b'<html>\n<title> - [H.A.S.C. No. 112-26] NATIONAL DEFENSE AUTHORIZATION ACT FOR FISCAL YEAR 2012 AND OVERSIGHT OF PREVIOUSLY AUTHORIZED PROGRAMS</title>\n<body><pre>[House Hearing, 112 Congress]\n[From the U.S. Government Publishing Office]\n\n\n\n\n\n\n                                     \n\n                         [H.A.S.C. No. 112-26]\n \n                                HEARING\n                                   ON\n                   NATIONAL DEFENSE AUTHORIZATION ACT\n                          FOR FISCAL YEAR 2012\n                                  AND\n              OVERSIGHT OF PREVIOUSLY AUTHORIZED PROGRAMS\n\n                               BEFORE THE\n\n                      COMMITTEE ON ARMED SERVICES\n\n                        HOUSE OF REPRESENTATIVES\n\n                      ONE HUNDRED TWELFTH CONGRESS\n\n                             FIRST SESSION\n\n                               __________\n\n       SUBCOMMITTEE ON EMERGING THREATS AND CAPABILITIES HEARING\n\n                                   ON\n\n                 BUDGET REQUEST FOR U.S. CYBER COMMAND\n\n                               __________\n\n                              HEARING HELD\n                             MARCH 16, 2011\n\n\n                                     \n[GRAPHIC] [TIFF OMITTED] TONGRESS.#13\n\n                                     \n\n                  U.S. GOVERNMENT PRINTING OFFICE\n65-593                    WASHINGTON : 2011\n-----------------------------------------------------------------------\nFor sale by the Superintendent of Documents, U.S. Government Printing Office, \nhttp://bookstore.gpo.gov. For more information, contact the GPO Customer Contact Center, U.S. Government Printing Office. Phone 202\xef\xbf\xbd09512\xef\xbf\xbd091800, or 866\xef\xbf\xbd09512\xef\xbf\xbd091800 (toll-free). E-mail, <a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="4126312e012234323529242d316f222e2c6f">[email&#160;protected]</a>  \n  \n\n\n           SUBCOMMITTEE ON EMERGING THREATS AND CAPABILITIES\n\n                    MAC THORNBERRY, Texas, Chairman\nJEFF MILLER, Florida                 JAMES R. LANGEVIN, Rhode Island\nJOHN KLINE, Minnesota                LORETTA SANCHEZ, California\nBILL SHUSTER, Pennsylvania           ROBERT ANDREWS, New Jersey\nK. MICHAEL CONAWAY, Texas            SUSAN A. DAVIS, California\nCHRIS GIBSON, New York               TIM RYAN, Ohio\nBOBBY SCHILLING, Illinois            C.A. DUTCH RUPPERSBERGER, Maryland\nALLEN B. WEST, Florida               HANK JOHNSON, Georgia\nTRENT FRANKS, Arizona                KATHY CASTOR, Florida\nDUNCAN HUNTER, California\n                 Kevin Gates, Professional Staff Member\n                 Mark Lewis, Professional Staff Member\n                      Jeff Cullen, Staff Assistant\n\n\n                            C O N T E N T S\n\n                              ----------                              \n\n                     CHRONOLOGICAL LIST OF HEARINGS\n                                  2011\n\n                                                                   Page\n\nHearing:\n\nWednesday, March 16, 2011, Fiscal Year 2012 National Defense \n  Authorization Budget Request for U.S. Cyber Command............     1\n\nAppendix:\n\nWednesday, March 16, 2011........................................    27\n                              ----------                              \n\n                       WEDNESDAY, MARCH 16, 2011\nFISCAL YEAR 2012 NATIONAL DEFENSE AUTHORIZATION BUDGET REQUEST FOR U.S. \n                             CYBER COMMAND\n              STATEMENTS PRESENTED BY MEMBERS OF CONGRESS\n\nLangevin, Hon. James R., a Representative from Rhode Island, \n  Ranking Member, Subcommittee on Emerging Threats and \n  Capabilities...................................................     6\nThornberry, Hon. Mac, a Representative from Texas, Chairman, \n  Subcommittee on Emerging Threats and Capabilities..............     1\n\n                               WITNESSES\n\nAlexander, GEN Keith B., USA, Commander, U.S. Cyber Command......     4\nMiller, Dr. James N., Principal Deputy Under Secretary of Defense \n  for Policy, U.S. Department of Defense.........................     2\n\n                                APPENDIX\n\nPrepared Statements:\n\n    Alexander, GEN Keith B.......................................    48\n    Langevin, Hon. James R.......................................    33\n    Miller, Dr. James N..........................................    35\n    Thornberry, Hon. Mac.........................................    31\n\nDocuments Submitted for the Record:\n\n    [There were no Documents submitted.]\n\nWitness Responses to Questions Asked During the Hearing:\n\n    Mr. Johnson..................................................    71\n    Mr. Thornberry...............................................    71\n\nQuestions Submitted by Members Post Hearing:\n\n    Mr. Ruppersberger............................................    76\n    Mr. Thornberry...............................................    75\nFISCAL YEAR 2012 NATIONAL DEFENSE AUTHORIZATION BUDGET REQUEST FOR U.S. \n                             CYBER COMMAND\n\n                              ----------                              \n\n                  House of Representatives,\n                       Committee on Armed Services,\n         Subcommittee on Emerging Threats and Capabilities,\n                         Washington, DC, Wednesday, March 16, 2011.\n    The subcommittee met, pursuant to call, at 3:50 p.m. in \nroom 2212, Rayburn House Office Building, Hon. Mac Thornberry \n(chairman of the subcommittee) presiding.\n\nOPENING STATEMENT OF HON. MAC THORNBERRY, A REPRESENTATIVE FROM \n     TEXAS, CHAIRMAN, SUBCOMMITTEE ON EMERGING THREATS AND \n                          CAPABILITIES\n\n    Mr. Thornberry. As you all can tell, the votes have \ndiscombobulated the schedule. I think we are going to go ahead \nand get started in the interest of time.\n    We appreciate both of our witnesses and all our guests \nbeing here.\n    The first hearing of this subcommittee posed the question, \nWhat should be the role of the Department of Defense to defend \nthe country in cyberspace? Today, we ask the same question.\n    The example we used at our previous hearing was, if a \nformation of planes or hostile-acting ships came barreling \ntowards the Houston ship channel, I think we would have some \nsort of idea of what we would expect the Government to do in \nprotecting those facilities and the Americans in them. But it \nis a harder question to say, if a bunch of packets come \nbarreling through the Internet toward the same facilities, what \nwould we expect the Government to do to defend them? Is the \nGovernment capable of doing what we expect, and is the \nGovernment authorized to do what we expect?\n    There seems to be virtually unanimous agreement that the \nthreat to our country in cyberspace is growing. DNI [Director \nof National Intelligence] Clapper testified a few weeks ago \nduring the worldwide threat hearing that ``the threat is \nincreasing in scope and scale, and its impact is difficult to \noverstate.\'\' He made a number of other statements in his \ntestimony, something like two-thirds of U.S. firms report they \nhave been the victim of cyberspace incidents or information \nbreaches. Almost half of U.S. computers have been compromised, \naccording to another survey.\n    Today, General Alexander--in addition to the questions I \nposed, today General Alexander will also give us an update on \nCyber Command and its budget request for 2012 and how it is \ndoing in accomplishing its mission of defending DOD [Department \nof Defense] networks.\n    But, as Deputy Secretary Lynn wrote in Foreign Affairs, \n``The best-laid plans for defending military networks will \nmatter little if civilian infrastructure--which could be \ngreatly targeted in a military conflict or held hostage and \nused as a bargaining chip against the U.S. Government--is not \nsecure.\'\'\n    In sum, I believe that our Government and our country have \nnot yet come to grips with the unique national security \nchallenges that cyber poses. The changes in technology have \nsimply outpaced the modernization of our laws, regulations, and \npolicies. A great deal of work has been done in this area from, \namong others, our witnesses and the distinguished ranking \nmember of this subcommittee, but yet we still haven\'t really \ngrappled with these key issues.\n    For the last 8 months, Congress has waited to receive the \nWhite House\'s proposals on cybersecurity. We continue to hear \nthat they may come soon. But I do note that in his July 1 \nletter asking for the White House proposals, Majority Leader \nReid and six committee chairmen from the Senate wrote, ``Each \nday, the threat to cyberspace--and to the American citizens, \nbusinesses, service members, critical infrastructure, and \nGovernment agencies that depend on it--only increases.\'\'\n    And they also said, ``Securing the vast digital \ninfrastructure of our Nation\'s communications networks and \ninformation systems--our cyberspace--is essential to the future \nof our Government, our economy, and the security of our \nNation.\'\' I would submit, gentlemen, that that is the reason we \nare here today.\n    When Mr. Langevin comes, I will give him the opportunity to \nmake whatever opening comments he would like to make. But until \nthen, let me go ahead and yield to our distinguished witnesses \nfor a summary of their opening statement.\n    Without objection, your complete statements will be made \npart of the record.\n    Today we have with us General Keith Alexander, Commander of \nU.S. Cyber Command and Director of the National Security \nAgency, and Dr. James Miller, Principal Deputy Under Secretary \nof Defense for Policy.\n    Thank you both for being with us.\n    And I presume, Dr. Miller, you will go first.\n    [The prepared statement of Mr. Thornberry can be found in \nthe Appendix on page 31.]\n    Dr. Miller. Thank you, Chairman Thornberry, members of the \nsubcommittee, thank you for inviting me to testify.\n    Mr. Thornberry. There is a problem with our sound. We all \nmay have to really speak up. I worry about the court reporter, \nwhose job it is to take down every word you say. Jeff will \ncontinue to work on this problem, but if you would like to go \nahead with raised voice.\n\n   STATEMENT OF DR. JAMES N. MILLER, PRINCIPAL DEPUTY UNDER \n  SECRETARY OF DEFENSE FOR POLICY, U.S. DEPARTMENT OF DEFENSE\n\n    Dr. Miller. Mr. Chairman and members of the subcommittee, \nthank you for inviting me to testify this afternoon. I am very \npleased to join the CYBERCOM [U.S. Cyber Command] Commander and \nNational Security Agency Director, General Keith Alexander.\n    As you know, the Department of Defense is investing heavily \nin information technology, with $38.4 billion proposed for \nfiscal year 2012. We are making that investment because IT \n[information technology] is an enormous force multiplier for \nmilitary, intelligence, and business operations. Given DOD\'s \nreliance on IT, our proposal to spend $3.2 billion for \ncybersecurity in fiscal year 2012, including $159 million for \nUSCYBERCOM, makes good sense.\n    As I describe in my prepared statement and as the chairman \nalluded to, the threat to DOD and other critical networks is \nlarge and it is increasing. DOD is undertaking five key \ncyberspace initiatives to improve our posture, and I would like \nto say just a few words about each.\n    First, in order to properly train, organize, and equip our \nforces, DOD recognizes cyberspace as a domain for military \nactivities, analogous to the maritime, air, land, and space \ndomains. CYBERCOM, headed by General Alexander, is a key step \nin improving our posture.