[House Hearing, 112 Congress]
[From the U.S. Government Publishing Office]




                         [H.A.S.C. No. 112-146]
 
                           DIGITAL WARRIORS:

                    IMPROVING MILITARY CAPABILITIES

                          FOR CYBER OPERATIONS

                               __________

                                HEARING

                               BEFORE THE

           SUBCOMMITTEE ON EMERGING THREATS AND CAPABILITIES

                                 OF THE

                      COMMITTEE ON ARMED SERVICES

                        HOUSE OF REPRESENTATIVES

                      ONE HUNDRED TWELFTH CONGRESS

                             SECOND SESSION

                               __________

                              HEARING HELD

                             JULY 25, 2012


                                     
[GRAPHIC] [TIFF OMITTED] TONGRESS.#13

                                     
  


           SUBCOMMITTEE ON EMERGING THREATS AND CAPABILITIES

                    MAC THORNBERRY, Texas, Chairman
JEFF MILLER, Florida                 JAMES R. LANGEVIN, Rhode Island
JOHN KLINE, Minnesota                LORETTA SANCHEZ, California
BILL SHUSTER, Pennsylvania           ROBERT ANDREWS, New Jersey
K. MICHAEL CONAWAY, Texas            SUSAN A. DAVIS, California
CHRIS GIBSON, New York               TIM RYAN, Ohio
BOBBY SCHILLING, Illinois            HANK JOHNSON, Georgia
ALLEN B. WEST, Florida               KATHLEEN C. HOCHUL, New York
TRENT FRANKS, Arizona                RON BARBER, Arizona
DUNCAN HUNTER, California
                 Kevin Gates, Professional Staff Member
                 Mark Lewis, Professional Staff Member
                      James Mazol, Staff Assistant
                            C O N T E N T S

                              ----------                              

                     CHRONOLOGICAL LIST OF HEARINGS
                                  2012

                                                                   Page

Hearing:

Wednesday, July 25, 2012, Digital Warriors: Improving Military 
  Capabilities for Cyber Operations..............................     1

Appendix:

Wednesday, July 25, 2012.........................................    33
                              ----------                              

                        WEDNESDAY, JULY 25, 2012
 DIGITAL WARRIORS: IMPROVING MILITARY CAPABILITIES FOR CYBER OPERATIONS
              STATEMENTS PRESENTED BY MEMBERS OF CONGRESS

Langevin, Hon. James R., a Representative from Rhode Island, 
  Ranking Member, Subcommittee on Emerging Threats and 
  Capabilities...................................................     1
Thornberry, Hon. Mac, a Representative from Texas, Chairman, 
  Subcommittee on Emerging Threats and Capabilities..............     1

                               WITNESSES

Hernandez, LTG Rhett A., USA, Commander, U.S. Army Cyber Command, 
  U.S. Army......................................................     3
Mills, LtGen Richard P., USMC, Deputy Commandant, Combat 
  Development and Integration, and Commanding General, USMC 
  Combat Development Command, U.S. Marine Corps..................     6
Rogers, VADM Michael S., USN, Commander, U.S. Fleet Cyber 
  Command, and Commander, U.S. Tenth Fleet, U.S. Navy............     4
Vautrinot, Maj Gen Suzanne M., USAF, Commander, 24th Air Force, 
  and Commander, Air Force Network Operations, U.S. Air Force....     7

                                APPENDIX

Prepared Statements:

    Hernandez, LTG Rhett A.......................................    40
    Langevin, Hon. James R.......................................    38
    Mills, LtGen Richard P.......................................    62
    Rogers, VADM Michael S.......................................    51
    Thornberry, Hon. Mac.........................................    37
    Vautrinot, Maj Gen Suzanne M.................................    69

Documents Submitted for the Record:

    [There were no Documents submitted.]

Witness Responses to Questions Asked During the Hearing:

    [There were no Questions submitted during the hearing.]

Questions Submitted by Members Post Hearing:

    Mr. Conaway..................................................   104
    Mr. Franks...................................................   103
    Mr. Langevin.................................................    94
    Mr. Thornberry...............................................    89
 DIGITAL WARRIORS: IMPROVING MILITARY CAPABILITIES FOR CYBER OPERATIONS

                              ----------                              

                  House of Representatives,
                       Committee on Armed Services,
         Subcommittee on Emerging Threats and Capabilities,
                          Washington, DC, Wednesday, July 25, 2012.
    The subcommittee met, pursuant to call, at 3:35 p.m. in 
room 2119, Rayburn House Office Building, Hon. Mac Thornberry 
(chairman of the subcommittee) presiding.

OPENING STATEMENT OF HON. MAC THORNBERRY, A REPRESENTATIVE FROM 
     TEXAS, CHAIRMAN, SUBCOMMITTEE ON EMERGING THREATS AND 
                          CAPABILITIES

    Mr. Thornberry. The subcommittee will come to order.
    We welcome our witnesses, guests, and members to this 
hearing in the Emerging Threats and Capabilities Subcommittee 
on ``Digital Warriors: Improving Military Capabilities in the 
Cyber Domain.''
    There is widespread agreement that cyberspace is now a 
domain of warfare, and many people regard it as the most 
difficult, perplexing national security challenge we face. 
Certainly the laws, policies, and organizations have not kept 
pace with the evolution of technology. But if cyberspace is 
important to our country's security and if it is a domain of 
warfare, our military services, on whom we rely to protect and 
defend us, must be prepared to operate in cyberspace as well. 
That preparation involves a number of issues, including 
organizational structure, recruitment and retention of 
qualified personnel, training, rapid acquisition, among others; 
and it is those issues which we want to examine in today's 
hearing.
    Before turning to our witnesses, let me yield to the 
ranking member, Mr. Langevin, for any comments he would like to 
make.
    [The prepared statement of Mr. Thornberry can be found in 
the Appendix on page 37.]

  STATEMENT OF HON. JAMES R. LANGEVIN, A REPRESENTATIVE FROM 
RHODE ISLAND, RANKING MEMBER, SUBCOMMITTEE ON EMERGING THREATS 
                        AND CAPABILITIES

    Mr. Langevin. Thank you, Mr. Chairman.
    I want to thank our witnesses for appearing here today. It 
is a pleasure to see all of you again and to have you join us 
for what I believe is going to be a critically important 
hearing.
    I agree with the chairman. There is no more critical task 
in today's environment than safeguarding the Department of 
Defense's networks. The cyber domain, as we all know, has 
become an integral part of every action DOD [Department of 
Defense] undertakes, whether offensive or defensive. And as 
operating environments grow ever more complex, we need joint 
forces that are manned, trained, and equipped to conduct the 
full spectrum of operations in support of, and in some cases 
supported by, what we think of as traditional military forces.
    The Congress and the country as a whole have been 
struggling with what cybersecurity means to us as a Nation. We 
are grappling with how to protect our systems and our privacy 
at the same time, and I am proud to be a part of that robust 
discussion. I have held drafts of legislation and cosponsored 
others, and now it looks as if something actually may be moving 
over in the Senate, which I am pleased to hear. Let's hope so.
    And I hope that today we will hear your thoughts on what 
sorts of additional authorities you may need and how the 
proposed legislation may or may not affect those needs, as well 
as your thoughts on the delegation of authorities within the 
executive branch. Most importantly, I hope that we hear about 
how you are finding and retaining the sort of people that you 
need today and in the future and being able to hold onto them.
    This, I believe, is the fundamental challenge that faces 
all of us. It is often said that the root strength of our 
military is the quality of our people, and nowhere is that more 
true than in your organizations.
    As you think about growing your forces, what thought have 
you given to where the people are going to come from? How will 
you keep them, promote them, educate them, and continue to 
challenge them even when outside organizations are keen to lure 
people with those skill sets away to the private sector? And I 
know some of you are probably already facing that dilemma right 
now.
    So, lastly, I need to take a minute to talk about a topic 
that would be irresponsible to avoid. We all know that we are 
facing significant fiscal challenges in the coming years, even 
without the threat of sequestration looming. So cyber-related 
activities are faring reasonably well so far, but nothing is 
immune, and even noncyber-specific cuts could have an impact on 
your commands as personnel resources are reduced or research 
and development funding are decreased. Those are just two 
examples.
    So as you look ahead, how do you factor in the possibility 
of even more austere fiscal environments? This is a tough 
question but one that I believe we have to face in order to 
responsibly address the complex challenges in the future.
    So, with that, I want to thank you again for being here.
    Mr. Chairman, thank you for holding this hearing. I know 
your commitment to the issue of cybersecurity. And I enjoy 
working with you and appreciate your organizing this hearing 
today.
    I yield back.
    [The prepared statement of Mr. Langevin can be found in the 
Appendix on page 38.]
    Mr. Thornberry. I thank the gentleman, and I share his 
cautious optimism that the Senate may actually pass something. 
We will see.
    Again, let me welcome our witnesses. We have before us 
Lieutenant General Rhett Hernandez, Commander, U.S. Army Cyber 
Command; Vice Admiral Michael S. Rogers, Commander, U.S. Fleet 
Cyber Command, and Commander, U.S. Tenth Fleet--I made that as 
hard as possible to say--Lieutenant General Richard P. Mills, 
Deputy Commandant, Combat Development and Integration, and 
Commanding General, U.S. Marine Corps Combat Development 
Command; and Major General Suzanne Vautrinot, Commander, 24th 
Air Force, and Commander, Air Force Network Operations.
    You all have significant titles. I suspect the 
responsibility and the challenge is commensurate with the 
length of the titles.
    Thank you for being here. Without objection, your full 
written testimony will be made a part of the record. We would 
appreciate if you can summarize your comments for us today.
    General Hernandez.

STATEMENT OF LTG RHETT A. HERNANDEZ, USA, COMMANDER, U.S. ARMY 
                    CYBER COMMAND, U.S. ARMY

    General Hernandez. Thank you, Congressman.
    Chairman Thornberry, Ranking Member Langevin, and 
distinguished members of the subcommittee, thank you for your 
support and for the opportunity to appear before you today. I 
am pleased to be here with my fellow Service component 
commanders, and I am honored to represent the Army soldiers and 
civilians. Their great work enables our Army's ability to 
operate every day and adds to our Nation's security. I am proud 
to serve with them and really amazed at what they have 
accomplished since October 2010.
    The Command has been hard at work increasing Army capacity 
and capability, defending all Army networks, and conducting 
cyberspace operations in support of U.S. Cyber Command. We all 
know the cyber threats are real, growing, sophisticated, and 
evolving. Today, a wide range of actors are capable of 
exploitation and disruption of our networks, with a growing 
potential for destructive capabilities tomorrow. And all of 
this could impact our freedom to operate.
    To meet these threats, Army Cyber Command and its 
supporting units are engaged daily in conducting cyberspace 
operations critical to the Department of Defense, Cyber 
Command, and Army missions. Our work is guided by the 
Department of Defense's strategy for operating in cyberspace; 
and the Command helps prevent conflict by maintaining 
credibility based on capacity, readiness, and modernization. It 
helps shape the environment by sustaining strong relationships 
with our military allies in other nations and builds their 
capacity and capability and, when required, supports winning 
decisively, with the Army's operational level force organized 
to conduct cyberspace operations, and daily we provide trained 
and ready forces to Cyber Command in support of their mission.
    We have completed a wide range of work and continue to 
pursue other initiatives to train, organize, and equip the Army 
to conduct operations in cyberspace. Strong training, leader 
development, and education programs are essential to conducting 
cyberspace operations. We have established a world-class, 
cyber-opposing force that provides realistic training, 
requiring commanders to defend and operate in a contested and 
degraded cyberspace environment.
    We continue to deploy dedicated information operations and 
cyberspace capabilities to Army and joint forces, and we are 
supporting combatant command cyber support elements, while 
providing expeditionary cyber support elements to commanders 
for contingencies and during exercises.
    A significant organizational milestone occurred for the 
Command on 1 December, 2011, when the Army activated its first 
dedicated cyber brigade at Fort Meade. The 780th Military 
Intelligence Brigade is organized to support Cyber Command and 
combatant commanders in their conduct of cyberspace operations.
    The Army has a wide range of capabilities being leveraged 
today to operate and defend as well as support offensive 
operations. We continue to respond to Cyber Command and 
combatant commanders' requirements and have rapidly produced 
capabilities to support missions.
    While technology plays an important role in the cyberspace 
domain, cyber warriors will determine our success. A team of 
cyberspace professionals able to quickly act across a full 
range of mission sets is who will make the difference. We must 
continue to recruit, develop, and retain a skilled professional 
workforce.
    While there is still plenty to do in this new domain, Army 
Cyber Command has made great progress and remains focused on 
providing trained and ready forces able to conduct cyberspace 
operations. We will provide depth and versatility in cyberspace 
to the Joint Force and with our cyberspace capability provide 
options and flexibility for commanders and national 
decisionmakers to ensure the Army remains America's force of 
decisive action and that Army Cyber Command remains second to 
none.
    I want to thank you for inviting me here today. I look 
forward to your questions and our continued relationship and 
would welcome your visit to Army Cyber Command. Thank you.
    [The prepared statement of General Hernandez can be found 
in the Appendix on page 40.]
    Mr. Thornberry. Thank you.
    Admiral.

