branch 
from providing information to the legislative branch?
    Dr. Miller. No. No, sir. I guess I would like to be able to 
provide that information to you, and without knowing all the 
organizations within the Department that have the contracts, I 
am going to have to go back and--it will take a bit of time to 
be able to map that out.
    And I also need--I need to have an assessment of whether or 
not--not of whether or not to provide the information, but in 
what form to provide the information to you. If you are asking 
for just the stack of contracts, I will say I will take that 
back to the Department and----
    Mr. Thornberry. Yeah, Dr. Miller, if you would take the 
request back, get the lawyers to look at it, see what is 
possible. If it is not possible to provide the information the 
gentleman is asking, if you would ask the appropriate folks at 
the Department to let us know why. And, also, any information 
provided, of course, we would ask that it be provided to the 
whole subcommittee, so that all members can have it.
    [The information referred to can be found in the Appendix 
on page 71.]
    Mr. Thornberry. Does that sound good?
    Mr. Johnson. Yes. Thank you, Mr. Chairman. And that will 
conclude my questions.
    Mr. Thornberry. I thank the gentleman.
    And I thank the witnesses very much for being here to 
testify, for your patience with our delays and other problems, 
which were rapidly solved.
    Dr. Miller. Mr. Chairman, if I might, in response to an 
earlier question about what the Government is doing with 
respect to radical groups' propaganda, I said it was an open 
policy issue. If I could have just a moment, I would like to 
clarify?
    Mr. Thornberry. Sure.
    Dr. Miller. What I should have said is that it is a 
recurring, ongoing policy issue; that these issues need to be 
dealt with on a case-by-case basis; that, as the Congressman 
said, it is all the tools available to us, including diplomatic 
tools; and that, on a case-by-case basis, there will be a 
question about our desire to promote free speech and our real, 
not just desire, but requirement to protect our forces and our 
people.
    And so I just wanted to--it is not a question of whether 
the issue is addressed. It is a question of how, in each case. 
And one would have to get down to the ``eaches'' to respond 
effectively.
    I appreciate the opportunity to clarify that, sir.
    Mr. Thornberry. No, I appreciate you bringing that. And I 
will also talk to Mr. West about my Smith-Mundt Repeal Act. It 
may be of interest to him as we pursue those issues.
    So, again, we thank you all very much for being here, for 
the work you are doing in this area. And we anxiously await the 
Administration proposals so that we can all get to work on 
specific things.
    With that, the hearing is adjourned.
    [Whereupon, at 5:07 p.m., the subcommittee was adjourned.]
?

      
=======================================================================




                            A P P E N D I X

                             March 16, 2011

=======================================================================

      
?

      
=======================================================================


              PREPARED STATEMENTS SUBMITTED FOR THE RECORD

                             March 16, 2011

=======================================================================

      
      