\n    Because we realize that cyber defense will not always \nsucceed, all combatant commands and the services must be \nprepared to operate in a degraded cyber environment in which \ndata networks are not fully reliable and access may be \ndisrupted.\n    DOD\'s second strategic initiative is to employ new \noperating concepts both for cyberspace hygiene and for active \ncyber defenses. DOD\'s active cyber defenses include a perimeter \ndefense of the dot-mil Internet domain that screens incoming \ntraffic for malicious code and malware. And because no \nperimeter defense is fail-proof, DOD also hunts for intrusions \non our own networks as well. We look for anomalies like \nviruses, worms, and other software that could cause damage to \nour networks and systems.\n    DOD\'s third initiative is to work closely with other U.S. \nGovernment departments and the private sector to create a \nnational approach to cybersecurity. On September 27, 2010, \nSecretary Gates and Secretary of Homeland Security Napolitano \nsigned a memorandum of agreement to allow the DHS [Department \nof Homeland Security] to draw on the cybersecurity capabilities \nalready established by the National Security Agency and \nUSCYBERCOM. A Joint Coordination Element, headed by DHS, now \nresides at Fort Meade and at NSA [the National Security Agency] \nheadquarters.\n    A great deal of sensitive but unclassified information \nresides on the networks of the 2,600-plus cleared defense \ncontractors that work with our military, and DOD is requesting \n$113 million over the Future Years Defense Program to upgrade \nthis pilot to a full program. We are also exploring other pilot \nprojects with industry that would allow DOD to further extend \nits suite of cybersecurity capabilities to companies in the \ndefense industrial base.\n    Our fourth strategic cyberspace initiative is to build \nrobust relationships with U.S. allies and international \npartners. We have already worked particularly closely with \nAustralia, Canada, New Zealand, and the United Kingdom. And, \nover the last year, we have significantly expanded \ncollaboration with NATO [the North Atlantic Treaty \nOrganization] to implement the Alliance\'s emphasis on cyber \ndefense as agreed in its new Strategic Concept.\n    Finally, DOD is working to ensure that we stay on the \ncutting edge with respect to both people and technology for \ncyberspace. We are taking a number of steps to recruit and \nretain talented civilian and military cyber personnel, \nincluding better utilizing the incredible expertise resident in \nthe National Guard and Reserve.\n    On the acquisition side, it currently takes the DOD\'s \nacquisition processes 81 months, on average, to make new \ncomputing systems operational. That means by the time they are \nfielded, they are already three to four generations behind the \nstate of the art. We are working to get cycles of 12 to 36 \nmonths as opposed to 7 or 8 years.\n    In conclusion, I want to thank the subcommittee for its \nfocus on cyberspace. As a department, I believe we have made a \nlot of progress in developing our approach and in improving \ncybersecurity, but we have a lot of work left to do. I look \nforward to working with Congress and the subcommittee to \nimprove our Nation\'s cyberspace posture as well.\n    And I look forward to your questions.\n    [The prepared statement of Dr. Miller can be found in the \nAppendix on page 35.]\n    Mr. Thornberry. I think they are trying to reset the \nsystem, and so they are all off--a fascinating thing to have \nhappen on a cyberspace hearing. I appreciate everybody\'s \nindulgence.\n    General Alexander, please proceed.\n\nSTATEMENT OF GEN KEITH B. ALEXANDER, USA, COMMANDER, U.S. CYBER \n                            COMMAND\n\n    General Alexander. Chairman Thornberry, Ranking Member \nLangevin, distinguished members of the committee, it is an \nhonor and a privilege to be here to testify with Dr. Miller.\n    Chairman Thornberry, the key points that you made, first, \non where we are and where we are going, I absolutely agree 100 \npercent. I think you hit that correct.\n    Thanks for helping us build Cyber Command. I want to hit a \nfew key points on what we have done, where we are, where we are \ngoing, and why we are at where we are today.\n    If you recall, a few years ago we looked at the threat. \nWhat Director Clapper said to you was absolutely right: The \nthreat is growing every day. It is something that we have to \nlook at from a military perspective. It is the reason we put \nCyber Command at NSA, to leverage our Nation\'s capability in \ncyberspace.\n    You are seeing what is happening in the commercial sector, \nwhere we are having exploits going on all the time. Seventy-\nfive percent of the population\'s computers have been exploited \nfor criminal purposes. If you look at the amount of activity \nthat is going on with new devices, the amount of e-mail and \nstuff, this area is exploding rapidly--tremendous opportunities \nand tremendous vulnerabilities.\n    In 2008, we had some malware, malicious software, come into \nour networks. When that malware hit our networks, it is what \nstarted U.S. Cyber Command, because the Secretary of Defense \nrealized that we need to bring our defense together with other \ncapabilities in the Nation, do that at NSA, leverage that \nplatform.\n    NSA was one of the initial ones that found the problem, \ncame up with a solution for it. And when we looked at that, \nthat is what we need in our Nation, and that is what the \nmilitary needs.\n    We have moved quickly in putting together Cyber Command. \nMay 2010, we had our initial operating capability. October \n2010, full operational capability for the staff. We have stood \nup the four components under that, and we are growing capacity. \nThat will take some time, to build that capacity, but every day \nis an improvement.\n    We are building plans with the other combatant commands to \nhelp in cyberspace. And we are defending and operating the \nmilitary networks today--a huge step forward. And we are doing \nthat by bringing the full capability of the Defense Department \nand the intel community together under one roof. I can\'t tell \nyou how important that is. It is huge in our capabilities.\n    So when you look at that, the Defense Department has a \ntremendous jump forward in what we are doing and how we are \ndoing it. And the ability and agility to move quickly between \noperations in defense when events like what has happened in \nJapan to our networks, we can quickly accommodate, whether it \nis a natural disaster or a manmade disaster. I think that is a \nhuge step forward.\n    So I wanted to leave time for questions, and I know we have \nbeen asked to go quickly. But there are a few things I would \nlike to hit that Secretary Lynn hit in the article that you \nreferenced. He mentioned five key areas about cyberspace; it is \na domain analogous to air, land, sea, and space. He talked \nabout the active defense, he talked about critical \ninfrastructure, he talked about partnering with our allies, and \nhe talked about leveraging technology.\n    Two of those are key--they are all key, of course--but two \nof those are key for this discussion, and that is, how are we \ngoing to defend? And the active defense is what we did in \nleveraging what NSA can do with what the Defense Department is \ndoing.\n    And, from my perspective, that is key. How are we going to \nhunt in our networks? How do we provide a capability that goes \nbeyond what you can commercially buy, by leveraging our \nintelligence community and our military capabilities to help \nexpand our defense? How do you leverage that global cryptologic \nplatform as an early warning capability? It is those kinds of \nthings that we have to look at.\n    And, finally, when we prove that that is good for the \nmilitary networks, I think he made a great point that resonates \nwith what you said: How do we then extend that, lawfully, while \nprotecting civil liberties and security, to the rest of \nGovernment and critical infrastructure? And, of course, doing \nthat right, that is what is taking time, that is what everyone \nis working on. I think that is a huge step forward.\n    I will tell you that one of the things that, from my \nperspective, is so important in this area--you know, our Nation \nbuilt the Internet. We are the ones that developed this, the \niPad and many of the devices that we have. We are an innovation \nnation; we are the ones who came up with that. It seems to me, \nwe are the ones that ought to solve this security problem. And \nwe can. And it is going to take a partnership between us and \nindustry. It is something that we ought to work together. And \nwe can do this; we just need to drive through it.\n    Mr. Chairman, that is all I have.\n    [The prepared statement of General Alexander can be found \nin the Appendix on page 48.]\n    Mr. Thornberry. Thank you. I appreciate your comments.\n    Let me yield to the ranking member for any comments he \nwould like to make. And if he wants to go ahead and do his \nquestions right after that. I yield to him.\n\n  STATEMENT OF HON. JAMES R. LANGEVIN, A REPRESENTATIVE FROM \nRHODE ISLAND, RANKING MEMBER, SUBCOMMITTEE ON EMERGING THREATS \n                        AND CAPABILITIES\n\n    Mr. Langevin. Thank you, Mr. Chairman, first of all, for \ncalling this very important subcommittee hearing.\n    I want to thank Dr. Miller and General Alexander for being \nhere today. I want to welcome you.\n    And, in particular, General, I want to just take a moment \nto commend you on the successful stand-up of your new command \nover the past months.\n    And I want to thank you both for appearing today to discuss \nwhat I believe is one of the most important missions and \nnational security issues facing our Nation today.\n    It is difficult to fully appreciate the importance of \ncybersecurity issues to our national security. From day-to-day \ntasks to critical operations, our warfighters depend on the \nintegrity of our networks.\n    At the same time, cyberspace itself has become weaponized. \nThe STUXNET virus as well as massive denial-of-service attacks \nsuccessfully targeting our allies in Georgia and Estonia have \ngiven us a glimpse of the damage cyber-weapons can cause.\n    In some ways, thinking about conflict in cyberspace reminds \nus of some warfighting basics. The principles of offense and \ndefense appear to remain largely the same, but the speed of \ninformation is so fast that complexity increases exponentially. \nAlso, unlike the land, sea, or air, this virtual, manmade \ndomain is limitless.\n    I believe that we must better understand how the United \nStates should safeguard our critical networks, while at the \nsame time developing the full spectrum of cyber tools to deal \nwith conflict in a new environment.\n    General Alexander, last September, when you appeared before \nthe Armed Services Committee, I asked you about your role in \ndefending critical infrastructure from cyber attack that may \nreside in other parts of the Government or in private hands. \nYou noted that your role as head of USCYBERCOM was to protect \nonly military networks. And that is within your authority, and \nit, for the most part, is limited there.\n    At an Emerging Threats Subcommittee hearing later that day \nwith the chiefs of our Services\' cyber components, I revisited \nyour answer and asked what they were doing to protect military \nbases that solely rely on civilian critical infrastructure. \nTheir answers, unfortunately, were grim but not unexpected. For \nexample, Vice Admiral Barry McCullough, head of the Navy\'s 10th \nFleet, testified that, and I quote, ``These systems are very \nvulnerable to attack,\'\' end quote, noting that much of the \npower and water systems for our military bases are served by \nsingle sources that have only very limited backup capabilities.