STATEMENT OF VADM MICHAEL S. ROGERS, USN, COMMANDER, U.S. FLEET 
   CYBER COMMAND, AND COMMANDER, U.S. TENTH FLEET, U.S. NAVY

    Admiral Rogers. Thank you.
    Chairman Thornberry, Ranking Member Langevin, and 
distinguished members of the subcommittee, thank you for 
holding this hearing today and the opportunity to sit shoulder 
to shoulder with my cyber teammates in the other Services.
    As the Navy's Component Commander to U.S. Cyber Command and 
the second echelon command within the Navy subordinate to the 
Chief of Naval Operations, Fleet Cyber Command directs 
cyberspace operations in defense and support of Navy and joint 
forces. The Department and the Navy continue to mature 
cyberspace operations by growing the workforce, exercising the 
processes, and developing the capabilities we need to support 
cyber operations. Our progress has been, and will continue to 
be, guided by the Department's overall strategy for operating 
in cyberspace; and I would like to take this opportunity to 
highlight a few items that I think highlight some of the 
progress as well as some of the challenges we have experienced 
in the last year.
    That progress has been an iterative one, and we continue to 
refine concepts and doctrine, but there are two significant 
achievements I think in the last year that will help us as we 
move our efforts forward.
    First, the approval and implementation of the Transitional 
Command and Control Concept of Operations, which provides the 
Services and the Geographic Combatant Commanders a standard 
baseline for how we are going to execute cyberspace operations 
by documenting the command and control relationships, the 
missions, and the functions that we will be executing.
    Secondly, U.S. Cyber Command's Operational Directive, which 
specifies the standard tasks and mission responsibilities for 
each of the Service components before you today, which will 
provide initial insight into how U.S. Cyber Command intends to 
use us as components, which in turn will provide a foundation 
for how we will generate Navy capacity to support them.
    In addition, the strength of our efforts over the last year 
have been from our workforce, which continues to be a source of 
strength. And, at the same time, the events of the last week 
remind us just how great that workforce is.
    Unfortunately, Fleet Cyber Command and Tenth Fleet suffered 
the loss of a petty officer in Aurora, Colorado, on Friday in a 
movie theater in a way that none of us would have ever 
expected. I had the opportunity to see Petty Officer Larimer's 
family in Chicago over the weekend after the tragedy, and I 
will tell you if we had more Petty Officer Larimers in the 
world, there is no challenge that we couldn't handle. But he is 
symbolic of the broader workforce that we have.
    And, to date, our recruitment, our development, and our 
retention, although it remains a challenge, has in fact 
exceeded our expectations. We hope that is what continues, and 
we are working hard to make sure that is the case.
    We also have taken a hard look over the last year about how 
we are going to train the force of the future, establishing 
summer internships with the Naval Academy and ROTC [Reserve 
Officers' Training Corps] midshipmen with the Navy Cyber 
Warfare Development Group, as well as our cyber defensive 
operations.
    In addition, we have established a cyber warfare engineer 
career field designed to enable direct accessions from recent 
college graduates who bring deep cyber expertise to the table.
    In addition, to develop our sailors and civilians, we have 
developed and begun implementing a tiered cyber training 
strategy that tailors cyber training based on an individual's 
particular roles and responsibilities.
    We have also created a Navy Cyber Manpower 2020 Task Force 
to plan and execute the steps necessary, we believe, that will 
develop a comprehensive near to midterm cyber manpower 
strategy.
    We have also worked hard in the last year to strengthen our 
networks and to reduce our exposure and our vulnerabilities, 
and those efforts continue. We emphasize cross-communication 
between our large network programs, both afloat and ashore; and 
we are actively engaged in developing concepts with the 
Department of a joint information environment which will be 
comprised of information technology infrastructure and 
enterprise services. These investments that we have made in 
network consolidation and deployment of enterprise services 
have already provided us with greater situational awareness of 
our networks, which is a key element of our ability to defend 
them.
    In summary, sir, I would like to close by emphasizing that 
our success to date in the maritime domain and the joint 
operational environment depends on our ability to maintain 
freedom of maneuver and deliver effects within cyberspace. And 
to ensure we maintain our edge, the Navy will continue to drive 
advancements in Navy cyberspace operations guided by the 
initiatives set forth both by the Department and the joint 
commander we support at U.S. Cyber Command.
    I thank you for this opportunity, and I look forward to 
answering any questions you might have. Thank you, sir.
    [The prepared statement of Admiral Rogers can be found in 
the Appendix on page 51.]
    Mr. Thornberry. Thank you.
    General.

 STATEMENT OF LTGEN RICHARD P. MILLS, USMC, DEPUTY COMMANDANT, 
  COMBAT DEVELOPMENT AND INTEGRATION, AND COMMANDING GENERAL, 
       USMC COMBAT DEVELOPMENT COMMAND, U.S. MARINE CORPS

    General Mills. Chairman Thornberry, Ranking Member 
Langevin, Congressman Conaway, it is an honor to appear before 
you today. On behalf of all the marines and their families, I 
want to thank each of you for what you do and your continued 
support in all things military.
    I will keep my comments short, as my written statement has 
been made a part of the official record.
    Protecting cyberspace is a national security priority. Your 
Marine Corps understands that and recognizes that fact. Indeed, 
while Marine Forces Cyber Command is just 3 years old, Marines 
have been conducting cyber operations for well over a decade. 
We clearly understand that cyberspace, the convergence of 
network systems brought about by so many disciplines, is 
absolutely integral to our everyday lives, our national well-
being, and has become a key aspect of today's warfighting. 
Around the world, and particularly in the United States, 
cyberspace is part of all that we do. Smartphones and social 
media, to efficiencies throughout our vast critical 
infrastructure, it all depends on the grid.
    Yet with all these positive advances come risks and 
vulnerabilities. We know that Department of Defense systems are 
attacked millions of times each day. Indeed, the Marine Corps 
Enterprise Network is also attacked hundreds of thousands of 
times each day. The critical infrastructure in the United 
States is highly vulnerable to cyber attack.
    As the Nation's expeditionary force in readiness, the 
Marine Corps is preparing to meet these threats by increasing 
capacity for network operations, by increasing our ability to 
conduct defensive cyber operations, and, when directed, to 
conduct offensive cyber operations. Ensuring the stable cyber 
domain means that we will ensure our stability of our weapons 
systems, our command and control systems, and indeed our 
national industrial assets.
    Today's dynamic global environment demands that the 
maritime forces be flexible and scalable, thus allowing 
operational commanders the ability to configure the sea base to 
optimize the employment of appropriate size and capable forces 
to accomplish a mission, whatever that mission may be, from 
humanitarian assistance to major combat operations. Therefore, 
our cyber operations must be tailored to provide flexibility to 
the Marine Corps, to the Joint Force, and indeed to the Nation. 
We need to meet emerging missions, enhancing the requirements 
to support distributed operations today.
    Since my predecessor, Lieutenant General George Flynn, 
testified before this committee some 2 years ago, the Marine 
Corps has made great strides in expanding the capability and 
capacity of Marine Forces Cyber Command. We have increased its 
workforce as well as our cyber-related Military Occupational 
Specialties. In the future, we plan to increase our cyber 
workforce by approximately 700 marines and civilian marines 
through fiscal year 2016. I am very proud of our cyber marines 
and our civilian marines. They work diligently every day to 
defend and protect our cyber domain.
    In addition to the progress we have made in developing our 
cyber workforce, we have made great strides in securing our 
network architecture. The Marine Corps has already standardized 
its security boundary architecture through its implementation 
of the Marine Corps Enterprise Network, and we are working with 
the Joint Information Environment framework to comply with 
developing shared security architectural standards. Indeed, as 
we assume full control over our network transport and 
enterprise services, we will collapse our remaining legacy 
networks, which will then reduce our management footprint and 
our costs, while achieving greater compliance and consistency, 
again throughout the Marine Corps Enterprise Network.
    We are taking a very deliberate and joint approach to cyber 
requirements. We continually strive for the right balance in 
supporting the requirements of both U.S. Cyber Command and our 
own Service requirements.
    Gentlemen, I appreciate the opportunity to discuss this 
important project, and I look forward to our questions.
    Thank you.
    [The prepared statement of General Mills can be found in 
the Appendix on page 62.]
    Mr. Thornberry. Thank you.
    General.

  STATEMENT OF MAJ GEN SUZANNE M. VAUTRINOT, USAF, COMMANDER, 
 24TH AIR FORCE, AND COMMANDER, AIR FORCE NETWORK OPERATIONS, 
                         U.S. AIR FORCE