    [GRAPHIC] [TIFF OMITTED] T5593.001
    
    [GRAPHIC] [TIFF OMITTED] T5593.002
    
    [GRAPHIC] [TIFF OMITTED] T5593.036
    
    [GRAPHIC] [TIFF OMITTED] T5593.037
    
    [GRAPHIC] [TIFF OMITTED] T5593.023
    
    [GRAPHIC] [TIFF OMITTED] T5593.024
    
    [GRAPHIC] [TIFF OMITTED] T5593.025
    
    [GRAPHIC] [TIFF OMITTED] T5593.026
    
    [GRAPHIC] [TIFF OMITTED] T5593.027
    
    [GRAPHIC] [TIFF OMITTED] T5593.028
    
    [GRAPHIC] [TIFF OMITTED] T5593.029
    
    [GRAPHIC] [TIFF OMITTED] T5593.030
    
    [GRAPHIC] [TIFF OMITTED] T5593.031
    
    [GRAPHIC] [TIFF OMITTED] T5593.032
    
    [GRAPHIC] [TIFF OMITTED] T5593.033
    
    [GRAPHIC] [TIFF OMITTED] T5593.034
    
    [GRAPHIC] [TIFF OMITTED] T5593.035
    
    [GRAPHIC] [TIFF OMITTED] T5593.003
    
    [GRAPHIC] [TIFF OMITTED] T5593.004
    
    [GRAPHIC] [TIFF OMITTED] T5593.005
    
    [GRAPHIC] [TIFF OMITTED] T5593.006
    
    [GRAPHIC] [TIFF OMITTED] T5593.007
    
    [GRAPHIC] [TIFF OMITTED] T5593.008
    
    [GRAPHIC] [TIFF OMITTED] T5593.009
    
    [GRAPHIC] [TIFF OMITTED] T5593.010
    
    [GRAPHIC] [TIFF OMITTED] T5593.011
    
    [GRAPHIC] [TIFF OMITTED] T5593.012
    
    [GRAPHIC] [TIFF OMITTED] T5593.013
    
    [GRAPHIC] [TIFF OMITTED] T5593.014
    
    [GRAPHIC] [TIFF OMITTED] T5593.015
    
    [GRAPHIC] [TIFF OMITTED] T5593.016
    
    [GRAPHIC] [TIFF OMITTED] T5593.017
    
    [GRAPHIC] [TIFF OMITTED] T5593.018
    
    [GRAPHIC] [TIFF OMITTED] T5593.019
    
    [GRAPHIC] [TIFF OMITTED] T5593.020
    
    [GRAPHIC] [TIFF OMITTED] T5593.021
    
    [GRAPHIC] [TIFF OMITTED] T5593.022
    
?

      
=======================================================================


              WITNESS RESPONSES TO QUESTIONS ASKED DURING

                              THE HEARING

                             March 16, 2011

=======================================================================

      
            RESPONSE TO QUESTION SUBMITTED BY MR. THORNBERRY

    General Alexander. In accordance with the requirements of Section 
934, of the FY11 National Defense Authorization Act, the Office of the 
Secretary of Defense is drafting a report to Congress on the Cyber 
Warfare Policy of the Department of Defense. The department is 
currently coordinating the response to that reporting requirement to 
meet the extended July 1, 2011 report due date. [See page 12.]
                                 ______
                                 
             RESPONSE TO QUESTION SUBMITTED BY MR. JOHNSON
    Dr. Miller. [The information referred to is classified and retained 
in the subcommittee files.] [See page 24.]
?

      
=======================================================================


              QUESTIONS SUBMITTED BY MEMBERS POST HEARING

                             March 16, 2011

=======================================================================

      
                 QUESTIONS SUBMITTED BY MR. THORNBERRY

    Mr. Thornberry. What is the average cost of a breach in the 
Department of Defense for mission critical systems as measured in 
either dollars or degraded mission capability?
    Dr. Miller. [The information was not available at the time of 
printing.]
    Mr. Thornberry. What do you estimate the overall loss for breaches 
is in the DoD or by Military Service element?
    Dr. Miller. [The information was not available at the time of 
printing.]
    Mr. Thornberry. As outlined by the DOD's Strategic Management Plan, 
the DOD currently has a strategic performance goal to protect its IT 
infrastructure. The key measure of performance to meet that goal is the 
percentage of IT systems that are compliant with certification and 
accreditation processes. Considering the importance of this mission, 
shouldn't we have a more robust set of performance measures related to 
cyber? If so, what do you think those additional metrics should be.
    Dr. Miller. [The information was not available at the time of 
printing.]
    Mr. Thornberry. How do Defense Support to Civil Authorities (DSCA) 
authorities in the DOD work in the realm of cyber?
    Dr. Miller. [The information was not available at the time of 
printing.]