\n    With an attack like the one demonstrated by Idaho National \nLabs in their Aurora experiment on a power station, potentially \nrequiring weeks or months to recover from, our bases could face \nserious problems maintaining operational status. Beyond even \nthe massive damage to our economy and civilian institutions \nthat a major attack on our critical infrastructure could have, \nclearly this is a vital military concern, as well.\n    Today, I reintroduced language, which the House passed in \nour National Defense Authorization Act last year, which would \nenable the White House to better coordinate our Federal cyber \ndefenses and secure our critical infrastructure. I believe it \nis essential that we continue to make progress in managing this \nthreat.\n    Although we have not yet faced a catastrophic cyber \nattack--and that is very fortunate--I do recognize that every \nday we see lower-level intrusions and thefts of everything from \nsensitive defense information to information on our financial \nsystem and critical infrastructure, as suggested in numerous \npress reports. While I am certainly thankful that we have so \nfar been spared a major attack, the low level of these \nincidents has in some ways hindered our ability to move forward \non solving this issue.\n    As the commander of CYBERCOM and the director of the \nNational Security Agency, General, you direct our Nation\'s most \npowerful capabilities in the cyber realm. And I know, from \nspeaking with you, that you also share my concerns that we have \nnot yet fully seen the extent of the damage that cyber-weapons \ncan wreak.\n    I know that defending against a collapse of our financial \nsystem or a meltdown of our power grid is outside the scope of \nthe Department of Defense\'s responsibilities, in many ways, but \nif done intentionally, it would still amount to an act of war.\n    Today, I look forward to discussing and hearing further \nabout how Cyber Command is growing and how your component \ncommands are coming on line. I also look forward to hearing how \nthe Administration is developing an overarching approach to \ncybersecurity and how DOD\'s role may need to evolve.\n    Most of all, I hope to understand what the Administration \nplans to do to fill the gap between these growing threats and \nour ability in the public and private sectors to manage them. \nWhat authorities should we examine and what tools can the \nGovernment develop to increase our ability on a national level \nto meet these challenges?\n    Again, I want to thank you both for being here today. I \nappreciate your testimony, and I look forward to our question-\nand-answer period. Thank you.\n    Mr. Chairman, with that, I will yield back to you, unless \nyou want me to go into my questions.\n    [The prepared statement of Mr. Langevin can be found in the \nAppendix on page 33.]\n    Mr. Thornberry. I think if the gentleman wants to proceed \nwith his questions, we will operate under the 5-minute rule.\n    Mr. Langevin. Thank you, Mr. Chairman.\n    General, if I could, perhaps I would begin with you.\n    It is clear that if enemy bombers were heading to the \nUnited States and we had actionable intelligence that they were \nclearly targeting critical infrastructure within our Nation, \nthat the Air Force and other components of the military would \ntake them down. And it is clearly the responsibility of DOD to \nstop that attack.\n    If there were an attack in cyberspace, an attack on the \nSCADA [Supervisory Control and Data Acquisition] system, with \nthe clear intention of taking down sectors of our electric \ngrid, do you have the authority to stop that attack? And, if \nnot, who does?\n    General Alexander. We do not have the authority to stop \nthat attack. And on the critical infrastructure, I think that \nwould fall to DHS. DHS has some of the authority, and I think \nextending that to critical infrastructure is something that the \nGovernment is addressing in the White House-led legislative \nproposals to ensure that we encompass that.\n    Right?\n    Dr. Miller. That is right.\n    Mr. Langevin. General, then, let me ask you this: How do \nyou think CYBERCOM should work with other Government agencies \nand the private sector to leverage the powerful capabilities \nthat you possess for the protection of networks and \ninfrastructure not specifically within the dot-mil domain? In \nparticular--well, let me stop there, and I will come back if I \nneed to.\n    General Alexander. To answer that question, I am going to \ngive you two, Congressman, two pieces of that, break it out \ninto components.\n    First, for Cyber Command, technically there are two things \nthat we can do, the Defense Department and the intel community, \nCyber Command. It is, we can provide malicious software \nsignatures to help protect that, and early warning. So those \nare the two capabilities.\n    The issue that you raise is, so how do we go about doing \nthat, the roles and responsibilities between the Defense \nDepartment, DHS, and the intel community? And I think that is \nwhere the partnership that Secretary Gates and Secretary \nNapolitano addressed, and their initial memorandum of agreement \nin September 2010 is focused on addressing that. We have to \nbring those two departments together. I think both Secretaries \nsee that.\n    And the intent of that memorandum of agreement is a first \nstep in how we leverage the capabilities that NSA has to help \nDHS. So I think that is a step in the right direction.\n    Mr. Langevin. General, we know that the Tutelage program is \ndesigned to provide perimeter defense to the dot-mil network. \nWhat is the best way to extend similar protection to the dot-\ngov network? And who does that? How do we do it?\n    General Alexander. I believe the best way is to take that \ncapability and work with industry to do that in a manner \nsimilar to what we are trying in the Defense Industrial Base \nPilot with DHS and the Defense Department.\n    In that pilot, the Department of Homeland Security and the \nDefense Department are working with the Tier 1 Internet service \nproviders to provide that technical capability to them, along \nwith some of the signatures and stuff, to defend a couple of \ndefense industrial base companies. About 30 of them I think is \nwhat it will end up being. And it is showing that you can do \nthat, that it scales across that level. We will demonstrate \nthat with a few of the capabilities that we have.\n    I think concurrent with that, as we are doing that, we have \nto look at the authorities and legislation to do the rest: What \nis required, and how do we quickly move to do that? \nTechnically, we can do that very quickly. We want to make sure \nthat we then have the authorities to do that, as well. And the \npilot would show that we can do that.\n    Mr. Langevin. And so then you have touched on, perhaps, \ntaking the next step. Then, also, what is the best way to \ndefend the dot-com network, particularly on critical \ninfrastructure? So much of it is owned and operated in private \nhands. How do we then take that to the next step? And where do \nthose responsibilities and authorities lie?\n    General Alexander. From a technical perspective, the \neasiest way to do that is to partner with the Tier 1 Internet \nservice providers. Government traffic and critical \ninfrastructure traffic can be segregated in those areas and \nprotected by those companies easiest. And our ability to work \nwith them in a classified environment to ensure they have the \nsignatures and stuff is probably the technically quickest way \nto go and the best way to go. It scales, and it shows it. And \nthat is what the pilot would do.\n    If we can do it for the Government, the way the Government \nis spread out, that would scale also to critical infrastructure \nif we deemed it necessary to do those, as well.\n    Mr. Langevin. Very good.\n    I see my time has expired. I have other questions, but \nthank you for your answers. And I will yield back at this time.\n    Mr. Thornberry. I thank the gentleman.\n    Dr. Miller, let me, just to be clear, ask you: Do you agree \nwith Secretary Lynn\'s comments that the best-laid plans for \ndefending military networks will matter little if civilian \ninfrastructure is not secure?\n    Dr. Miller. Yes, sir, I do.\n    Mr. Thornberry. And my understanding, from the exchange \nfrom Mr. Langevin and General Alexander, is that, currently, \nCyber Command does not have authority to make civilian networks \nsecure.\n    Dr. Miller. That is correct. CYBERCOM\'s mission is to \nprovide the connectivity and oversight of our networks and to \nprotect them and to be prepared to conduct full-spectrum \ncyberspace operations as directed by the President and \nSecretary of Defense.\n    The National Security Agency, as you know, has provided \ntechnical assistance to our interagency partners, in particular \nworking with the Department of Homeland Security. And the cyber \npilot program that General Alexander talked about is a great \nexample of that. We think we need to do more of that and to \nmove forward as quickly as possible.\n    Mr. Thornberry. Well, that gets me to the next question. In \nthe same article, Deputy Secretary Lynn said that the Pentagon \nwas working with Homeland Security and the private sector to \nlook for innovative ways to use the military\'s cyber defense \ncapabilities to protect the defense industry, as a start.\n    So what are some of those innovative ways?\n    Dr. Miller. Sir, the principal one that we are focused on \nnow in bringing the innovation and new technologies to them is \nto look at the application of the systems that you referred to \nearlier and that General Alexander spoke about to help on \nperimeter defense. That is working with the ISPs [Internet \nservice providers], as General Alexander noted.\n    The other side of it, just like for DOD, we need to think \nabout the cyber hygiene and what we can do internally. We need \nto think about how to hunt on our own networks and look for the \nproblems that may already exist. And we need to work on that \nperimeter defense. I think all of those apply, as well, to dot-\ngov, to the rest of the Government. And all those principles \napply, as well, to the critical infrastructure in particular, \nthe 18 designated areas of critical infrastructure.\n    And so, as we look at what can be done to improve the \nposture from where we are today, the legislative proposals that \nthe Administration is considering could span all of those: What \nare the incentives and assistance that can be provided for \ncyber hygiene, for example, as well as for the active defense?\n    Mr. Thornberry. Yeah. Well, as I say, we are anxiously \nawaiting those.\n    Last question: General Alexander, are you convinced that \nyou can share some of this sensitive information to help \nprovide greater perimeter defense and protect national security \nat the same time?\n    General Alexander. Mr. Chairman, I am convinced that the \nInternet service providers can protect sensitive information.\n    Mr. Thornberry. Okay.\n    Let me yield at this point to Mr. Kline.\n    Mr. Kline. Thank you. Thank you, Mr. Chairman.\n    And thank you, gentlemen, for being here, for your \ntestimony.\n    I find myself still scratching my head over the same issues \nthat we have heard discussed here, and that is, how do you even \nmake a distinction between an attack on defense and keep it \nseparate from an attack on something that is directly related \nto defense? A critical infrastructure question. Clearly, if you \nshut down the financial system in the United States, it would \naffect defense, it would affect everything.