    General Vautrinot. General Thornberry, Ranking Member 
Langevin, Congressman Conaway, and distinguished members of the 
subcommittee, thank you for the opportunity to represent the 
exceptional men and women of Air Forces Cyber before this 
panel. It is an honor to appear before you alongside my Service 
counterparts and to share our progress in responding to U.S. 
Cyber Command and our Nation's mission requirements.
    In Air Forces Cyber, through continued support from General 
Shelton at Air Force Space Command and General Alexander at 
U.S. Cyber Command, we have made great strides towards 
normalizing and operationalizing cyber capabilities to match 
the rigor and discipline of its air and space counterparts. I 
have been privileged to witness firsthand cyber airmen 
fulfilling our commitment, the commitment we pledged to you 2 
years ago, to provide global vigilance, reach, and power by 
doing what airmen do best, innovate. This culture of innovation 
is foundational and has been vital to overcoming the myriad of 
challenges associated with conducting cyber missions. I would 
like to share a few examples of this culture in action.
    In addition to the remotely piloted aircraft mission 
assurance, which I described in my written remarks, we have 
also collaborated with U.S. Transportation Command and employed 
our specialized U.S. cyber teams to search within the .mil 
networks to assure the mission by proactively discovering 
vulnerabilities before they can be exploited. General Fraser's 
Command worked with our teams inside the tanker airlift control 
center to initially map that mission network to the 
architecture. Then, in phase two, the operators proactively 
searched for the network and leveraged capabilities to 
identify, pursue, and mitigate threats impacting the critical 
system interfaces that are essential to mission success, an 
activity in the military which we seek to support in defense of 
the Nation.
    For mission assurance, a combatant command's prioritized 
defended asset list determines where this focused capability 
will be employed, in effect, the cyber high ground. These teams 
are operational and have been deployed to protect against 
adversaries' actions per Cyber Command tasking.
    Mission capabilities and applications are critical, but 
increasing the capacity to expand those capabilities in support 
of joint operators is just as important. I recently attended a 
graduation ceremony at Hurlburt Field, Florida, where our 
Intermediate Network Warfare Training course, which is our 
schoolhouse for a wide range of cyber operators and one of ten 
in-residence and seven online courses, graduating over 7,000 
students a year. As a result of this course, young cyber 
warriors like Lieutenants Andrew Cook and Stephanie Stanford 
are now experts in their field and carry unique certifications 
that only 6,800 people in the world have attained.
    Operationalizing cyber training and certification, our 
commitment 2 years ago, a reality today. Likewise, high school 
and college students around the country have been exposed to 
science, technology, engineering, and mathematics through 
successful programs such as Cyber Foundations, the Air Force 
Association's CyberPatriot initiative, as well as the National 
Collegiate Cyber Defense Competition. These programs have been 
truly groundbreaking in that they get our next generation of 
cyber professionals excited about and committed to a cyber 
career. These professionals are key to U.S. Cyber Command's 
mission and the Nation's defense.
    We grieve the loss of one of those cyber warriors, Staff 
Sergeant Jesse Childress, in the Aurora shooting; and we join 
our sister Service, Fleet Cyber, in grieving the loss of Petty 
Officer Larimer. We are grateful for their service.
    Having new capabilities and expanding capacity, along with 
academic, industrial, interagency, and international 
collaboration is what will move this Nation forward and make 
Jesse and John proud.
    Air Forces Cyber has improved our collaboration with our 
sister Services, other government agencies, academic and 
industry partners to share situational awareness and increase 
capabilities and capacity, which is the first essential step 
towards transitioning to a more predictive and proactive 
defense. From across the Air Force, we have synchronized 
materiel command acquisition and engineering professionals, 
research lab and test specialists, and 24th Air Force's real-
time cyber development expertise to establish a Center for 
Cyber Innovation in Texas, with a goal of rapidly fielding 
critical cyber capabilities.
    General Alexander lists this capability as a top priority 
in his May 2012, Operations Directive, and it was something you 
requested in section 933 of last year's National Defense 
Authorization Act. As a result, Air Forces Cyber executes U.S. 
Cyber Command mission guidance by effectively supporting every 
combatant command, providing full spectrum cyber operations.
    I am extremely proud to play a part, as our airmen play, in 
defending the Nation in cyberspace at the speed of cyber. For 
me as an airman, that is Mach 880,000. Offensive, defensive, 
and enterprise services are inextricably connected in this 
domain. We all rely on cyber to be there. We have a personal 
interest, a corporate interest, and a national security 
interest in making sure it remains available for all our use, 
while denying our adversaries' ability to use it against us. We 
have made great advances and will continue do so. That is our 
innovative culture as airmen, our obligation to General 
Alexander.
    Thank you for your continued support for this vital 
mission, and I look forward to answering your questions.
    [The prepared statement of General Vautrinot can be found 
in the Appendix on page 69.]
    Mr. Thornberry. Thank you, and I appreciate all of your 
statements.
    And I particularly appreciate, General, you and the Admiral 
mentioning the loss in Colorado. It is a specific reminder to 
us all about the tremendous potential of those lives that were 
tragically cut short by that event.
    Let me just ask one question and then yield to my 
colleagues for their questions.
    The ranking member mentioned sequestration. Obviously, it 
is near the top of our minds in all we do in this committee and 
around Congress. If there were to be sequestration, you know, 
just say on the order of 10 percent, what would that mean for 
the programs that you are responsible for?
    If we could just go down the line briefly.
    General Hernandez.
    General Hernandez. Congressman, thank you.
    Clearly, with sequestration no part of the Army would go 
untouched. So we are not planning for it. And I would say, to 
Congressman Langevin's point, if we were to invest in areas 
that had to stay for us, it would have to be the people. We 
have all talked about the significance of the workforce and 
training, recruiting, developing, retaining that workforce.
    And the second piece would be that we ensure that we invest 
in the right S&T [Science and Technology] that allows us to 
really capture the requirements for the future in this domain.
    Mr. Thornberry. I am sorry--10 to 15 percent in the first 
year alone. Obviously, if sequestration--we are talking about 
that year after year after year. And, you know, again, I am 
just kind of thinking about the first year.
    Go ahead.
    Admiral Rogers. Well, I believe we are all in the same boat 
in the sense that the Department has done no planning or 
provided no guidance; and under the terms of the sequestration, 
it would be implemented across the Federal Government.
    I think my concern as a commander, not having delved into 
the specifics, is if we lose the ability to prioritize, if we 
are going to take cuts that are just done indiscriminately--and 
I don't mean that to be pejorative--but if we are going to take 
cuts indiscriminately across the board, as an operational 
commander, if we lose the ability to prioritize, if we lose the 
ability to attempt to identify what are the core capabilities 
that we want to make sure that we continue to fund at 
consistent levels, that concerns me.
    Mr. Thornberry. Well, that is the way it is. It is every 
program, project, activity cut in an equal amount. So what we 
are trying to get is, okay, what does that mean for cyber, an 
area that is so dynamic, that, as Mr. Langevin said, has 
actually been growing in recent years?
    General.
    General Mills. Sir, again, the impact across the Marine 
Corps would be significant in readiness, in manning levels, and 
in our ability to train and to exercise our forces. I think 
probably the impact on Marine Forces Cyber and probably all 
cyber programs would be disproportionate because of the speed 
with which we have to acquire new equipment and new software. 
So I see it as having a significant impact across the board and 
I think a disproportionate impact within the world of cyber.
    General Vautrinot. Chairman Thornberry, it would be 
devastating. The strategy that has been provided by the 
Department to move us forward in cyberspace and the vision 
provided by General Alexander rests on future acquisitions, on 
future changes; and I believe that under sequestration those 
would not be realized.
    In addition, those advancements that we have made over the 
last years, as each of our commands stood up, requires 
sustainment; and those sustainment levels have not been created 
and stabilized. And so, as we back away from those, I believe 
that we would actually lose ground in this important area and 
in meeting the strategic goals that the Department has outlined 
and in particular my Service has put into its master plan.
    Mr. Thornberry. Mr. Langevin.
    Mr. Langevin. Thank you, Mr. Chairman.
    Thank you again to our witnesses for your testimony today 
and thank you for mentioning the losses in Colorado. Like the 
chairman said, it is important for us to be mindful of their 
service and the loss that we have experienced in Colorado, and 
our thoughts and prayers are with them and their families.
    I appreciate you addressing the issue of sequestrations.
    I can move onto another area. Talking about cyber 
operators, can you tell me for each of you how many cyber 
operators do each of you have? How many more do you need? And 
where will you get them from? And how will you recruit and 
retain them?
    The issue of retention is going to be a big challenge going 
forward, as identified. I know the private sector is always 
looking to recruit from the military and to retain them. So we 
have got a challenge on our hands to retain them.
    How many do you have? And if you need to get back to us for 
the record, that is fine. But if you do happen to have those 
numbers, that would be helpful.
    General, should we just start with you and go right down 
the line?
    General Hernandez. Congressman, let me start with a larger 
number that we believe are engaged in conducting the full range 
of cyberspace operations every day, which runs the three lines 
of operation consistent with Cyber Command for operate, defend, 
and offense. Of those organizations that are either assigned or 
under the operational control of Army Cyber at this point, we 
have about 11,000. Of that number, the predominant number is 
focused every day on operating and defending our network.
    The standing up of the cyber brigade really is the brigade 
that brings the capability to conduct SIGINT [Signals 
Intelligence] operations, defensive operations, and, when 
ready, capable of conducting offensive operations. That brigade 
will be about 1,200 when we are done training that brigade. 
Because it is a long investment in training for that skill set, 
and I don't know what the total requirement is yet. I think 
that is really a part of the larger requirement with respect to 
how we are going to operate in cyberspace, what the roles and 
responsibilities will be. But we I think have a pretty good 
head start in that. Now it is a matter of how we leverage the 
skills that we have and retain those skills to do the missions 
that we have been assigned.
    Mr. Langevin. Have you thought about, too, about the 
retention aspect of it? Clearly, if people know that these are 
promotable skills and we can move them up the chain, they can 
have a place within your--they are in for the long haul, they 
are more likely to stay.
    General Hernandez. I think we have learned some really 
significant lessons as we recruited this cyber brigade. And we 
did a lot of things that were important in recruiting that are 
tied to how you assess, how you provide the right incentives to 
bring them in, through questionnaires, through interviews, 
through specific targeting of universities and different 
programs that we try to bring the skill set that not only had a 
desire to do this but they had a propensity for this hard work. 
And through a combination of bonuses and incentives, we are 
doing pretty good in bringing them in.
    I think our most significant piece that we are learning is 
that the pool is not very deep, as you talked about earlier, 
and our development will have to be continuous. So we have 
adjusted development programs for them. And the incentives to 
retain them will have to be targeted. As we have done in the 
past, we will have to continue to do.
    Mr. Langevin. Thank you.
    Admiral.
    Admiral Rogers. Sir, within the Fleet Cyber Command arena, 
there is approximately 14,000 within our workforce focused on 
cyber operations, whether it is operating the networks, 
defending them, or looking at the offensive applications of the 
networks. The greater majority of those, probably something on 
the order of 75 percent, are associated with the operations of 
the networks; and the remainder are pretty evenly split between 
the offensive and the defensive side.
    In terms of where do I think the number is going to grow in 
the future, clearly, I don't think we know yet what the 
ultimate end state in all this is going to be, other than I 
think we see some form of continued, measured growth.
    When I say ``measured''--because I think part of the 
challenge is, with 75 percent of our workforce oriented on 
actually operating the networks day to day, that is a 
percentage that, from my perspective, is totally out of whack. 
It is a reflection of an architecture and approach to networks 
that I think is very dated. As we shift into the cloud and we 
go forward across the Department in a Joint Information 
Environment, I view that as an opportunity to harvest the 
savings of those operators, if you will, and invest them as the 
seed corn for the cyber workforce in the future, to invest them 
in the defensive and the offensive side.
    In terms of our ability to retain those men and women, to 
be honest, we have exceeded my expectations. As a person who 
has been doing this for about 10 years in one form or another 
now, I can well remember one of my concerns early on as I 
became involved in this mission set was how are we going to 
retain these men and women? I think the thing that has 
surprised me the most and heartens me the most and what I 
ascribe to that retention is the fact that increasingly these 
men and women view themselves as warriors, and that is the 
paradigm and the prism they use as they assess themselves and 
they think about their future.
    And that is one distinct advantage I think for us in 
uniform. While our civilian counterparts offer many 
opportunities and, arguably, advantage, the one area that they 
don't offer is the ability to be a warrior. And the workforce 
really seems to crystalize around that idea. As well as the 