    Mr. Thornberry. What progress has U.S. Cyber Command and/or DOD 
made in developing a lexicon for cyberspace-related terms that can be 
used throughout DOD and across the federal government?
    General Alexander. Within the DoD, lexicons are strongly linked to 
doctrine. The Joint Staff J-7 authorized the development of cyberspace 
operations test doctrine, including a proposed cyber lexicon, in 
December of 2009. By April 2010, the J-7 published a draft of Joint 
Test Publication (JTP) 3-12, Cyberspace Operations. After an initial 
round of coordination, the Evaluation Draft of JTP 3-12 was released in 
September 2010 to be evaluated for effectiveness by use in exercises 
and operations.
    Mr. Thornberry. How is U.S. Cyber Command working with the services 
and DOD to ensure that they have the right mix of military, civilian, 
and contractor personnel to conduct cyberspace operations?
    General Alexander. United States Cyber Command (USCYBERCOM) is a 
key contributor along with the Office of the Under Secretary of 
Defense, Policy, the Office of the Assistant Secretary of Defense 
(Network and Information Integration) and the Department of Defense 
(DoD) Chief Information Officer, the Services, and other partners 
within the DoD Cyber Community of Interest to finalize the Cyber 
Workforce Development Study in response to the Defense Planning 
Programming Guidance. The goal of this study is to assess the current 
and future DoD cyber workforce requirements (including DoD civilians, 
contractors, and active and reserve components). USCYBERCOM's focus in 
this effort is providing information on cyber work roles and training 
requirements. USCYBERCOM will continue engagement and provide 
recommendations for recruiting, training, and retaining the cyberspace 
workforce and associated resourcing requirements for implementation.
    Mr. Thornberry. How do Defense Support to Civil Authorities (DSCA) 
authorities in the DOD work in the realm of cyber?
    General Alexander. Consistent with the authorities granted in 
Department of Defense (DoD) Directive 3025.dd, United States Cyber 
Command (USCYBERCOM) may provide Defense Support to Civil Authorities 
(DSCA) assistance as directed by the President or Secretary of Defense 
(SECDEF).
    USCYBERCOM works closely with US Strategic Command and US Northern 
Command to answer any routine Requests for Assistance (RFA) from the 
Department of Homeland Security (DHS). A 26 Sept 2010 memorandum signed 
jointly by the Secretaries of Homeland Security and Defense solidified 
the support relationship between DoD and DHS making collaboration 
between the two departments official policy. It encourages information 
sharing and mutual support.
    USCYBERCOM assistance may be technical assistance or 
recommendations for immediate defensive actions; similarly, they might 
entail recommendations for more systemic mitigation, such as 
improvements in network configurations and improvements in information 
assurance measures or best practices. Additionally, USCYBERCOM 
continually assesses the cyber threat to DoD's military networks and 
information systems to ensure we are prepared to provide support to 
civil authorities in the event of a cyber threat to the nation's 
critical infrastructure. If a major cyber event struck the nation, 
however, SECDEF would determine the most appropriate combatant command 
to lead the DSCA effort.
    Mr. Thornberry. DHS recently tested something called the National 
Cyber Incident Response Plan as part of CyberStorm III. Do you have any 
insight into how effective that plan was during the exercise? What 
should the interagency community, including DOD and the Intelligence 
Community, take from that plan?
    General Alexander. [The information referred to is classified and 
retained in the subcommittee files.]
    Mr. Thornberry. What transition pathway courses of action do you 
envision for the DARPA National Cyber Range (NCR)? What role do you 
envision for CYBERCOM in that transition process?
    General Alexander. United States Cyber Command (USCYBERCOM) 
considers the National Cyber Range (NCR) as the prototype development 
portion to the larger Cyber Range Environment (CRE) initiative. DARPA 
is the NCR lead with prototype completion projected for mid-/late-FY12. 
Transition funding for FY13 and out-year sustainment are undetermined 
at this time.
    Currently, there are three possible courses of action:
    1) Once NCR prototype development is completed in FY12, provide 
adequate transition and sustainment funding and advocate integration 
into the larger CRE ``whole of government'' range that Department of 
Homeland Security (DHS), Industry and Department of Defense (DoD) could 
use for operational training and experimentation and testing of future 
technical architectures.
    2) Complete NCR prototype development as scheduled in FY12, and 
operate as a stand-alone range for specific/limited DHS, Industry and 
DoD use for experimentation and testing.
    3) Complete NCR prototype development, and offer technology/
software tools to other existing DoD/Federal government ranges for 
reuse/integration without a transition or any sustainment program 
considerations.
    USCYBERCOM's sees potential in this prototype effort, and envisions 
our role as providing support/operational expertise to DARPA with 
potential use cases, lessons learned, and possibly assist with 
technology transition under whichever course of action is chosen.
                                 ______
                                 
                QUESTION SUBMITTED BY MR. RUPPERSBERGER

    Mr. Ruppersberger. U.S. Cyber Command was stood up at Fort Meade 
and reached full operational capability in the Fall of 2010. What do 
you expect to be the final footprint of CYBERCOM will be?
    General Alexander. With regard to the United States Cyber Command 
(USCYBERCOM) personnel footprint, the current planning projections for 
FY11 are approximately 1,404 military, civilian, and contractor 
personnel. The demographic for the personnel footprint includes 260 
Officers, 204 Enlisted, 467 Civilians, 237 Contractors and 236 
Augmentees. The USCYBERCOM footprint planning projections include space 
to support a ten percent increase in the staffing to support Combatant 
Commands, other government agency liaisons and integrated personnel as 
well as military reserve support. The National Security Agency (NSA) 
provides current facility support through existing owned and leased 
facilities. FY13 begins the military construction (MILCON) of the 
Integrated Cyber Center (ICC). This FY13 MILCON establishes 
USCYBERCOM's Joint Operations Center (JOC) and will accommodate the 
command's most critical cyber warriors.

                                  