\n    So I want to make sure I am clear on two things. One, I \nunderstand we are all anticipating this prospective \nlegislation--although I must say, we have way too much \nexperience in this committee with legislation, putting things \ninto law, directing the Department of Defense to do stuff, and \nthen the Department of Defense just deciding not to do it, \nfrankly.\n    We have put in law, for example, Mr. Thornberry and I \nworked very hard a couple of years ago on the NDAA [National \nDefense Authorization Act] directing the Secretary of Defense \nand the DNI to come up with a charter for the National \nReconnaissance Office. It is a year and a half late now. It has \nbeen in law, but we haven\'t seen the results. And I know people \nare working. In fact, we have had interim reports.\n    So while I am delighted that there is prospective \nlegislation, I am just suggesting that might not be the whole \nanswer. I trust, General and Mr. Secretary, that you are \nworking on how to fight this in any case, despite the \nlegislation.\n    I want to see if I understand this. I am looking at the \nmission of USCYBERCOM as stated here in front of me: Plan, \ncoordinate, and so forth. And it says, ``and when directed, \nconduct full-spectrum military cyberspace operations in order \nto enable actions in all domains, ensure U.S./Allied freedom of \naction in cyberspace, and deny the same to our adversaries.\'\'\n    So, if directed, then you would step in and provide \ndefense, active or passive, in the event of an attack on \ninfrastructure? Is that correct or not correct?\n    General Alexander. Well, that is correct as you stated. Let \nme just give you, if I could, Congressman, a couple points on \nthat.\n    What that really drives to is--as part of my confirmation \nhearing, Senator Levin asked a very similar question, which \nwas, so what does that mean? And the specifics of it are: If we \nare overseas in an area of hostilities, Cyber Command would be \noperating under Title 10 authorities----\n    Mr. Kline. Uh-huh.\n    General Alexander [continuing]. And we would be taking on \nthe adversary, and we would have the authority to operate in \ncyberspace in that case.\n    The issue becomes a little bit more difficult when you \nstart looking at cyberspace as a global capability and bouncing \nthrough neutral countries. Now what are the authorities of land \nwarfare? What are the laws and what are the policies on it? You \nhave the inherent right of self-defense, but what can you do to \nstop somebody in a neutral country? And in cyberspace it is \neasy to jump through neutral countries to attack someone. And \nthe third and the most difficult is what happens if they use \nthe United States infrastructure to attack the United States? \nHow do you do that? All of those are key things.\n    For us to operate overseas, it is an execute order from the \nSecretary of Defense and the President. And that is what that \nspecifically lays out. And that execute order gives us the \nauthority to operate under those conditions and defines those \nconditions for us.\n    Mr. Kline. What about if it is not overseas, which is kind \nof an antiquated, bizarre concept when we are talking about \ncyberspace, but what if it is not overseas? Is there a ``when \ndirected\'\' still possible here?\n    General Alexander. That is correct. There is a ``when \ndirected.\'\' And that is----\n    Mr. Kline. And by whom?\n    General Alexander. It would be by the Secretary of Defense \nand the President.\n    Mr. Kline. Okay.\n    I have just about run out of time, but very quickly, there \nare a number of issues about getting adequately trained \npersonnel in high-technical areas. It is true in space, and I \nwould think it would be true in cyberspace.\n    And so, are you having difficulties or is there anything we \ncould do that would help you recruit and retain people who can \nactually take on this task?\n    General Alexander. There are some things, Congressman, that \nI think we will need to work jointly. And that is, like we do, \nproficiency pay for linguists and others, what is it that we \nneed for our cyber personnel? We are going out to hire, the \nservices are. Right now, that is not an issue. But the services \nare discussing that type of pay for those to get it. We do want \nto create a force.\n    I think the other thing that we are looking at is how do we \ncollapse some of our military occupational specialties down \ninto a few that allow us to look at the full spectrum: Defend, \noperate, all the way through. I think we need to do that, and \nthe Services have been wonderful in setting that up. And the \nway that we would define that is by looking at how we are going \nto operate in those foreign areas, how do we need our forces to \nbe developed.\n    This is a very technical area. There is discussion, and we \nwill evolve how this command works, I think, over the next few \nyears. We have had great success, on the NSA side, of hiring a \nhighly talented workforce and keeping them. Our retention is \namongst the best in Government. So I think we can do the same \nin cyberspace. And I think we will get a lot of people that \nwant to take this mission on.\n    Mr. Kline. Okay. Thank you. I trust you will let us know if \nyou need legislative assistance.\n    I yield back. Thank you.\n    Mr. Thornberry. Mr. Gibson.\n    Mr. Gibson. Thanks, Mr. Chairman.\n    And I thank the distinguished panelists here today. I thank \nthem not only for their testimony, which has been illuminating, \nbut also for their leadership in this key area. And as we \nproceed, you know, given classification issues, if we start to \nmove into an area, I assume that you will make it clear to me.\n    But I am interested in probing a little bit further the \nissue of unity of effort. And I have a question both on the \ngovernmental side, the whole Government side, and then also on \nthe private side. I think I will start with the private side; \nit looks to be simpler.\n    Do we have a list of instructions for individuals, what to \ndo if they sense they are under some kind of cyber attack, \nsimilar to our SAEDA [Subversion and Espionage Directed Against \nthe Army] instructions of how to report, that we pass out to \ninfrastructure or proliferate in any way?\n    Dr. Miller. This is outside the scope of the Department of \nDefense responsibilities. What we have is a--as a Government, \nworking together on a National Cyber Incident Response Plan, \npart of that is to clarify what those activities and responses \nwould be. I think it is fair to say we have some more work to \ndo there. And I would be happy to respond for the record with \nmore details.\n    [The information referred to can be found in the Appendix \non page 71.]\n    General Alexander. Could I add, Congressman, a couple \nthings on that? And I did throw that over on Dr. Miller, \nbecause I think the first part is, it is really, how do we \ntrain our teams to hunt and operate within our systems? So \nsystem administrators today need to evolve to people who can \npolice networks tomorrow.\n    And when they do that, part of the training that we give \nour red, our blue, and some of our what we call green teams is \njust what you are talking about. That has to be a continuous \nprocess, not something that happens once every 2 years. So how \ndo we evolve that force will be a key part of the defense, and \nthat is part of that active defense that I referred to.\n    Mr. Gibson. Yeah. Very good. And I think you would \nappreciate that standardized reporting format would probably be \nhelpful as we go forward.\n    And then, related--now we are in the governmental realm--I \nam trying to get a sense of--and I can imagine the challenge \nthat you have, trying to coordinate this effort toward unity of \neffort.\n    So is this event-driven, or is it battle rhythm-driven? Is \nthere a working group that meets across the intelligence \ncommunities, the DHS and the DOD? How do you go about \ncoordinating your effort now, given the challenges that you \nhave?\n    General Alexander. Sir, we do have meetings, especially in \nthe area--let me focus just a little bit more into looking at \nmalicious software, tactics, techniques, and procedures, people \nthat are trying to get into the networks. We do have meetings \nboth within the Government that looks at this--so the Computer \nEmergency Response Teams at DHS, within DOD and across the \nGovernment work that.\n    Private industry, selected parts of those, also participate \nin that at times, because they have some expertise. And going \nback and forth on those is key. And the reason private industry \nis brought in is, some of the signatures for the antivirus \ncommunity that private industry creates helps protect \nGovernment systems. And we want to ensure that that is done \nright and that they have the full advantage of that.\n    Mr. Gibson. Thanks very much.\n    Chairman, I yield back.\n    Mr. Thornberry. Mr. West.\n    Mr. West. Thank you, Mr. Chairman and Mr. Ranking Member.\n    And, sirs, it is a pleasure and honor to see you all here \ntoday.\n    Four elements of national power, the DIME [Diplomatic, \nInformation, Military and Economic] theory, and, of course, the \n``I\'\' stands for ``information.\'\' So I think it is very \nimportant that we recognize that aspect here on this modern \nbattlefield. And we, you know, congratulate you on standing up \nthe CYBERCOM.\n    But this is one of my big concerns: You know, what can we \ndo to combat the proliferation of Islamic terrorism propaganda \non the Internet? Because I see this as just another weapon on \nthis modern-day battlefield. And if we are serious about this \nglobal war on terror, this propaganda is truly a tool or a \nweapon that they are levying against us.\n    Now, does that fall under CYBERCOM\'s purview? And, if not, \nwho is contending or dealing with that?\n    General Alexander. I think that is a policy issue, in terms \nof whether we choose to stem the flow of radical propaganda and \nhow. Technically, Cyber Command could be one of the agencies \ngiven that mission to go do. We have not been given that \nmission, under either a CT [counterterrorism] or a CYBERCOM \nauthority.\n    So I think the question is, one, has a decision been made \nto do just that? And, to my knowledge, there is no decision to \nblock the radical propaganda on the networks. If it was, then \nit could technically go to either Cyber Command or one of the \nother agencies.\n    Mr. West. So who makes the decision?\n    General Alexander. That would be the White House and the \nPrincipals Committee.\n    Dr. Miller. That would be a decision at the level of the \nPresident and, as the general said, of the Cabinet, as well.\n    There is no question that this Administration, as past \nadministrations, are working to counter the ideology that you \nspoke about. The Internet has an important role in that, in \nterms of how we get our message out. And, obviously, it is part \nof how these groups have used--you know, it is something that \nthese groups have used, as well.\n    But you have put your finger on a central policy question \nthat remains, essentially, open.\n    Mr. West. Well, my fear is that the longer it remains open, \nthe more we get exploited and the more we get infiltrated \nacross this country. So at what point in time are we going to \ntackle this question?\n    Dr. Miller. The authorities for dealing with that are not \nprincipally Department of Defense authorities.\n    General Alexander. And there is one other thing, \nCongressman, if I could, on this, just to add on that.