broader Navy as a whole is very energized by the mission set, 
has great respect for its cyber partners, and goes out of its 
way to highlight to its cyber partners how well positioned they 
think they are for the future. And the workforce really 
responds well to that.
    Mr. Langevin. Excellent. Thank you.
    General Mills.
    General Mills. Sir, we draw our cyber warriors throughout 
the Marine Corps. We consider every marine a cyber warrior, and 
we have instituted training packages within our Professional 
Military Education to enable them to understand what cyber 
warfare is and how to utilize it.
    Specifically, those that are directed to support Cyber 
Command we are going to grow to about 700 over the next few 
years, as I said in my opening statement. We draw mainly from 
three fields--communications, intelligence, and signals 
intelligence--to source those warriors.
    Of note is that as the Marine Corps lowers its end strength 
over the next few years as the war in Afghanistan winds down, 
cyber is one of the communities that will in fact grow despite 
the fiscal challenges that we face in the coming years.
    Currently, we are increasing our marines that are involved 
in the direct support to Cyber Command, conducting offensive 
cyber operations. We are also growing a company that will be 
directed to support our deploying MAGTFs [Marine Air Ground 
Task Forces] as they go forward deployed aboard Navy shipping 
and look to crisis spots throughout the world. Those warriors 
are really a mixture of Active Duty marines, also reservists on 
Active Duty who support us, mainly within my headquarters 
outside Fort Meade, and, of course, civilian contractors that 
we have been able to identify to fill a need.
    We intend to recruit, as we always have, the best-qualified 
young marines that we can find and then to ID those that may 
have talent and interest within the cyber area and then to 
train them adequately so they can move forward to do their job.
    Like the other members up here on the board, we have not 
had any trouble at this point in retention. I think that will 
depend somewhat, obviously, on what the conditions are outside 
the Services in the years to come. But at this point we have 
not had a problem retaining our fine young cyber warriors.
    Mr. Langevin. Thank you, General Mills.
    General Vautrinot.
    General Vautrinot. Mr. Chairman, as General Mills pointed 
out, we have cyber expertise that is applied in our 
acquisition, our engineering, our testing environments. In our 
operational environment that is Air Forces Cyber and in the 
component that supports U.S. Cyber Command there are 17,000 
great professionals. About 11,000 of those are Guard and 
Reserve for our total force, and some of those are being 
repurposed in order to expand on the capabilities that they 
have to better serve this great domain.
    From the standpoint of that operation, it also leverages 
within the Air Force our Air Force ISR agency: Intelligence, 
Surveillance, and Reconnaissance; and I have the great 
privilege of borrowing from Major General Bob Otto's folks, 945 
of them, that are in direct support of Air Forces Cyber 
operations in support of the missions every day.
    The creation of the career fields, as mentioned by Admiral 
Rogers, was similar in the Air Force. Several years ago, we 
created a cyber operations career in the officer as well as the 
enlisted ranks. And the one, Bravo 4, is continuing to expand 
in our enlisted ranks, and we welcome them aboard with special 
expertise.
    That special expertise goes across the training they 
receive at baseline, which is far, far more unique and 
applicable to this domain. And then the follow-on courses, as I 
mentioned in the statement, 10 courses within the Air Force 
that are resident, seven that are nonresident, many of those 
supported by our Guard and Reserve counterparts. And then, in 
addition, those courses, many of them now open to our Service 
counterparts. Also, the joint courses that are provided by the 
Department, five different planning and specialty application 
courses that these folks are able to attend.
    We are also working towards tactics, techniques, and 
procedures that apply that knowledge not just as cyber 
expertise but cyber expertise applied to operational 
applications in every domain. And the expansion of those TTPs 
[tactics, techniques, and procedures] is what allows us to 
operationalize this career field and this domain.
    The last question was recruiting and retention. I am 
fortunate to be part of a Service that recruits to retain; and 
we have been privileged to have any number of folks that come 
in not just to gain that expertise, which is oftentimes the 
initiation, but they want to serve the Nation. Now they have 
the advantage of serving the Nation with extraordinary 
capabilities that are often not available in industry. And we 
find that the ability to serve, coupled with those 
extraordinary capabilities, is a retention factor, and it is a 
factor in our advantage.
    Mr. Langevin. Very good.
    Thank you. I yield back.
    Mr. Thornberry. Mr. Conaway.
    Mr. Conaway. Well, thank you, Chairman.
    And, folks, thanks to you all for being here.
    Staying with the personnel theme, the typical cyber 
warrior, you don't think of them in the traditional warrior 
category. They need to be a lightning-fast typer and really be 
able to think and those kinds of things.
    In terms of recruiting and targeting the folks you need, I 
am assuming that everybody you are talking about goes through 
the exact same basic training, the officer candidate school, 
all the regular entry-level schools that everybody else does. 
Is that a barrier to getting folks that you really want? In 
other words, do you ever foresee a point where they will need 
those kinds of skills to continue to conduct cyber warfare 
versus a group that might not be the prototypical marine or 
airman or sailor or soldier that would need to shoot real 
straight and be able to be physically very sound and 
aggressive?
    General Mills. Sir, I will take the first whack at that and 
say that our cyber warriors are marines first, will always be 
marines first. They will undergo the same training that every 
marine undergoes, whether officer or enlisted, and will be 
promoted and trained within the Marine Corps system. I don't 
see a problem there, sir.
    Admiral Rogers. For us on the Navy side, we are clearly 
concerned about that phenomenon. We created a few niche 
programs, if you will, to allow people with kind of 
unconventional backgrounds to come into the field. Those 
numbers are fairly small.
    One of the thoughts in my mind is, over time, as our 
capacity grows, does it overgrow our ability to assess people 
in the kind of traditional models, if you will, that we tend to 
do now? It is something that we pay great attention to, and I 
am always looking in my mind when do we get to that critical 
typical tipping point where the conventional mechanisms just 
aren't going to be there for us? We are not there yet. I don't 
see us getting there in the immediate near term, but it is 
something I watch for, because I am concerned about it in the 
future.
    Mr. Conaway. General Hernandez.
    General Hernandez. Thank you, Congressman.
    I would add, as the Marines have said, that we have not 
seen that as a barrier to entry. In fact, I think this idea of 
cyber warrior is critical, because they see themselves as 
warriors.
    I have consistently said that in a way there are some 
characteristics or values that we all have to have, and in this 
domain there might be a few that we would add a little more 
emphasis to. So we have talked about a professional team of 
elite that we will have to really work our way through how we 
select them, train them, develop, and retain them. Trusted. 
Because I believe in this domain if you want to be able to gain 
the authorities to do the missions that you want to do you have 
to have trust. Discipline to do what it is that you can count 
on the person in cyberspace, as you would a battle buddy on the 
battlefield. And precise. Because collateral damage in this 
domain can be as devastating as any other.
    So those are four values, if you will, that we would add to 
that. I do believe that we are clearly going to have to think 
about how we develop them differently. And the schoolhouse 
domain may not be in fact the same model. And they are learning 
every day because things are changing so frequently that they 
have to keep up, and the challenges need to stay in this 
domain. So they have to get the mission that comes with being a 
cyber warrior. And I believe that the entry will be similar to 
what we are doing now. But we are looking for that special, 
elite group.
    General Vautrinot. Sir, I will echo my comrades. In wearing 
the uniform, there is great pride. There is also great 
responsibility; and the accession programs recognize that 
necessity and leverage that.
    But, in addition, the numbers that I spoke to were our 
officers, our enlisted, our civilians, our contractors, and our 
citizen airmen that come from the Reserve and Guard. And all of 
them have the opportunity for this unique training. And as they 
apply that training, they apply it in defense of the Nation. So 
I think our cyber warriors extend to every one of those 
categories. And certainly the specialized training for those 
that wear the uniform and wear it in harm's way is appropriate 
to someone that you need to depend upon in that regard.
    Mr. Conaway. Thank you, Mr. Chairman.
    Mr. Thornberry. Well, I know you all will continue to watch 
that. Obviously, a little bit of intuitive common sense says 
that we may have to treat some of these folks differently; and 
if it gets to the point where that involves us with some sort 
of different compensation system, some sort of special carve-
out or something, I would want you to let us know. Because it 
just seems on the face of it that as we go by and, as you said, 
as we expand and so forth, that we may have to not treat some 
of these folks the way we always treat everybody else. So I 
think we will all be interested in that comment.
    Mr. Barber.
    Mr. Barber. No questions.
    Mr. Thornberry. You have no questions?
    Let me--I don't know. Maybe these questions are a little 
bit more suited for General Alexander, and maybe they are just 
dumb questions, but let me give it a shot.
    I understand that each of you all are responsible for your 
Service's networks. Okay. But in thinking about supporting a 
joint operation of some kind, whether it is a physical 
operation that you are supporting or strictly as a cyber 
operation, how do you decide who does what? Because it seems to 
me that there is no particular benefit from one Service to the 
next, no natural sort of inclination. So is it going to work 
where Cyber Command says, okay, the Army is going to take care 
of this target set and the Navy is going to take care of this 
target set and kind of assign responsibilities? Or does Cyber 
Command say, okay, we will take four Air Force people, a 
marine, three sailors, and so forth. You all send them up to 
Cyber Command, and we will set them next to each other and we 
will tell them what to do. How does the Service component fit 
into that kind of national mission I guess is kind of what I am 
wondering.
    Whoever wants to help me.
    General Hernandez. That is a great question, Congressman. 
In fact, we are all working through that right now with Cyber 
Command; and, really, there are several different layers that 
we have to work through.
    The first piece is how do we provide value and resources 
and forces to a national mission, which is part of what General 
Alexander has, and what is our requirement for that? And then, 
second, what do we do with our Title 10 role to provide trained 
and ready forces to him for his Cyber Command mission? And the 
third piece is for us to support Geographic Combatant 
Commanders and in the Army's way also to be able to support 
tactical and operational commanders that are supporting 
Geographical Combatant Commanders. So we really have to nest 
that strategy from the top to the bottom of who is going to do 
what requirements.
    I think we all believe that over time a couple things are 
essential. One is that is going to become more joint in most 
cases. Certainly the training and the standards that our cyber 
warriors will need will need to be joint so that you can count 
on them being able to interact with joint teams.
    The second piece I think is the Joint Information 
Environment that we have all talked a little bit about and the 
need to get to that operational warfighting platform that 
allows us to really have an operational network that we can 
defend off of in a joint way. Because, after that, it will be 
coalition operations. As well as an infrastructure that we can 
conduct cyberspace operations off of. So I believe that work is 
ongoing, and it is going to have to be nested from the top to 
the bottom.
    The last piece he has given us is a hard look at some 
functional requirements, what we might do for specific 
capabilities, command and control, IADS [Integrated Air Defense 
Systems], and those types of functional looks at how we might 
ensure that we are providing that capability as a force, as 
opposed to duplication of effort or worrying about 
deconflicting it too late because you have invested resources 
that might not have been done that way. So we are working on 
all of that together.
    Admiral Rogers. Sir, from my perspective, this is an issue 
we have spent a good deal of time working collaboratively with 
each other and with U.S. Cyber Command on to address so how are 
we going to apply the capacity and the capability that we are 
each generating.
    I will speak for the Navy, but I think it is fairly common 
for all of us. We provide capabilities both within our Service 
but, at the same time, as U.S. Cyber Command's Naval component, 
or Navy component, my comment to him was, sir, we need to 
generate capacity and capability for you in a way that does 
this in an integrated fashion; and if we are each going to act 
on our own, this isn't going to get us where we need to go.
    I think, to General Alexander's credit, within the last few 
months he has generated what we call the Operational Directive, 
the OPDIR, where he has laid out for each of us here is how my 
operational vision is in terms of how I will parse out who will 
have leadership within different geographic areas around the 
world. And then, once you are designated as the lead, then we 
collaborate with each other for how we are going to generate 
the full spectrum of capability and the capacity that we will 
need to support those joint commanders.
    Tie in then, as General Hernandez mentioned, the Joint 
Information Environment that hopefully gives us over time an 
underpinning that we can all plug into somewhat seamlessly, as 
opposed to the environment where we operate in today, where 
that is definitely not the case.
    I think between those two things we are able to apply our 
respective capabilities to maximum effect. But it is an issue 
of great concern.
    The last comment I would make is one other comment I make 
regularly to U.S. Cyber Command, is please don't view your 
components as manpower pools. We are integrated warfighting 
organizations just like every other mission set within the 
Department of Defense. Task us, just as we do in every other 
mission area across the Department. Have us bring you capacity 
and capability in an integrated, cohesive unit whole, which is 
the way we are used to working as a Department and the way we 
have all structured our selves.
    General Mills. Sir, I would agree.
    I would just add that we have talked about ensuring that we 
have standardization, if you will, of training those cyber 
warriors so they meet the requirements that General Alexander 
has published. I think this is not particularly a new problem. 
There are other areas in which you begin to cross over into 
Title 10 responsibilities of our Service chiefs to man, train, 
and equip their own forces. But we work in the joint 
environment in many, many other ways where there are some 
similarities of how we come together, how we provide forces 
that are trained to accomplish a specific mission and yet we 
retain our Service identities. So I think it is a thing we are 
working through as the growth of Cyber Command takes place, but 
it is not an insurmountable problem.
    General Vautrinot. Sir, I will echo Admiral Rogers in the 
discussion of the Operations Directive, which does two things: 
It aligns us to provide direct interface with combatant 
commands that have unique requirements, but it also leverages 
the core competencies that are specialties within each of our 
Services, not just for a given combatant command but in support 
of each other as we provide those rare capabilities.
    In addition, the orders process across the board as U.S. 
Cyber Command was established has been very freeing in this 
regard. Because those orders come through to all of us in order 
to provide capability across the board. Cyber is foundational 
to every one of the air, ground, sea, space missions. And 
because it is foundational, we all need to operate in a 
synchronized and consistent manner. The orders come to each of 
us in the operation of our portion of the network to provide 
that synchronization. And so, in following those orders, we are 
all doing very like things but appropriate to the network that 
they must be applied to.
    So that is foundational, providing the unique core 
competencies to enhance missions as they move forward, and then 
certainly expanding cyber in order to provide alternatives that 
are nonkinetic, that don't require heat-blasting fragmentation, 
to the Nation through the cyber domain.
    Mr. Thornberry. Well, that is helpful.
    It just occurs to me, as you all sort through these issues 
that seem to me rather complex, exercises are going to be 
really essential to test this out. Because, you know, I am not 
too concerned about the young folks that work for you all, but 
I am more concerned about the bureaucratic gobbledygook that 
can foul up even the best intentions. And until we exercise 
some of this capability, you know, it will be hard to know 
whether it will really work.
    You all touched on this, but it was also a question I had 
about the relationship of your components to Geographic 
Combatant Commanders, how that is going to work. Is it Cyber 
Command directing operations in Central Command and the other 
commands? Or are you going to send a unit to the commander of 
Central Command and he is giving all direction for it so that 
they are completely a supportive body for the combatant 
commander?
    I don't know. Maybe it is not an either/or situation. But 
you just think about an operation in country X. There is going 
to be elements that are obviously supporting the tactical fight 
there, but there are also elements maybe at a cyber domain that 
will exceed even that geographic area.
    Mr. Thornberry. And how does that fit with our current 
geographic divided command structure of the combatant 
commanders. Make sense?
    General Hernandez. Makes absolute sense, Congressman. And 
that is really part of this directive in reality what we have 
been working for almost the last 2 years. So from an Army 
perspective, General Alexander has asked Army Cyber Command to 
take the lead for him for CENTCOM [U.S. Central Command] and 
NORTHCOM [U.S. Northern Command]. Now what that translates into 
is that we have a habitual relationship with a cyber support 
element that is operating everyday as part of Cyber Command. 
And we have participated in exercises that demonstrates our 
ability to bring capability to integrate with his plans as well 
as provide reachback support from Cyber Command. And as you 
have described, really there is a Cyber Command global mission 
that is supporting an operation that would have a national 
piece to it and support to CENTCOM. And there is a CENTCOM 
piece that would be directed in support of CENTCOM principally 
led by Army Cyber Command but with Joint Forces and joint teams 
from all of Services.
    Mr. Thornberry. So who calls the shots when there is a 
global component and a geographic component?
    General Hernandez. Clearly, in a global domain, it needs to 
be coordinated and integrated and deconflicted very quickly and 
at the Cyber Command level.
    Mr. Thornberry. It just seems to me it may be a challenge 
to work our way through. I don't need to tell you that.
    Last question for now, and then I will yield to my 
colleagues. There are rumors that there are rules of engagement 
bouncing around the Pentagon. I haven't seen anything yet, but 
I guess my question to you all is how comfortable are you that 
we are close to having rules of engagement that we--that the 
country can move forward and operate with?
    Admiral Rogers. That is really within General Alexander's 
lane, if you will, as the Joint Commander. It is an issue he 
continues to work with the Department and the Joint Staff 
leadership and the rest of the combatant commanders. It has 
been an issue of discussion for some period of time now. I 
think there is recognition that that is a requirement, 
something we need to do. The devil is always in the details, if 
you will.
    But my sense is that at some point in the near term, we 
will start with something that will continue to evolve over 
time, which is what you see in our standing rules of engagement 
for the Department, for example. That is the way they worked 
those. I think you will find the same thing in the cyber arena 
as well.
    Mr. Thornberry. Essentially, the Joint Staff and the Cyber 
Command will hand you all rules of engagement that you will 
then have to look at, plan with, operate from and will evolve 
understandably over time.
    Admiral Rogers. As will all commanders within the 
Department, be standing rules of engagement for all.
    General Vautrinot. Chairman, there are existing standing 
rules of engagement for every one of the execute orders and the 
orders that the military is working under with regard to cyber 
operations today. And I believe the expansion of those orders 
is in the area of defense of the Nation as opposed to the 
defense of our Department's networks, but in defense of the 
Nation. And certainly work in that regard is what General 
Alexander is moving toward, but I did want to point out that 
the standing rules do absolutely exist. And we test those as 
well as test the potential rules of engagement in the exercises 
that you mention. For example, if I am working with the 
combatant commands on behalf of General Alexander to bring that 
face and that cyber expertise toward them, Turbo Challenge, 
Austeer Challenge, Global Lightning, Judicious Response and 
those kind of tier 1 exercises in each one of the combatant 
commands informs both the command and control relationships as 
well as the necessary rules of engagement and any shortfalls.
    And then Cyber Flag by U.S. Cyber Command brings us 
together to do the force-on-force and engage and then take that 
information back into both the Department's tabletop exercises 
as they do strategy as well as war games, like Unified 
Engagement, that bring leadership together to think about those 
rules of engagement and how the civil leadership wants the 
military to perform in that regard. So those exercises are 
very, very successful in bringing that information forward.
    Mr. Thornberry. The only point I would add--not that it is 
you all's responsibility, but I made this point to other folks 
in the Department--it seems to me that in this area of cyber 
rules of engagement, it is more important than ever for the 
Department to engage with Congress because a cyber engagement 
is unlikely to take place in a timeframe where we can formerly 
pass a declaration of war and authorization to use military 
force.
    The force that we are talking about here occurs at the 
speed of light, and so having that consultation ahead of time 
will smooth things for the time when there could be a use of 
military force in cyberspace that will start getting into 
constitutional issues and a variety of challenges for us on 
this side of the river as well as the funny-shaped building 
across the way.
    So, Mr. Langevin.
    Mr. Langevin. I do, Chairman. And in tangential to what the 
chairman was just asking that is on my mind, because obviously, 
these are very powerful tools, both the offensive and the 
defensive side, and we have a lot of things to work through. Do 
you believe that you need additional authority to undertake 
your current mission sets?
    And General, you touched on some of these things already, 
but can you describe the legal authorities that govern 
offensive and defensive operations, just to delve into it a 
little deeper?
    General Vautrinot. Sir, probably not my lane, in terms of 
the legal authorities, and I certainly look to the Congress to 
ensure that we have those authorities to move forward.
    However, I can say that in doing operations on a daily 
basis and in support of Cyber Command's mission tasking, we 
leverage the authority of the intelligence community under 
Title 50 of the U.S. code; certainly leverage the authorities 
in law enforcement under Title 18 in order to support those 
activities; and then of course your Title 32 authorities that 
you are very familiar with--I know that you support the 102nd--
it is a Guard unit that works directly with us in mitigating 
and responding to emergencies in cyber on a daily basis, 
perform those operations under Title 32 for the Guard; and 
then, of course, Title 10 operations, which we are most 
familiar with in the military.
    And the important area is to make sure that we can work 
with unity of effort as we are all working toward in the 
military and synchronize these things in a way that supports 
the nation, both protecting the national security while also 
preserving privacy and preserving intellectual property. And 
that is the difficulty, is making sure that we ensure all of 
those things, rather than trading off, and I applaud the work 
that has been done both to dialogue in the Congress and now 
going to the debates that will bring us forward in moving those 
authorities.
    Mr. Langevin. Thank you.
    General Hernandez. Congressman, I would add that I, too, am 
comfortable that we have the authorities needed to do our 
mission. But I would say that most significant is the 
legislation that is being worked. And I applaud that for a few 
reasons. First, it helps codify and clarify ``dupe'' 
[duplicate] roles and responsibilities. The second and 
important one to all of us is really if we are able to get into 
information sharing in ways of looking at protecting our 
critical infrastructure, that will now allow us to see things 
and do things in real time, where others know things that would 
help each other, they are left and right on a daily basis. So I 
think that is critical to our work.
    Admiral Rogers. And I would echo General Hernandez.
    I am comfortable with our ability to execute our mission 
set. Now one think I like about the Navy's construct, like the 
joint world with General Alexander, the Navy cyber capabilities 
both in the Title 10 and Title 50 arena are all OPCON 
[Operational Control] to the Fleet Cyber Command and 10th 
Fleet, much like General Alexander does in both his Director of 
NSA [National Security Agency] as well as Commander, U.S. Cyber 
Command, hat. That gives us flexibility.
    And as General Hernandez indicated, the biggest issue I see 
increasingly over time is the ability to share information 
outside the Department and with partner sets that traditionally 
we are just not used to dealing with. When I look at the 
problem set, it is the nature of the future in this domain.
    Mr. Langevin. Thank you.
    General Mills. I would echo what my partners here have 
said, I would point out that gap that exists between the 
authorities we have to protect our critical infrastructure 
onboard our bases and the critical infrastructure that exists 
out in our local communities that yet support our bases, 
electricity and things like that. So that gap in authorities I 
think needs to be closed, and I believe that is what the 
legislation is going to do. And that is why it is so critical, 
I think, to the overall attempts of what we are trying to do.
    Mr. Langevin. Very good. Thank you.
    Mr. Conaway. Kind of a two-prong question.
    One, does the Department of Defense have an adequate 
definition of what is and isn't cyber with respect to budgeting 
issues and how that all gets captured?
    And then, two, acquisition, when you are buying big stuff, 
it is obviously a problem to stay on the cutting edge. Your 
domain, it would seem to me, would need to be the best tools 
available at any one point in time, whether that is software, 
hardware, those kind of things. Do you see acquisition 
challenges that will prevent your team from having the best F-
35 in the Air Force's case? You know, that is leading to, are 
the incremental costs not so much that it is really an issue?
    General Vautrinot. Let me talk a little bit about 
acquisition because we have had some real movement in this 
regard, and I mentioned it in the written testimony as well as 
the spoken. When you asked us in the authorization act to look 
at the methodology by which we acquire and make it appropriate 
for cyber, there is a recognition that the 5,000 series, the 
acquisition of very long-term, long-term sustainable bent-metal 
type programs is not appropriate to both the rapid change in 
cyber as well as the ability to leverage capabilities against 
an existing and very dynamic architecture.
    And so we have moved forward in both providing real-time 
development of tools that can be resident on those 
architectures and can leverage the existing architectures, 
which certainly we have already been working and provided 
capabilities both to U.S. Cyber Command and to the combatant 
commands.
    The next step in that response is rapid acquisition, which 
scales the folks that are doing material acquisition, the 
engineers and the acquisition professionals that I would see in 
ESC [Electronic Systems Center] as part of Materiel Command, 
brought together with the testing environment, brought together 
with the professionals in the Air Force, research, laboratory, 
all of those folks are coming together, in my case, in Texas, 
not to work for each other but to work those elements of 
science and technology, prototyping, development, test, 
fielding, and training of the forces to use those resources and 
those capabilities in real-time.
    And so that rapid acquisition is part of the response I 
believe you will see from the Department in terms of how we 
need to acquire for cyber and move forward more rapidly.
    Mr. Conaway. Is that a joint acquisition, or is that each 
Service would have their own stovepipe like you are talking 
about?
    General Vautrinot. Sir, I will defer to OSD AT&L [Office of 
the Secretary of Defense for Acquisition, Technology, and 