\n    If we see this on U.S. infrastructure and it is wrong, we \ncan reach out, through the FBI [Federal Bureau of \nInvestigation], and ask that that be removed. And we have a \nhigh success rate in getting that done. So when we see things \nthat are particularly wrong, we reach out. And all the \ncompanies, when they see that, they take it off, both here and \nglobal.\n    Mr. West. Okay.\n    General Alexander. And so, there is a way of doing that \nwhen we see those. So I didn\'t want you to think--the way I \nanswered it is, we are not reaching out and causing it to be \nremoved globally. We can reach out and ask that it be removed \nglobally. And we are having a pretty good success at doing \nthat.\n    Dr. Miller. And if I could just add very briefly, the ``D\'\' \nin your DIME model, sir, the diplomatic effort is absolutely \nimportant.\n    Mr. West. Absolutely.\n    Dr. Miller. And that is something that this Administration \nhas obviously pursued.\n    Mr. West. Okay. I got it, but, you know, we are getting our \nbutts handed to us on that means. And when I think about Major \nHasan and some of the things that he was able to utilize the \nInternet for, you know, I don\'t want to see a repeat of those \ntype of circumstances.\n    So thank you very much, and I yield back.\n    Mr. Thornberry. I thank the gentleman. And as I am sure he \nknows, there is a number of folks who have served in-theater \nwho share his frustration, who think there is a lot more we \ncould be doing but are not doing. And I am very sympathetic \nwith that view, as well.\n    General Alexander, let me follow up on what Mr. Kline was \nasking about on people. And I know you said you would get back \nto us on additional authorities. And you said you have a great \nrecord of retaining people at NSA. But those are not \nnecessarily military folks who may go through basic training \nand all the rest.\n    Can you get and keep the kind of people you need for \nCYBERCOM with the military requirements? Or does there have to \nbe some greater flexibility than we are used to?\n    General Alexander. Well, I am an optimist, Chairman. I \nthink we can, one, get them. I do think it may require more \nauthorities, but we have to look at that.\n    And, more importantly, I would like to put forward this \nthought: We want NSA to have one certain level, technical level \nof expertise that Cyber Command can use. And we want Cyber \nCommand to have a breadth and a deployment capability.\n    And so, these two have to work together. And I think we can \ndo both. I think we can get the service people on one side. \nThat may require some additional authorities. We have to look \nat it and come back to you. And I think we want the NSA \ninfrastructure to have this technical depth that we can rely on \nback and forth. I think that is absolutely vital.\n    Dr. Miller. I would just briefly add that we owe a report \non this issue, Section, I think, 934 of the National Defense \nAuthorization Act.\n    And in addition to the factors that the general talked \nabout, I think we need to look hard at what we can do under \nexisting authorities, including making better use of the Guard \nand Reserve. That is an essential part of what we need to do.\n    The type of people that we are looking for will span a \nwider range than the profile of people that we--the type of \npeople that we are looking for with the skills for cyber will \nspan a wider range than the standard profile for military \nservice. And we need to have a higher degree of flexibility and \ncontinue to look to target those groups and to work on some of \nthe pilot programs we have under way now, to work with them and \nto have outreach, so they see what DOD can provide for their \neducation and see that they can make a contribution to national \nsecurity, as well.\n    Mr. Thornberry. Well, we want to work with you. You made an \nimpression on me in your written statement, General, where you \nsaid this was the thing you were most concerned about, or \nhowever you phrased it.\n    But, please, go ahead.\n    General Alexander. I was going to add that--I hate to give \nthe Navy all the credit here, with him sitting right behind \nme--but the Navy Postgraduate School has also started a \nmaster\'s degree course in January that will produce a master\'s \nin cyber that is a technical degree, either in computer science \nor EE [electrical engineering], with the majority of the \ncourses being in cyber- and cybersecurity-related things.\n    So that is a step in the right direction and some of the \nthings that we need to do more of.\n    Mr. Thornberry. Okay.\n    Dr. Miller, one hears--and maybe one of you all mentioned \nit in your written testimony, back to the authorities issues--\nabout the military\'s ability to provide support to civilian \nauthorities when called upon to do so. How does that fit in a \ncyber context?\n    Dr. Miller. Sir, let me talk about both sides of that, if I \ncan.\n    The first, as we were discussing earlier, is that the \nDepartment does recognize that we are dependent on both our \npartners in Government, so the dot-gov, and our partners in the \nindustry to be able to conduct just military operations and to \nsucceed in those operations so that we have a stake, in \naddition to the stake we have in the broader security of the \nNation, we have a stake in just our ability to operate, itself.\n    The Department of Defense, as you alluded to, has \nauthorities to provide defense support to civilian authorities \nunder existing law. And the challenge associated with that in \nthis area is that it gives a good set of authorities for \nresponding to an incident. And what is not so clear is that it \ngives the appropriate set of authorities to assist in \nprevention of attack in the first place.\n    And as we have looked at possible legislation, we are \nlooking at what additional authorities may be required for the \nDepartment of Homeland Security so that it can provide that \ndegree of protection, and then what set of authorities may be \nnecessary or changes may be necessary for the Department of \nDefense to assist in providing that prevention, as opposed to \nsolely focusing on response.\n    You have asked exactly the right question. We intend to \naddress it in legislation. And we understand that there are \nlegitimate concerns about imposing costs on private industry, \nand we need to think through that. But we also understand that, \nas we have discussed earlier, that we have a lot of catching up \nto do.\n    Mr. Thornberry. Yeah. Well, and as your answer recognizes, \nresponse after the fact to a cyber event is not really a very \ngood answer to the challenges we face there.\n    So, let me just ask about a couple more things, and then I \nwill yield to the ranking member and Mr. Gibson, if they have \nother questions.\n    Again, I can\'t remember exactly which of you talked about \nthis. But there were two efforts under way: One is the Enduring \nSecurity Framework, and the other is the Defense Industrial \nBase Pilot.\n    Could either or both of you all expand a little on what \nthose are and where we are with them?\n    General Alexander. The Enduring Security Framework is a \npartnership between Government with DHS, DOD, the DNI, and \nindustry to look at critical cybersecurity issues throughout \nthe different components from communications devices, \ncomputers, and others.\n    I think that is a great partnership between the Government \nand industry in identifying problems and solutions to those \nproblems. If we can identify those problems, it has been our \nexperience that industry, in developing much of that equipment, \nwill go solve those, free to the Government.\n    That is a huge step forward, and we have made some \ntremendous jumps in that area. I think industry has more than \ndone their share. It has been a privilege and honor to work on \nthat. That has been great.\n    The Defense Industrial Base Pilot takes the technology that \nwe have within the Department and uses some of that with some \nof the Tier 1 Internet service providers to test and ensure \nthat that would work under the concept that I discussed \nearlier, where the Tier 1 Internet providers ensure that we can \ndo what we are doing now for the Defense Department for these \ndefense industrial base companies.\n    Once we have done that, the key is now identifying the \nauthorities and ensure that we have the authorities to do the \nrest of it. So we are only going to do a few narrow things \nunder the DIB [Defense Industrial Base] Pilot, a few narrow \nactivities. Once we have shown that we can do those, the rest \nof those activities will be added.\n    We will have to ensure that we have the legal framework for \nthat and everybody agrees with that for the rest of those. And \nthat may be parts of the stuff that come forward from the White \nHouse on the legislative proposals that we have.\n    Dr. Miller. And, sir, if I could add very briefly, the \nEnduring Security Framework, we have found that the industry \nthat participate help both on helping us understand the problem \nand working the solution. And that is, as the general said, \nvery important.\n    I want to distinguish, as we talk about the DIB Pilot, \nthere are really two things under way. One is a broad Defense \nIndustrial Base Pilot, in which we are sharing information \nabout potential threats and looking at how to do that more \neffectively. It has been a two-way street. It has been very \neffective. And we are looking to continue that and grow that.\n    It has been focused primarily on the cyber-hygiene side, if \nyou will, on defending the networks better. The new element \nthat the general has been referring to has been added to that, \nand we are currently examining how to implement that. We have \ncalled that, for shorthand, the Opt-In Pilot because companies \nwould opt in to participate on that. And as the general said, \nwe are working with a number of defense industrial base \ncompanies and several Internet service providers. That has not \nyet kicked off. It is something that I hope that we are very \nclose to initiating.\n    And by way of analog, it is looking for part of the dot-com \nto bring what Einstein 3 is supposed to bring to that dot-gov. \nAnd, as General Alexander said, it is not the full suite, but \nwe are looking at a way to get started and show that we can do \nthis and to make it work.\n    Mr. Thornberry. And about how long would it take, do you \nthink, to prove that it can work?\n    Dr. Miller. About 90 days we are looking at to execute this \npilot.\n    Mr. Thornberry. Okay, good. Thank you.\n    Mr. Langevin.\n    Mr. Langevin. Thank you, Mr. Chairman.\n    General Alexander, CYBERCOM has maybe two, maybe, primary \nmissions among several, but two primary missions: First, to \nensure that our military networks stay online, and, also, to \nsupport our warfighters in their missions around the world.\n    We talked before about the network defense side of the \nissue, but I would like to turn to the second side, if I could, \nof support to the warfighter. You rightly recognize that \ncyberspace is a new domain, similar to land, air, sea, and \nspace. How do you make sure that cyber is treated equally and \nnot just as a supporting entity?\n    Can you outline the command structure for integrating \nnonkinetic cyber effects into both tactical and operational \nlevels of a conflict? And beyond the use of cyber domain, how \nare cyber mission areas different from the electronic warfare \nmission areas?\n    General Alexander. Well, let me start with the first one, \nand then I will come back to electronic warfare, if I could.\n    On the first one, our staff is organized like the rest of \nthe COCOM staffs, the combatant commander staffs, with the J3, \nJ5, J2, J6, et cetera. Our planning folks reach out to the \ncombatant commands, and we are working with those combatant \ncommands on their plans to integrate cyber into those plans \nfrom both a defense and a full-spectrum capability.