Logistics] as they respond to that, but the methodology is the 
methodology that they are exploring. We are the pilot case. We 
are actually applying that methodology within the Air Force 
down in Texas.
    General Hernandez. Congressman, a couple points----
    Mr. Conaway. If you don't have anything to say, you don't 
have to say. I mean, it is not a required response, but if you 
have something, I would appreciate hearing it.
    General Hernandez. I would start by saying we are working 
very hard to capture all costs associated with this. As you 
know, it is not--as you start defining cyber in the three lines 
of efforts between operate, defend, and offense, there is a lot 
of information technology. And how you sort those costs out is 
work going on significantly in all the Services.
    Within the Army, the Secretary of the Army has started an 
IT [information technology] management reform initiative. There 
are several pillars to that, but one of them is to establish a 
governance that allows us to get after the cost, and another 
one is a process that allows us to acquire IT through an agile 
process. In the meantime, as we work through that, we have 
worked hard our requirements from both defense and offense.
    From a defensive standpoint the network integration 
evaluations that we do every 6 months at Fort Bliss, where 
everything that we intend to put on the network is tested 
there, allows us an opportunity to rapidly test, deliver, and 
field capabilities. And at the same time, we look at all of 
them to make sure they are bringing no vulnerabilities to our 
network. So I believe that will cause the process to go faster 
with respect to acquisition from that end.
    We do have--are working with an organization in the command 
that has given us authorities to rapidly field and test 
capabilities that we would need to have quickly if we wanted to 
put inside of an operation. But I think the future really is 
how we do more of that better and get at capabilities across 
all the Services in a joint way.
    Admiral Rogers. Sir, the only thing I would add, in the 
Navy, this is something we spent some time thinking about, how 
do you meet the acquisition challenges in the cyber arena? 
While work with our broader joint partners and the broader 
standard acquisition mechanisms within our Service, we also, 
within Fleet Cyber Command, created a small core R&D [research 
and development] capability under my control as operational 
cyber commander for the Navy with some seed corn in it, if you 
will, that allows me and others to rapidly acquire and develop 
kind of top priority cyber capabilities for us that are done 
outside, if you will, the traditional acquisition pipeline for 
us, with some specific restrictions, if you will, about how we 
do it so we are not duplicating the effort of others, but it 
has proven to be a great capability for us.
    Mr. Conaway. One quick follow-up, and it occurs to me while 
we are sitting here thinking, is if we have got an array of 
weapons that are appropriate for a Marine company or a platoon, 
they are given certain tools and certain weapons that we all 
agree to.
    In this arena, there seems to be that each of those 
operators have the opportunity to either build their own tools 
or their own weapons, their own equivalents. Is that--have you 
thought about that as a concern yet at this point in time, in 
terms of what these folks are able--because these are going to 
be bright people, and they are going to be in an arena where 
innovation and being the first to be able to do X, Y or Z is a 
real issue. And they are going to be--competition and 
competitive to try to do that. How do you let that happen but 
don't lose control of it?
    Admiral Rogers. I will give you my perspective. I think the 
positive side is so far we have managed to strike a good 
balance that provides for the initiative, which is I think is 
at the heart of really one of our positives, both as a nation 
and within the Department. At the same time, as we each 
generate unique capabilities, if you will, within our Service, 
we will push them up in the joint arena to U.S. Cyber Command 
and the National Security Agency to kind of act as a central 
repository, if you will. And then we will harness that 
capability as we are looking at different mission sets and what 
tool sets are available out there that other partners have 
developed, and we are finding ourselves more and more using 
tools and techniques developed by other Services and by our 
joint counterparts.
    Mr. Conaway. Okay.
    Mr. Thornberry. I think we have had provisions in the 
fiscal year 2010 and fiscal year 2011 defense authorization 
bill on rapid acquisition for cyber.
    So I was listening to your answers, but I will make the 
same offer, as you work through these issues, if you find that 
you need some additional authorities, you know, please let us 
know. We have provided some unique authorities in some other 
areas, Special Operations and whatnot, and it may well be that 
cyber just doesn't fit or somehow the tools available to DOD do 
not fit this domain, and so I wanted to make that offer as 
well.
    Ms. Davis.
    Mrs. Davis. Thank you, Mr. Chairman, and I am sorry that I 
wasn't able to be here until the last few minutes, but I 
certainly appreciate all of your work, your dedication to our 
country, thank you very much.
    I wanted to just ask a people question, and you may have 
already addressed this, but in this unconventional domain in 
which we are asking you all to work right now, could you just 
talk for a minute about the stress levels and what you're 
feeling or finding in terms of morale of the force that is the 
feeling in this new area? What are we learning about that? And 
are there things that we should be doing to really help and 
support people along the way?
    General Hernandez. Congresswoman, thank you.
    We did have a little bit of this conversation, and I think 
the key point I would say is, one, they appreciate being cyber 
warriors. They are excited about the opportunity. They are 
excited about what they are a part of. And our charge is to 
continue to develop them and continue to keep that excitement 
because we can't do it without them.
    Admiral Rogers. I guess for me it is kind of interesting I 
guess the more junior you are in our workforce at least, the 
less you think about the challenges and the much more you are 
focused on the opportunities and the energy that you bring to 
the fight. Generally, as you are more senior, perhaps a little 
older, I generally see at that level, you are much more 
concerned or really focused on the challenge set. And you see 
that stress where you are looking at the range of things that 
you know we need to do. You are looking at the range of 
resources that you have right now to do it, and you know you 
have to prioritize. You have got to focus on what needs to be 
fixed first. And so there is always those trade offs. But the 
positive side I think is for our workforce, they are energized 
by the situation, which is a great thing for us and the Nation.
    General Mills. I would offer up the same observation. I 
think morale is extraordinarily high because I think that the 
people involved in the cyber understand that they are cutting-
edge, and they are developing a new weapon system that is going 
to have a huge impact on the battlefield, and they are excited 
about that. I think they are also excited about being a part of 
ongoing real-world operations, and they understand that what 
they are in is not just not simply a training mission or an 
exercise, but they are out there doing real things and having a 
real impact. I think that enables the morale to stay high, 
despite the long hours and perhaps the shortage of personnel we 
have from time to time to--morale is not an issue.
    General Vautrinot. I will echo my Service counterparts. 
There is an excitement. It is a target-rich environment of 
things to fix, of things to change and an environment where you 
can have so much impact on how the Nation is going to leverage 
this capability and how we are going to help to protect the 
Nation and meet the requirements. They are rising to that 
challenge. I think that is what we see every day is that level 
of excitement and that level of commitment.
    Mrs. Davis. And do you have any concerns that you won't be 
resourced properly? You said sometimes the numbers, as you are 
growing more of this force, is that an issue? Are you worried 
about that? You probably already talked about that as well.
    General Mills. I don't. I think the training pipeline is 
long, and so once you identify the personnel and you train them 
within your own Service and then get them the joint training 
they need to be able to be employed, that takes a while. And so 
that is a challenge, but it is a challenge that we can 
overcome.
    Mrs. Davis. Great.
    Thank you, Mr. Chairman.
    Mr. Thornberry. Thank you.
    Is there any disadvantage to choosing one of the career 
fields in cyber right now as far as a long-term military 
career? Have we standardized everything so there is no problem 
at all, or can you pick one of these new cyber career fields, 
stay in it for 20, 30 years, if you want to, and retire and so 
forth and move on? Or is there any disadvantage is really my 
question?
    General Hernandez. I see no disadvantages today. In fact, I 
think we talked that word before; they see more opportunity. 
And as we develop the domain more and we move to an operational 
network, I think we will see more convergence. And with 
convergence comes the ability for defenders to also do not just 
defense but operate potentially offense, and that is exciting. 
And those that are offense will learn skills on how to defend, 
and that moves us to a domain that you can really operate in, 
and I think that will provide more opportunity and more 
excitement for them than being stovepiped or think that they 
are too narrowly focused. So getting that balance between 
generalization and specialization with great development 
opportunities I think is the future here.
    Mr. Thornberry. I think that is a fair point. I guess I was 
really thinking just more the way the military sees careers and 
what it rewards, what it doesn't, who it promotes, all of those 
sorts of issues. Do you think we are at a point where these 
cyber career fields are treated equitably at least of other 
career fields?
    General Mills. I think it may about a little too early to 
tell the answer to that question.
    Mr. Thornberry. Haven't had enough experience yet.
    General Mills. Yeah. I don't think there is enough depth 
yet, enough officers are enlisted who have gone up for 
promotion, et cetera, et cetera. I think that will play out. I 
think part of that is incumbent on us to make sure that our 
Services are educated as to what the individuals are doing, to 
ensure that the Services understand the contribution they are 
making, and understand, although their service record may be 
unconventional, that in fact, much like special operators, what 
they are doing is extraordinary valuable. So there is a--time 
will tell.
    Mr. Thornberry. Okay. Let me just ask this, thinking 
midterm maybe, 3 to 5 years ahead, what technical capabilities 
would be your priorities for development? And kind of an 
ancillary question, do you have input into your Services' R&D 
priorities for the future? That is another area the 
subcommittee covers, our S&T programs. So what are your 
technical priorities for the next 3 to 5 years? And do you have 
input into your Services' research and development program over 
that period?
    General Hernandez. Congressman, I would answer absolutely 
we do. And our R&D priorities are nested with the Department of 
Defense's priorities in this arena. We have helped shape 
several of the requirements that we know we will need from an 
S&T standpoint for the future. And we are also working with a 
lot of partners on near-term things that they can assist us 
with.
    My number one requirement for the near term really would be 
capability that increases our situational awareness, that 
allows us to see ourselves better, allows us to see the threats 
better and allows us to see the cyber terrain we are operating 
in. That is not an easy problem, and it is one that we are only 
going to be as what we see and as we move through a global 
domain, we will have to have better visibility to cross all of 
it. So that's my number one short-term requirement.
    Admiral Rogers. I would echo General Hernandez, probably 
situational awareness, number one. Because if you want to 
defend an operation--if you want to defend and operate in an 
environment, the human condition, generally you have to be able 
to visualize it and you have to be able to understand it in a 
way that enables better and quicker decisionmaking, 
particularly in this environment. The only other things that 
come to my mind are automating--automated decision aids, again, 
that increase speed and agility because we are going to 
continue to use traditional timelines and methodologies we are 
going to be behind the power curve in this domain. And then, 
lastly, automating a lot of our defensive capabilities, things 
that still require more of a man-in-the-loop than I would like, 
for me at least.
    Mr. Thornberry. I am sorry, General, if I could interrupt. 
So do you have input into the research and development the Navy 
puts into those issues, or do you look primarily to the private 
sector for some of that?
    Admiral Rogers. I do both, to be honest.
    Mr. Thornberry. You develop it----
    Admiral Rogers. Well, I--and I also look to the private 
sector as to what kind of things are you working on that might 
have applicability for us.
    General Mills. Sir, I would echo what the Admiral said, as 
well, and I would add that the Marine Corps looks to develop 
ways to make these capabilities expeditionary; how we can 
forward-deploy them, how we can support our crisis response 
forces that are out forward-deployed at the point of the spear, 
how we can bring those with us in an expeditionary manner. I 
would also look to help us solve some of the area denial, anti-
access threats that are appearing, and we have to deal with as 
we look at, again, maritime operations in areas in which we may 
not be welcome. Those are the areas in which we are looking at, 
as well as what the Admiral said.
    General Vautrinot. Sir, I will address the second first, 
and that is, do I have input? And the answer is absolutely. In 
the Air Force, we have a core function lead integrator for the 
entire Service that looks at each one of the core areas. And 
for cyber, that is General Shelton who is Air Force Space 
Command. And so, in a prioritization, we directly input, and 
that is exactly what came out of the master plan in terms of 
the prioritization.
    We also do the ``one to n'' priorities associated with 
science and technology and the research and development 
activities that are being done by our Materiel Command in this 
regard. So it is a very direct input, and we are seeing the 
benefits of that collaboration and seeing it all come all the 
way back into that what kind of capabilities we are now able to 
field. So let me answer that portion next.
    In the capabilities that we are seeing fielded, on the 
defensive side, we talked about the AFNet migration, the Air 
Force Network migration, which is an effort to create from the 
heterogenous, the very individual networks that were then 
brought together to become the network from the way that they 
were originally designed, how do you make that more homogenous 