\n    My experience to date is that the commands have jumped on \nthis. Every one of them has been eager and helpful to do that. \nI am extremely pleased that they are rolling this into the full \nspectrum. They realize the importance of it, both to defending \nour capabilities and extending those out.\n    If you were to make bubbles on the role of cyber and \nelectronic warfare, they are going to touch together, \nelectronic warfare predominantly being looked at primarily \ntoday, if you will, for jamming radars back and forth. I mean, \nthat is the way we look at it, in physical space by radio \nwaves. In cyber, we are acting within networks.\n    You can picture a time in the future where those two may \ncome together, and it may be that the Department begins to \nbring some of that together, from both a technical perspective \nand an operational perspective. We are not there today because \nthe way we build our EW [electronic warfare] capabilities is \nseparate and apart, as part of the defensive systems of \naircraft and other things like that.\n    I did go to school in some of that, so I do understand \nthose parts. And I think you can see them coming together as \nthe digital technology matures.\n    Mr. Langevin. Thank you. Anything else in the area of \nelectronic warfare that you want to get into?\n    General Alexander. Not that I can think of, Congressman.\n    Mr. Langevin. Okay.\n    Dr. Miller, and also to you, General, in addition to the \n$159 million provided in the President\'s fiscal year 2012 \nbudget to support CYBERCOM, what other costs are associated \nwith cyber operations across the Department for fiscal year \n2012? To what extent will DOD\'s current efficiency and cost-\nsaving efforts impact CYBERCOM\'s current and future \ncybersecurity funding, if at all? And to what extent is DOD \ntaking steps to ensure that CYBERCOM and associated military \ncomponents are organizing in a manner that prevents or \nminimizes duplication?\n    Dr. Miller. Sir, let me first say, glad to provide for the \nrecord the breakdown of the costs in more detail than I did in \nmy prepared statement. What I could do is refer to a $3.2 \nbillion total for cybersecurity and the $159 million associated \nwith USCYBERCOM.\n    The other--the largest single category is information \nassurance, which includes our public key infrastructure and key \nmanagement initiative. That is at a little over $2 billion for \nfiscal year 2012.\n    Rather than go through each of the other categories, I \nwould just, I guess, add, we have noted the importance of \nscience and technology, and about $258 million of that is in \nthe S&T realm. We will provide the rest of those, if you like, \nfor the record.\n    As we look at the work on efficiencies and the importance \nof both saving money and improving security--I will turn it \nover to General Alexander--one of the most innovative and \ninteresting ideas and concepts for how to pursue those in \ntandem is to look at how we can move to a cloud-based \narchitecture in a way that improves security.\n    If we do it the wrong way, it could increase our \ncybersecurity challenges. If we do it appropriately over time \nand move to virtualization of some of the, if you will, \ninterior of the architecture, we will have the ability to \npresent a much more challenging target to those who want to \nattack us.\n    I think General Alexander can speak in much more detail \nthan I can to that issue.\n    General Alexander. Congressman, let me answer two parts of \nthat, taking off from what Dr. Miller said.\n    First, on the IT efficiencies, one of the things that we \nlooked at: What was the best way that we could help secure the \nDefense Department\'s networks, given the vast topology of those \nnetworks? And it was our opinion that the best way was to go to \na thin cloud, virtual cloud environment, analogous to the way \nthat Google, AT&T, and others are doing, but do that for the \nDefense Department.\n    As we looked at that, we also believe that we can do that \nmore efficiently in terms of manpower and moneys. That is yet \nto be proven, but it does give us a much more defensible way.\n    So the IT efficiencies is something that Secretary Gates \nhas pushed out that we are looking at how can we now help do \nthat. And what our intent is, if we can do this right, we can \nnow take part of the workforce that we have in IT and train \nthem to be full-spectrum cyber capability. That is something \nthat, working with the service, will help build the capacity \nquicker, that I mentioned is that shortfall.\n    So I think that is one of the things that we are looking \nat. We have discussed it with the service chiefs. That is \nsomething that we have to walk through. The service components \nare looking at it. That is a huge step. Now, to get there, NSA \nis actually testing out parts of that right now in our \ninfrastructure, and we will prove that that is right.\n    The other thing, that duplication of effort, I would just \ntell you that that is one of the things, as a CYBERCOM \ncommander, that I take very seriously. How do we ensure that \nthe services are doing this as a joint team versus each one of \nthem doing the same tool four times?\n    We have great cooperation with the services in doing that. \nOur components said, we are bringing all of that together. Our \nJ3 and J5 will take that on. Our suite of tools will be looked \nat and scrubbed in that way. And we have already started that \nwith our planning process.\n    Mr. Langevin. Very good.\n    With that, gentlemen, thank you very much for your \ntestimony. I know that this is an enormous challenge that we \nall face in cyberspace, and I just appreciate your dedication \nand the work you are doing.\n    Thank you.\n    Mr. Thornberry. Mr. Gibson.\n    Mr. Gibson. Thanks, Mr. Chairman.\n    And, really, just a summary of what I am taking away from \nthe hearing and from also reviewing the written testimony, I \nthink Cyber Command is doing a tremendous job in gaining \nsituational awareness, getting organized, trying to get their \narms around the threat and to take concerted action.\n    But, to a degree, our country is hampered, the effort \ntoward unity of effort--that we need mission clarity, \nauthorities, legal framework, and organizational design. And \nwhat strikes me is that these are similar findings to the QDR \n[Quadrennial Defense Review] independent panel and the need \ntowards looking at both congressional, organizational reform so \nthat we can facilitate better, legislate better, and provide \nbetter oversight, and then also executive reform, executive \nbranch reform, so that the DOD can get the guidance it needs to \nmove forward.\n    So these are areas of interest to me, Mr. Chairman. And I \nlook forward to--I appreciate you calling this hearing and the \ntestimony from our expert witnesses here. And I look forward to \nworking with you as we go forward.\n    I yield back.\n    Mr. Thornberry. I thank the gentleman.\n    The areas he identified are also of interest to me, as he \nknows, so I want to pursue it along with the gentleman.\n    General Alexander, following up on your conversation with \nMr. Langevin, do you have the authority you need, as CYBERCOM \ncommander, to eliminate duplication in the services?\n    General Alexander. I believe I have all the authority I \nneed to eliminate duplication with the services. More \nimportantly, I have their support in doing it. They want to do \nthis. It makes sense. Nobody is pushing back. The key is \nfinding all of that for all of us, because there is a lot of \ningenuity that goes on.\n    To date, I have not found anyone that has pushed back on \nthat. I believe that, through both the Joint Staff and the JROC \n[Joint Requirements Oversight Council] process, we can push \nthat. And through the Deputy Secretary and the policy level, we \nwill get all the support we need. I don\'t see any issues with \nthat. It is more of just making sure that they surface.\n    Mr. Thornberry. I am always concerned when something \nbecomes a very, you know, high-priority issue, then all sorts \nof programs have that label put on them to take advantage of \nthe budgetary things that go with it. And ferreting out what is \nreal and needed versus what may be an effort to gain more of \nthe defense pie is an important capability, I think, for you to \nhave.\n    Can you talk a little more generally, though, about budget? \nObviously, we are going to be in a limited budget for the \nGovernment, for the Defense Department for some years to come.\n    As we think about cyber and spending money, you know, it \ndoesn\'t cost very much money to send an electron through a \nfiberglass pipe. But where is our money going to have to go in \norder to defend the country properly? I mean, I assume people \nhas got to be number one.\n    But can you elaborate, not just on this year\'s budget, but \non those trends over the next several years and what you see \nthe most growth in when it comes to cyber?\n    General Alexander. Chairman, I think you hit it on the \nhead. People is the big thing here in cyber and for our future. \nInvesting in people is key.\n    We are building capacity. And, as you correctly noted, that \nis one of the key things that we have to go build and go work, \nand the Services are helping us do that. In my budget, both the \nmilitary and the civilian side, that is the biggest portion of \nthe budget--\npeople.\n    The next is facilities to operate in, the IT infrastructure \nthat we need to operate. That accounts for another 25 percent \nof the budget. And operations is the last part. So, if you \nbreak it out, people is the biggest share of the budget.\n    One of the things that I would just highlight is we did \nlook at building an integrated cyber center that brings \ntogether all the different elements that we have within the \nDepartment, all the different centers within our Department and \npotentially across the Government into one facility that allows \nus to operate seamlessly from peace time to crisis, back and \nforth. I think that is huge, and in this budget here is the \nplanning and development of that \nfacility.\n    Dr. Miller. Sir, if I could add very briefly, for overall \nIT, the request for fiscal year 2011 was $36.6 billion, for \n2012 was $38.4 billion. We actually hope that that number will \ncome down over time, as we move to a different architecture and \nbe able to make some savings there.\n    For overall expenditures relating to cybersecurity, the \nnumbers, in fiscal year 2010 the number was about $2.96 \nbillion, 2011 request was $3.2 billion or a little under, and \nfor 2012 we are a little over $3.2 billion.\n    So we have increased somewhat. Particularly, I think, we \nare focusing those resources better, as we look to, for \nexample, increase substantially how much we hunt on our own \nnetworks and so forth. But we would be happy to provide the \nnext level of granularity, if you like. I am afraid that if I \ndid it real-time, you would, you know----\n    Mr. Thornberry. Yeah. The staff could take it, but I am not \nsure that I could. But it is, I think, helpful for us to see \nthe longer-term trends, because I think we are all going to be \nchallenged in that regard.\n    Dr. Miller, one thing we really haven\'t touched on too much \ntoday is the whole subject of international cooperation in \ngetting any of this done. We have talked about how geography \ndoesn\'t matter very much in cyber, but can you just briefly \ntouch on the international aspect of this?\n    Dr. Miller. Sir, I would be very glad to.