and then you are able to apply situational awareness, an 
automation to that homogenous network, and so we are very far I 
long the path in doing that on our unclassified networks at 
every one of the bases worldwide. So we have created an 
architecture that says we go under the gateways, everyone comes 
through those areas, that allows us to treat everything as an 
operational environment and defense in-depth and then apply the 
tools to best leverage and give additional capability, so it is 
a platform, not discrete individual items thrown at the 
problem. So you are doing it in an organized, operational, 
normal fashion but at a very rapid pace.
    Those same tools can then be applied to protect 
infrastructure to look at what the vulnerabilities, the key 
terrain in cyber for all of that infrastructure capability. And 
I was talking to Congressman Langevin earlier about remote 
forensics and the ability to do that in real-time and then 
apply the lessons, both from the intelligence community that 
are very dear, as well as your understanding of your own 
network. So we are seeing both the prioritization and, more 
importantly, the application to those priorities to the 
capabilities that are right now coming out on both the 
defensive and the full spectrum capabilities we are applying to 
Cyber Command.
    Mr. Thornberry. When you get all those networks working 
together, I want to send you over to the finance people at the 
Pentagon so maybe they can pass an audit before too long.
    Mr. Langevin.
    Mr. Langevin. Thank you, Mr. Chairman.
    General Vautrinot, I wanted to touch on the role of the 
Guard since you talked about that in your testimony, and I am 
pleased to see that in your testimony, you did highlight the 
role of Rhode Island Air National Guard's 102nd Information 
Warfare Squadron. Can you talk about how you see the role of 
the Air Guard, and Reserve cyber units evolving in future 
years? And are these units properly resourced and manned? And 
then, in addition to that, I talked about the combat 
communications unit in Rhode Island that is going away and how 
General McBride is looking to increase, kind of have that role 
evolve and have the cyber warfare unit play an expanded role as 
that is being replaced. But if you can talk on the role of the 
Guard and Reserve and the cyber units and how they are going to 
evolve in future years, that would be important.
    General Vautrinot. Certainly, sir.
    Admiral Rogers would say, a rising tide serves all boats. 
In the airmen language, that would be, you need to gain a 
little altitude in order to be able to maneuver. The use of the 
total force gains us that altitude because these are citizen-
soldiers, and they go back to their communities. So, in the 
case, for example, of the 102nd, they are part of the Air Force 
Cyber Emergency Response Team.
    They are using the same very high-end capabilities that we 
just described in their day-to-day mission. It is an 
operational mission, and it is serving the Air Force and Cyber 
Command, but it also serves in bringing their level of 
training, the exact same training and the same equipage, the 
same capabilities, they can take that back to their community, 
back to their corporate entities that they serve on a day-to-
day basis, and they can apply that same knowledge in the same 
way that citizen airmen do when there is a crisis of any kind. 
In this kind, it is a very technical application.
    So, as we expand that, then we have I guess in cyber, it is 
about team, and there really is an ``i'' in team. It is about 
industry. It is about the intellectual capital of our 
universities, like your University of Rhode Island, who just 
got the Center of Excellence Award from NSA, very rare, sir. It 
is about interagency, and it is about international 
cooperation. And so you bring all of those ``i''s into team, 
and literally, what you are doing by bringing the total force 
together is expanding that across the Nation so that we can all 
apply that.
    Do we have sufficient resources? As the Guard does those 
transitions from some missions that are no longer most 
appropriate in the cyber environment, and so for combat 
communications, they are a national treasure, but that treasure 
is about hooking up communications in a deployed environment. 
And what General Alexander and the Nation needs is the ability 
to extend a defensible, robust, trusted network. And so that 
extension is the way that we are moving forward in the future, 
and so as the Guard would service that intent and that vision, 
we would want to repurpose those forces into those kinds of 
missions and make sure that we move forward.
    In terms of total numbers, for example, the 119th in 
Tennessee, a great effort to provide some resilient facilities 
in Tennessee. And we are working with the Guard to try to 
actually put resources, manpower resources, against that 
facility to allow it to be a resilient capability for the 
Nation, for the Air Force, on behalf of General Alexander.
    So we need the Guard and the Reserve to move in that manner 
in order to move this mission forward.
    Thank you, sir.
    Mr. Langevin. Any other----
    General Hernandez. If I could add a few points, we are 
working closely with Reserve component, both Guard General 
Ingram and Army Reserve General Talley. All those units that 
have cyber capability are under the operational control of Army 
Cyber Command today. We leverage them routinely. They bring 
unbelievable skills to all the mission sets.
    There are a couple other areas that there is tremendous 
opportunity that we are working with them on. And first is, 
what else can they do to help with homeland defense, with the 
defense network the National Guard has, not only in a recovery 
but in a preventative way with their defenders, as well as 
critical infrastructure protection?
    The second thing is they have tremendous skills that we 
haven't harnessed those skills. We know about where they are, 
but they sign into units that are different than the skill set. 
We haven't determined how we can best utilize those individual 
skill sets. I think there is opportunity there that we are 
working on.
    The other area, as you know very well, is there are state 
partnerships are strong and vibrant in other countries, and our 
part of that would be, how do we establish those partnerships 
in this domain with other countries where building partnership 
capacity is important and there is a cyber element from a state 
unit that could support us with that?
    And the last one I would highlight is we have a pretty 
robust STEM [Science, Technology, Engineering, and Mathematics] 
program in e-cyber mission, and I think that there is 
tremendous opportunity that we are starting to work with States 
from the National Guard perspective to expand that STEM to the 
communities.
    Mr. Langevin. Yes, sir.
    Admiral Rogers. And I would just add on the Navy side, I 
find our Reserve teammates among the most flexible and willing 
to try new innovative things when it comes to the application 
of their capabilities. Every major combatant commander has tier 
1 exercises during the course of the year, and the Pacific 
TERMINAL FURY is Pacific Command's largest tier 1 exercise 
during the course of the year. Like we do with every major 
exercise in every major operation, we do we integrate our 
Reserve teammates into what with do. For TERMINAL FURY 12, we 
decided to try something a little different. Traditionally we 
apply skill sets based on a pay grade or a designator if you 
will that kind of codifies an individual's background. We 
approach the Reserves this time and said, let's try something a 
little different. I don't want to specify pay grade; I want to 
specify a particular background or skill set in the civilian 
sector and see how we would match those like matching by pay 
grade, which was just amazing, the amount of capability and 
expertise that is resident in that structure when you look at 
it slightly differently and their willingness to do that. I 
didn't get any pushback at all; was just amazing, and it really 
energized them. So it is something we hope in the Navy hope to 
build on in the future as a great experience and hope to do 
more of them.
    Mr. Langevin. General Mills.
    General Mills. Our mobilized individual reservists bring 
great skill sets with them when they come on Active Duty. They 
play a very important role both at my headquarters MARFORCYBER 
[Marine Forces Cyber], as well as over at CYBERCOM [U.S. Cyber 
Command], where they fill some very critical billets. So very, 
very important role for us as well.
    Mr. Langevin. The last question I had since obviously the 
younger generation seems to obviously take to technology like 
fish to water and probably some of the youngest recruits are 
going to have some of the most robust skills, what kind of 
transparency or situational awareness do you have in terms of 
throughout your various Services of those individuals that 
aren't assigned or haven't chosen the cyber route as a career 
path but that you could potentially tap into and recruit from 
the rest of the various aspects of your Services that might at 
some point have to think about encouraging them to go into a 
career in cyber or that, in the event that the Nation needs 
surge in the area of cyber, that you could quickly identify and 
tap into and then draw the folks into your various roles? Have 
you thought about that and if you could can you talk about that 
briefly?
    General Hernandez. I will start. We, our personnel systems 
have limited visibility on the depth of skills that we would 
want to identify for this particular domain. We have an 
initiative that we will work total Army that is intended to get 
at Active, Reserve component military and civilian called Green 
Pages. We have done some pilots in the Army with Green Pages 
that says, these are the list of skills that we are looking 
for; do you have these skills, sign up for that. And then there 
is a potential opportunity for you to serve in these 
assignments, and you might get better matches than the way we 
currently do it today. But it is a pretty large holistic view 
that says what are the skills we would want to have and start 
describing those that so that they can tell us what they have 
and allow us to get a better utilization of them, but that is 
work to do Congressman.
    Admiral Rogers. Sir, I think for us--I think it is true for 
all the Services--our view is that cyber is so fundamental to 
the future that the idea that the only people that we are going 
to train are some sort of core specialists, if you will, isn't 
where we need to go. So as a Service, we have tried to put a 
fundamental layer of cyber education, training, and awareness 
across the entire force. As we do that we do that, we quite 
frankly also use that as a vehicle to try to find, so who is 
out there who would be interested in this, who has some skill 
that might be interested in changing rating, if you will, or 
specialty? And we have structures in place designed to allow us 
to do that. We have been able to do that with a pretty high 
degree of success so far about reorienting, if you will, the 
workforce internally to align people that their skill sets 
against perhaps a different specialty than they started their 
journey.
    General Mills. We identify those individuals at the entry 
level who had that skill set or who are interested in a skill 
set or at least had the academic qualifications to be able to 
train in those areas. Being relatively a small Service and 
joined from basically three communities, which are achieving 
narrows that pool down, I think it becomes easier for us to 
identify candidates that would do well with the cyber 
specialty. We also give marines the opportunity to move from 
MOS [Military Occupation Specialty] to MOS at certain times 
during their career, during their reenlistments for instance. 
And as we draw down in certain areas, we expand within cyber; 
our young marines again will pick up on that and will have the 
opportunity if they are qualified, they are talented, if they 
are interested, to be able to move over into cyber.
    We see the cyber warriors, if you will, moving into cyber 
and then moving back to their own specialty in communications 
or intelligence during their career, and that will grow a pool 
of qualified individuals that we could assign if there were in 
fact a requirement for a surge at some particular time.
    Mr. Langevin. Thanks. Very good.
    General Vautrinot. Congressman, on the Active Duty side, 
our Air Force personnel center affords extraordinary insight 
into the capabilities, the scores, the testing that are done in 
the sessions. Particularly for our enlisted force, most of the 
career fields in cyber are not accession career fields. We 
actually cross-load them based on both their excellence and 
those scores on the test and then bring them in and do the 
training at a higher level. And so we have no shortage of folks 
that want to move across in that crossflow, and it is usually 
the program shortfalls that don't allow us to bring them fast 
enough, and they are working on those across the board.
    On the Guard and Reserve side, there is less visibility, 
but I know that our counterparts are trying to work that 
visibility, get the kinds of information that Admiral Rogers 
mentioned in terms of what kinds of skill sets did they use in 
their private employment? What kinds of skill sets did they 
have as they were coming through their educational 
opportunities that may differ from their current 
responsibilities and their current functional designation and 
allow us to leverage them and train them in this area, whether 
it is applied to their current functions or whether it is 
applied directly to the cyber environment?
    Mr. Langevin. Very good. I thank you all for your answers 
on those, and I am glad you are giving it thought. And 
obviously, we are challenged nationally in terms of the number 
of people that we have that can go into this field, and the 
STEM fields, we have to do a better job at encouraging kids to 
go into science, technology, engineering and mathematics.
    General, you talked about Cyber Patriot, and we have 
created in Rhode Island--and it is a national program; there 
are a few different states that are doing it. It is called the 
Cyber Challenge program. You take kids that are in high school, 
and it is about a 6-week program, and you put them through the 
paces. And you take kids that think maybe the computer is 
something they do and it is a hobby, but you get them thinking 
about a career path in that field and that is what Cyber 
Patriot and Cyber Challenge are all about. I thank the 
chairman. I yield back.
    Mr. Thornberry. So, in that discussion, I think I have this 
right, reminds me of Estonia, where after the denial of service 
attack that they have suffered, they have people lined up in 
banks, in retail all scattered all over the country to help 
defend the country in cyberspace if they need to. Maybe that is 
the sort of surge capability we need to think about eventually.
    Ms. Davis, do you have other questions?
    Mrs. Davis. No.
    Mr. Thornberry. I think that is it.
    Thank you all very much. We appreciate hearing about your 
successes, but we also, as we move forward, want to hear about 
the challenges you encounter. That, as I said a while ago, I 
think that open communication across the river is going to be 
especially important in this area. So, again, thanks for being 
here.
    With that, the hearing stands adjourned.
    [Whereupon, at 5:17 p.m., the subcommittee was adjourned.]