\n    As I had talked about before, working with our \ninternational allies and partners is one of the key five \ninitiatives that we have under way as part of our strategy. So \nwe recognize its importance. And we recognize that, because we \noperate in fighting the coalition, that the security of our \ninformation, the security of our operations is also going to be \ndependent on the security of our partners\' and allies\' \nnetworks, as well.\n    As we have begun really pushing out on cybersecurity \nefforts internationally, the first focus--I should put that \ndifferently--a very significant focus has been on working with \nour allies, Great Britain, Australia, New Zealand, and Canada. \nWe have long-standing relationships with them on intelligence \nissues, and that has been a good foundation for what we do in \ncyber, as well.\n    A very significant effort over the last year with NATO. And \nhaving cybersecurity being one of the key thrusts of the NATO \nStrategic Concept that was brought forward at the Lisbon \nsummit, I think, is a good accomplishment. The cybersecurity \ncenter that has been established has begun to operate, and we \nhave a lot more work to do there in NATO, in terms of \nimplementing that effort.\n    We have also worked with other partners and allies around \nthe globe, including, for example, the Republic of Korea and \nJapan, and are beginning to have, I think, useful conversations \nthere.\n    One of the other areas, sir, that I just want to add is \nthat we need also to have conversations about cyber and other \nstrategic issues with Russia and with China. I think we have \nmade some headway with respect to Russia and having the initial \nconversations on cybersecurity. Our lead on this for the \nnational security staff, Howard Schmidt, took a team there just \na little over a month ago to have this--to begin this \nconversation. And so far, with China, we have not yet really \nbeen able to have the same level of conversation.\n    I think transparency and understanding about how each of us \napproaches this challenge is very important to avoid any \nmisunderstandings or miscalculations.\n    Mr. Thornberry. Finally, for me, I think, General \nAlexander, if you had to grade our ability to defend DOD \nnetworks, what sort of grade would you give us at this stage, \nlike, A through F?\n    General Alexander. I would give us today probably a C, \ngoing up. And the reason I say a C is, we are working extremely \nhard on building the hardening part of our networks. We have \ndone an awful lot of work to bring in the host-based security \nsystem and made tremendous movements. And we are moving in that \nrange and building that up and training the force and hardening \nthat. And it has made tremendous progress over the last 2 \nyears. When you looked at the problems we had on our networks a \nfew years ago to where we are today, it is a huge improvement.\n    I would like to say an A, but I think it is going to take \nsome time to get us to an A. And an A is where I believe nobody \ncould penetrate that network. But we have made it extremely \ndifficult for adversaries to get in, and every day we improve \nthat.\n    And that has the visibility and support of the Joint Staff \nand the Secretary. They have personally gotten involved. I had \nto take the reports up to both of them. And they are looking at \nthat across all of the services. And each of the services are \nworking it hard. We do that by network, by service, by COCOM, \nby agency. And we are looking at it in a very detailed way on \nour network operations and network security.\n    But I would say a C today and going up.\n    Mr. Thornberry. Well, and the ``going up\'\' was really my \nfollow-up question. In earlier hearings, we have heard \ntestimony that the advantage is with the attacker, and not only \nthat, but the gap is growing so that the attacker has more \nadvantage, if you look at the Internet as a whole, and versus \nthe attempts to defend.\n    But I take it from what you have said that that gap, when \nit comes to defending military networks, is closing, that our \nability to defend is--well, as I say, the gap is closing versus \nthe attackers. Is that right?\n    General Alexander. That is correct.\n    Mr. Thornberry. A significant difference from what we have \nheard from the civilian infrastructure, I would say.\n    I understand Mr. Johnson has a question.\n    Mr. Johnson. Yes, I do. Thank you, Mr. Chairman, for \nholding this very important hearing.\n    And we certainly need to be attuned to the fact that, for \nus to get on the dean\'s list, General Alexander, we are going \nto have to spend a lot more money than we are spending, and we \nwill have to spend in accordance with long-term budgets, as \nopposed to short-term continuing resolutions. And it is the \nwelfare of the people that is at stake.\n    Dr. Miller, you are, no doubt, familiar with the firm \nPalantir Technologies, are you not?\n    Dr. Miller. I am not deeply familiar. I know the name, sir.\n    Mr. Johnson. And what about Berico Technologies?\n    Dr. Miller. I also know the name.\n    Mr. Johnson. All right.\n    General Alexander, have you worked with Palantir in any of \nyour official capacities?\n    General Alexander. I am familiar with it. We have seen some \nof their technology, and they have demonstrated that. I am not \nsure of the number of contracts that we have with Palantir, to \nbe honest.\n    Mr. Johnson. What about Berico?\n    General Alexander. The same. I know the name. I would have \nto go back and look and see exactly what the contracts are with \nBerico.\n    Mr. Johnson. General, can you explain what services and \ncapabilities those two firms offer to the Department of Defense \nand the intelligence community?\n    General Alexander. My recollection of Palantir was a way of \nvisualizing what is going on in the networks. One of the \nproblems that we have is, how do you see what is going on in \ncyberspace? How do you actually see a network in a way that is \nmeaningful to help defend and operate that? Especially if you \nhave a network that has 15,000 different enclaves and all these \ndifferent pieces, how do you make that meaningful?\n    And my recollection, working with Palantir, was, here is an \nidea that we could use for how to look at networks and how to \nsecure it. We are looking at multiple options for how you \nactually see that. That is one of the things I think I put in \nmy statement, you know, situational awareness, how do you \nactually see? I think that is an important step for us to all \nhave that common situational awareness.\n    Mr. Johnson. Are those tools that are developed for use by \nthe defense and intelligence communities by those contractors, \ndo those contractors have the ability to use those tools, or \nthe authority, actually, to use those tools in the private \nsector? Can they market those tools, in other words, to the \nprivate sector?\n    General Alexander. I think every contract is written \ndifferently that gives you authorities to do things, and I \nwould have to go look at how those contracts were written. I am \nnot personally familiar with the contracts, so I would have to \ngo look at that. And I don\'t know who those contracts are with \nspecifically, so I would have to check that out.\n    But, generally speaking, in the development of a tool or a \ncapability, in the contract it specifies whether that can be \nused broadly or whether it can be used only for the Government. \nAnd it depends on where it is being developed, for whom, and \nhow.\n    Mr. Johnson. Dr. Miller, anything you want to add on that?\n    Dr. Miller. Sir, General Alexander has it exactly right. \nAnd I can\'t provide any more details. We would have to go back \nand look at the individual contracts to answer those questions.\n    Mr. Johnson. Dr. Miller, would you be so kind as to provide \nmy office with the DOD contracts with Palantir Technologies, \nBerico Technologies, and the firm HBGary Federal as soon as \npossible?\n    Dr. Miller. Sir, I will do everything possible to do so. \nWhat I will need to do is, frankly, talk to our general counsel \nand make sure that the provision of that type of information is \nallowed contractually. And, in any case, we will get back to \nyou as quickly as possible with as much information as \npossible.\n    Mr. Johnson. The contract could bar the executive branch \nfrom providing information to the legislative branch?\n    Dr. Miller. No. No, sir. I guess I would like to be able to \nprovide that information to you, and without knowing all the \norganizations within the Department that have the contracts, I \nam going to have to go back and--it will take a bit of time to \nbe able to map that out.\n    And I also need--I need to have an assessment of whether or \nnot--not of whether or not to provide the information, but in \nwhat form to provide the information to you. If you are asking \nfor just the stack of contracts, I will say I will take that \nback to the Department and----\n    Mr. Thornberry. Yeah, Dr. Miller, if you would take the \nrequest back, get the lawyers to look at it, see what is \npossible. If it is not possible to provide the information the \ngentleman is asking, if you would ask the appropriate folks at \nthe Department to let us know why. And, also, any information \nprovided, of course, we would ask that it be provided to the \nwhole subcommittee, so that all members can have it.\n    [The information referred to can be found in the Appendix \non page 71.]\n    Mr. Thornberry. Does that sound good?\n    Mr. Johnson. Yes. Thank you, Mr. Chairman. And that will \nconclude my questions.\n    Mr. Thornberry. I thank the gentleman.\n    And I thank the witnesses very much for being here to \ntestify, for your patience with our delays and other problems, \nwhich were rapidly solved.\n    Dr. Miller. Mr. Chairman, if I might, in response to an \nearlier question about what the Government is doing with \nrespect to radical groups\' propaganda, I said it was an open \npolicy issue. If I could have just a moment, I would like to \nclarify?\n    Mr. Thornberry. Sure.\n    Dr. Miller. What I should have said is that it is a \nrecurring, ongoing policy issue; that these issues need to be \ndealt with on a case-by-case basis; that, as the Congressman \nsaid, it is all the tools available to us, including diplomatic \ntools; and that, on a case-by-case basis, there will be a \nquestion about our desire to promote free speech and our real, \nnot just desire, but requirement to protect our forces and our \npeople.\n    And so I just wanted to--it is not a question of whether \nthe issue is addressed. It is a question of how, in each case. \nAnd one would have to get down to the ``eaches\'\' to respond \neffectively.\n    I appreciate the opportunity to clarify that, sir.\n    Mr. Thornberry. No, I appreciate you bringing that. And I \nwill also talk to Mr. West about my Smith-Mundt Repeal Act. It \nmay be of interest to him as we pursue those issues.\n    So, again, we thank you all very much for being here, for \nthe work you are doing in this area. And we anxiously await the \nAdministration proposals so that we can all get to work on \nspecific things.\n    With that, the hearing is adjourned.\n    [Whereupon, at 5:07 p.m., the subcommittee was adjourned.]\n?\n\n      \n=======================================================================\n\n\n\n\n                            A P P E N D I X\n\n                             March 16, 2011\n\n=======================================================================\n\n      \n?\n\n      \n=======================================================================\n\n\n              PREPARED STATEMENTS SUBMITTED FOR THE RECORD\n\n                             March 16, 2011\n\n=======================================================================\n\n      \n      \n    [GRAPHIC] [TIFF OMITTED] T5593.001\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.002\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.036\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.037\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.023\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.024\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.025\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.026\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.027\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.028\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.029\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.030\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.031\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.032\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.033\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.034\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.035\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.003\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.004\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.005\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.006\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.007\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.008\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.009\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.010\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.011\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.012\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.013\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.014\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.015\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.016\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.017\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.018\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.019\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.020\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.021\n    \n    [GRAPHIC] [TIFF OMITTED] T5593.022\n    \n?\n\n      \n=======================================================================\n\n\n              WITNESS RESPONSES TO QUESTIONS ASKED DURING\n\n                              THE HEARING\n\n                             March 16, 2011\n\n=======================================================================\n\n      \n            RESPONSE TO QUESTION SUBMITTED BY MR. THORNBERRY\n\n    General Alexander. In accordance with the requirements of Section \n934, of the FY11 National Defense Authorization Act, the Office of the \nSecretary of Defense is drafting a report to Congress on the Cyber \nWarfare Policy of the Department of Defense. The department is \ncurrently coordinating the response to that reporting requirement to \nmeet the extended July 1, 2011 report due date. [See page 12.]\n                                 ______\n                                 \n             RESPONSE TO QUESTION SUBMITTED BY MR. JOHNSON\n    Dr. Miller. [The information referred to is classified and retained \nin the subcommittee files.] [See page 24.]\n?\n\n      \n=======================================================================\n\n\n              QUESTIONS SUBMITTED BY MEMBERS POST HEARING\n\n                             March 16, 2011\n\n=======================================================================\n\n      \n                 QUESTIONS SUBMITTED BY MR. THORNBERRY\n\n    Mr. Thornberry. What is the average cost of a breach in the \nDepartment of Defense for mission critical systems as measured in \neither dollars or degraded mission capability?\n    Dr. Miller. [The information was not available at the time of \nprinting.]\n    Mr. Thornberry. What do you estimate the overall loss for breaches \nis in the DoD or by Military Service element?\n    Dr. Miller. [The information was not available at the time of \nprinting.]\n    Mr. Thornberry. As outlined by the DOD\'s Strategic Management Plan, \nthe DOD currently has a strategic performance goal to protect its IT \ninfrastructure. The key measure of performance to meet that goal is the \npercentage of IT systems that are compliant with certification and \naccreditation processes. Considering the importance of this mission, \nshouldn\'t we have a more robust set of performance measures related to \ncyber? If so, what do you think those additional metrics should be.\n    Dr. Miller. [The information was not available at the time of \nprinting.]\n    Mr. Thornberry. How do Defense Support to Civil Authorities (DSCA) \nauthorities in the DOD work in the realm of cyber?\n    Dr. Miller. [The information was not available at the time of \nprinting.]\n\n    Mr. Thornberry. What progress has U.S. Cyber Command and/or DOD \nmade in developing a lexicon for cyberspace-related terms that can be \nused throughout DOD and across the federal government?\n    General Alexander. Within the DoD, lexicons are strongly linked to \ndoctrine. The Joint Staff J-7 authorized the development of cyberspace \noperations test doctrine, including a proposed cyber lexicon, in \nDecember of 2009. By April 2010, the J-7 published a draft of Joint \nTest Publication (JTP) 3-12, Cyberspace Operations. After an initial \nround of coordination, the Evaluation Draft of JTP 3-12 was released in \nSeptember 2010 to be evaluated for effectiveness by use in exercises \nand operations.\n    Mr. Thornberry. How is U.S. Cyber Command working with the services \nand DOD to ensure that they have the right mix of military, civilian, \nand contractor personnel to conduct cyberspace operations?\n    General Alexander. United States Cyber Command (USCYBERCOM) is a \nkey contributor along with the Office of the Under Secretary of \nDefense, Policy, the Office of the Assistant Secretary of Defense \n(Network and Information Integration) and the Department of Defense \n(DoD) Chief Information Officer, the Services, and other partners \nwithin the DoD Cyber Community of Interest to finalize the Cyber \nWorkforce Development Study in response to the Defense Planning \nProgramming Guidance. The goal of this study is to assess the current \nand future DoD cyber workforce requirements (including DoD civilians, \ncontractors, and active and reserve components). USCYBERCOM\'s focus in \nthis effort is providing information on cyber work roles and training \nrequirements. USCYBERCOM will continue engagement and provide \nrecommendations for recruiting, training, and retaining the cyberspace \nworkforce and associated resourcing requirements for implementation.\n    Mr. Thornberry. How do Defense Support to Civil Authorities (DSCA) \nauthorities in the DOD work in the realm of cyber?\n    General Alexander. Consistent with the authorities granted in \nDepartment of Defense (DoD) Directive 3025.dd, United States Cyber \nCommand (USCYBERCOM) may provide Defense Support to Civil Authorities \n(DSCA) assistance as directed by the President or Secretary of Defense \n(SECDEF).\n    USCYBERCOM works closely with US Strategic Command and US Northern \nCommand to answer any routine Requests for Assistance (RFA) from the \nDepartment of Homeland Security (DHS). A 26 Sept 2010 memorandum signed \njointly by the Secretaries of Homeland Security and Defense solidified \nthe support relationship between DoD and DHS making collaboration \nbetween the two departments official policy. It encourages information \nsharing and mutual support.\n    USCYBERCOM assistance may be technical assistance or \nrecommendations for immediate defensive actions; similarly, they might \nentail recommendations for more systemic mitigation, such as \nimprovements in network configurations and improvements in information \nassurance measures or best practices. Additionally, USCYBERCOM \ncontinually assesses the cyber threat to DoD\'s military networks and \ninformation systems to ensure we are prepared to provide support to \ncivil authorities in the event of a cyber threat to the nation\'s \ncritical infrastructure. If a major cyber event struck the nation, \nhowever, SECDEF would determine the most appropriate combatant command \nto lead the DSCA effort.\n    Mr. Thornberry. DHS recently tested something called the National \nCyber Incident Response Plan as part of CyberStorm III. Do you have any \ninsight into how effective that plan was during the exercise? What \nshould the interagency community, including DOD and the Intelligence \nCommunity, take from that plan?\n    General Alexander. [The information referred to is classified and \nretained in the subcommittee files.]\n    Mr. Thornberry. What transition pathway courses of action do you \nenvision for the DARPA National Cyber Range (NCR)? What role do you \nenvision for CYBERCOM in that transition process?\n    General Alexander. United States Cyber Command (USCYBERCOM) \nconsiders the National Cyber Range (NCR) as the prototype development \nportion to the larger Cyber Range Environment (CRE) initiative. DARPA \nis the NCR lead with prototype completion projected for mid-/late-FY12. \nTransition funding for FY13 and out-year sustainment are undetermined \nat this time.\n    Currently, there are three possible courses of action:\n    1) Once NCR prototype development is completed in FY12, provide \nadequate transition and sustainment funding and advocate integration \ninto the larger CRE ``whole of government\'\' range that Department of \nHomeland Security (DHS), Industry and Department of Defense (DoD) could \nuse for operational training and experimentation and testing of future \ntechnical architectures.\n    2) Complete NCR prototype development as scheduled in FY12, and \noperate as a stand-alone range for specific/limited DHS, Industry and \nDoD use for experimentation and testing.\n    3) Complete NCR prototype development, and offer technology/\nsoftware tools to other existing DoD/Federal government ranges for \nreuse/integration without a transition or any sustainment program \nconsiderations.\n    USCYBERCOM\'s sees potential in this prototype effort, and envisions \nour role as providing support/operational expertise to DARPA with \npotential use cases, lessons learned, and possibly assist with \ntechnology transition under whichever course of action is chosen.\n                                 ______\n                                 \n                QUESTION SUBMITTED BY MR. RUPPERSBERGER\n\n    Mr. Ruppersberger. U.S. Cyber Command was stood up at Fort Meade \nand reached full operational capability in the Fall of 2010. What do \nyou expect to be the final footprint of CYBERCOM will be?\n    General Alexander. With regard to the United States Cyber Command \n(USCYBERCOM) personnel footprint, the current planning projections for \nFY11 are approximately 1,404 military, civilian, and contractor \npersonnel. The demographic for the personnel footprint includes 260 \nOfficers, 204 Enlisted, 467 Civilians, 237 Contractors and 236 \nAugmentees. The USCYBERCOM footprint planning projections include space \nto support a ten percent increase in the staffing to support Combatant \nCommands, other government agency liaisons and integrated personnel as \nwell as military reserve support. The National Security Agency (NSA) \nprovides current facility support through existing owned and leased \nfacilities. FY13 begins the military construction (MILCON) of the \nIntegrated Cyber Center (ICC). This FY13 MILCON establishes \nUSCYBERCOM\'s Joint Operations Center (JOC) and will accommodate the \ncommand\'s most critical cyber warriors.\n\n                                  <all>\n\x1a\n</pre><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body></html>\n'