=======================================================================

                            A P P E N D I X

                             July 25, 2012

=======================================================================



=======================================================================


              PREPARED STATEMENTS SUBMITTED FOR THE RECORD

                             July 25, 2012

=======================================================================


                    Statement of Hon. Mac Thornberry

   Chairman, House Subcommittee on Emerging Threats and Capabilities

                               Hearing on

 Digital Warriors: Improving Military Capabilities for Cyber Operations

                             July 25, 2012

    We welcome our witnesses, guests, and members to this 
hearing in the Emerging Threats and Capabilities Subcommittee 
on ``Digital Warriors: Improving Military Capabilities in the 
Cyber Domain.''
    There is widespread agreement that cyberspace is now a 
domain of warfare, and many people regard it as the most 
difficult, perplexing national security challenge we face. 
Certainly the laws, policies, and organizations have not kept 
pace with the evolution of technology. But if cyberspace is 
important to our country's security and if it is a domain of 
warfare, our military services, on whom we rely to protect and 
defend us, must be prepared to operate in cyberspace as well. 
That preparation involves a number of issues, including 
organizational structure, recruitment and retention of 
qualified personnel, training, rapid acquisition, among others; 
and it is those issues which we want to examine in today's 
hearing.

                  Statement of Hon. James R. Langevin

Ranking Member, House Subcommittee on Emerging Threats and Capabilities

                               Hearing on

 Digital Warriors: Improving Military Capabilities for Cyber Operations

                             July 25, 2012

    Thank you, Mr. Chairman and thank you very much to our 
witnesses today. It's a pleasure to see you all again and to 
have you join us for what I believe is a critically important 
hearing.
    There is no more critical task in today's environment than 
safeguarding the Department of Defense's networks. The cyber 
domain has become an integral part of every action DOD 
undertakes, whether offensive or defensive. And as operating 
environments grow ever more complex, we need joint forces that 
are manned, trained, and equipped to conduct the full spectrum 
of operations in support of, and in some cases, supported by, 
what we think of as traditional military forces.
    The Congress, and the country has a whole, has been 
struggling with what cybersecurity means to us as a nation. 
We're grappling with how to protect our systems and our privacy 
at the same time. I'm proud to be part of that robust 
discussion. I've helped draft some legislation and co-sponsored 
others, and now it looks as if something may be moving over in 
the Senate. Let's hope so. I hope today we'll hear your 
thoughts on what sorts of additional authorities you may need 
and how the proposed legislation may or may not affect those 
needs, as well as your thoughts on the delegation of 
authorities within the executive branch.
    But most importantly, I hope we hear about how you are 
finding and retaining the sort of people you need today and for 
the future. This is, I believe, the fundamental challenge that 
faces us. It is often said that the root strength of our 
military is the quality of our people and nowhere is that more 
true that in your organizations. As you think about growing 
your forces, what thought have you given to where the people 
are going to come from? How will you keep them, promote them, 
educate them and continue to challenge them, even when outside 
organizations are keen to lure people with these skill sets 
away to the private sector?
    Lastly, I need to take a minute to talk about a topic that 
would be irresponsible to avoid. We all know that we are facing 
significant fiscal challenges in the coming years, even without 
the threat of sequestration looming. Cyber-related activities 
are faring reasonably well so far, but nothing is immune, and 
even non-cyber-specific cuts could have an impact on your 
commands as personnel resources are reduced or research and 
development funding decreased. Those are just two examples. As 
you look ahead, how do you factor in the possibility of even 
more austere fiscal environments? This is a tough question, but 
one we must face in order to responsibly address the complex 
challenges of the future.
    Thank you, Mr. Chairman, for holding this hearing, and I 
look forward to a robust discussion.
[GRAPHIC] [TIFF OMITTED] T5668.001

[GRAPHIC] [TIFF OMITTED] T5668.002

[GRAPHIC] [TIFF OMITTED] T5668.003

[GRAPHIC] [TIFF OMITTED] T5668.004

[GRAPHIC] [TIFF OMITTED] T5668.005

[GRAPHIC] [TIFF OMITTED] T5668.006

[GRAPHIC] [TIFF OMITTED] T5668.007

[GRAPHIC] [TIFF OMITTED] T5668.008

[GRAPHIC] [TIFF OMITTED] T5668.009

[GRAPHIC] [TIFF OMITTED] T5668.010

[GRAPHIC] [TIFF OMITTED] T5668.011

[GRAPHIC] [TIFF OMITTED] T5668.012

[GRAPHIC] [TIFF OMITTED] T5668.013

[GRAPHIC] [TIFF OMITTED] T5668.014

[GRAPHIC] [TIFF OMITTED] T5668.015

[GRAPHIC] [TIFF OMITTED] T5668.016

[GRAPHIC] [TIFF OMITTED] T5668.017

[GRAPHIC] [TIFF OMITTED] T5668.018

[GRAPHIC] [TIFF OMITTED] T5668.019

[GRAPHIC] [TIFF OMITTED] T5668.020

[GRAPHIC] [TIFF OMITTED] T5668.021

[GRAPHIC] [TIFF OMITTED] T5668.022

[GRAPHIC] [TIFF OMITTED] T5668.023

[GRAPHIC] [TIFF OMITTED] T5668.024

[GRAPHIC] [TIFF OMITTED] T5668.025

[GRAPHIC] [TIFF OMITTED] T5668.026

[GRAPHIC] [TIFF OMITTED] T5668.027

[GRAPHIC] [TIFF OMITTED] T5668.028

[GRAPHIC] [TIFF OMITTED] T5668.029

[GRAPHIC] [TIFF OMITTED] T5668.030

[GRAPHIC] [TIFF OMITTED] T5668.031

[GRAPHIC] [TIFF OMITTED] T5668.032

[GRAPHIC] [TIFF OMITTED] T5668.033

[GRAPHIC] [TIFF OMITTED] T5668.034

[GRAPHIC] [TIFF OMITTED] T5668.035

[GRAPHIC] [TIFF OMITTED] T5668.036

[GRAPHIC] [TIFF OMITTED] T5668.037

[GRAPHIC] [TIFF OMITTED] T5668.038

[GRAPHIC] [TIFF OMITTED] T5668.039

[GRAPHIC] [TIFF OMITTED] T5668.040

[GRAPHIC] [TIFF OMITTED] T5668.041

[GRAPHIC] [TIFF OMITTED] T5668.042

[GRAPHIC] [TIFF OMITTED] T5668.043

[GRAPHIC] [TIFF OMITTED] T5668.044

[GRAPHIC] [TIFF OMITTED] T5668.045

[GRAPHIC] [TIFF OMITTED] T5668.046

?

      
=======================================================================


              QUESTIONS SUBMITTED BY MEMBERS POST HEARING

                             July 25, 2012

=======================================================================

      
                 QUESTIONS SUBMITTED BY MR. THORNBERRY

    Mr. Thornberry. One of the main tools you have for defending your 
networks is something called the Host-Based Security System (HBSS).
    a. How has your experience been in implementing this system and 
what improvements might you recommend for similar programs in the 
future? b. Have you implemented the necessary tactics, techniques and 
procedures to maximize the use of this tool? c. What capabilities would 
you like to see integrated into future generations of HBSS?
    General Hernandez. Our experience has shown the technology provides 
significant host protection from threats, internal and external and 
will only improve as our operational use matures. Programs of this 
magnitude require a clear implementation, training, and sustainment 
strategy to provide resources, people and money and we have worked to 
close gaps in initial fielding tactics, techniques, and procedures, 
sustainment training and manning requirements to establish a baseline 
that will enable us to fully leverage the capabilities of the tool. 
While we continue to assess our capability gaps, the ability of HBSS to 
deliver Cyber SA with minimum latency and the capability to develop 
custom modules to address unique requirements improves our defensive 
stance. The inclusion of HBSS event data into existing IA/CND processes 
will further enhance our capability to defend All Army networks.
    Mr. Thornberry. How are your Services leveraging in-house graduate 
educational facilities, like the Air Force Institute of Technology 
(AFIT) or the Naval Postgraduate School (NPS), as well as DOD 
accredited programs, such as the National Centers of Academic 
Excellence in Cyber Operations, in order to improve workforce training 
and education?
    General Hernandez. ARCYBER continues to take a holistic approach by 
leveraging the constellation construct for both training and 
development to improve workforce training and education. The construct 
consists of U.S. Government, Academia and Industry elements, each are 
discussed below in both current and future actions, and will complement 
each other to provide a more capable workforce.
    Currently ARCYBER is leveraging U.S. Government developmental 
activities and capabilities to take advantage of efficiencies and 
future requirements. These activities include: The DOD Joint 
Information Operations (IO) Range, Government Laboratories (such as: 
Sandia, Army Research Laboratories, Johns Hopkins applied Physics 
Laboratory, Adelphi, and Aberdeen Proving Ground Cyber Test 
Laboratory), and continuous coordination with United States Cyber 
Command, U.S. Strategic Command (USSTRATCOM), and Office of the 
Secretary of Defense (OSD) Cyber initiatives. Future activities will 
include increased partnerships with DHS, FBI, DARPA, DOD, and the 
Intelligence community. Examples of early successes include five USMA 
faculty and cadets summer internships with ARCYBER through the Advanced 
Individual Academic Development (AIAD) program. Shortly, ARCYBER will 
benefit from more than 14 interns from the Army Civilian Training, 
Education Development System (ACTEDS). Moreover, ARCYBER will be an 
active contributor to the Service and USG cyber lessons learned 
programs.
    Current Academic developmental activities include: Cooperation with 
the Air Force Institute of Technology (AFIT) and its Masters Program, 
and the ARCYBER scholarship program. This program is a two-year, 
degree-producing program open to regular Army (RA) captains and majors 
in the maneuver, fires & effects, operations support, and force 
sustainment branches. Three officers per year pursue a master's degree 
in cyber security at the University of Maryland (with additional 
universities to be added). Though we are still assessing how best to 
integrate and execute the NSA/DHS National Centers of Academic 
Excellence training, it is a key component of our future training and 
developing way ahead. We have two students attending the Naval Post 
Graduate School and ARCYBER will receive three second-year masters 
candidates in the NSA Information Assurance Scholarship Program (IASP) 
in the spring of 2013. ARCYBER is continuing to address organizing 
cyber within the Army e-Learning and Continuing Education Program. For 
example, ARCYBER supports Civilian Career Program 34's, Information 
Technology Management, and Cyber Academy Training Framework through 
partnerships with University of Maryland University College (national 
policy and law), University of Maryland Baltimore County (secure S/W 
engineering), George Mason University (ethical hacking/analysis) and 
Carnegie Mellon University (operational security). Future activities 
will include Senior Service college ``Cyber fellows,'' RAND Cyber 
Fellowships, and efforts to identify and recruit cyber talent from ROTC 
programs and the USMA.
    Industry is the third leg in training and development. It is 
critical in providing additional current and future capabilities/
requirements as well as leveraging emerging trends and capabilities and 
will assist in ensuring our DOD programs and in-house educational 
activities are developed accordingly. Current developmental activities 
with industry include: Coordination with Defense contractor 
Laboratories, Training with Industry (e.g. MIT/Lincoln Labs, Lockheed 
Martin, and Cisco), and participation in trade conferences (e.g. the 
Armed Forces Communications and Electronics Association [AFCEA] and the 
Association of the U. S. Army [AUSA]). Future activities will include: 
Establishing additional industry research partners; Science and 
Technology (S&T) outreach; Leveraging partner expertise to manage 
problems; and increased recruiting and cyber training with industry.
    Conclusion: A key attribute of the ARCYBER vision is to develop a 
trained, professional team to complete our roles as the Army Service 
Component to U.S. Cyber Command; To train, organize, and equip forces; 
To provide Cyber Education, Training, and Leader Development; and 
Execute Cyber Proponent functions. The three part constellation 
approach is our way of getting at the issues of developing a workforce 
in a dynamic environment. Our approach continues to evolve.

    Mr. Thornberry. One of the main tools you have for defending your 
networks is something called the Host-Based Security System (HBSS).
    a. How has your experience been in implementing this system and 
what improvements might you recommend for similar programs in the 
future? b. Have you implemented the necessary tactics, techniques and 
procedures to maximize the use of this tool? c. What capabilities would 
you like to see integrated into future generations of HBSS?
    Admiral Rogers. HBSS is a complex suite of cyber security tools 
that is a critical element of the Navy's cyber defense posture. 
Implementing this system throughout the Navy's afloat and shore-based 
environments has presented unique challenges.
    Our primary challenge has been its implementation in the afloat 
environment. Navy modernization and fielding processes were not 
developed with today's constantly evolving Cyber threats and 
vulnerabilities in mind; thus, it can take up to three years to place a 
new capability onboard an afloat platform. In contrast, updates to HBSS 
are released by the Defense Information Systems Agency (DISA) every six 
months. As a result, the Navy continues to lag in installs and updates 
mandated by United States Cyber Command (USCC). While the Navy has 
strived to address the problem for our most vulnerable systems and 
deployed HBSS to Secure Internet Protocol Network (SIPRNET) on all Navy 
and Military Sealift Command (MSC) platforms in 2011, the complexity of 
installs, current processes, and funding constraints have delayed 
installs of HBSS on Sensitive but Unclassified (SBU) IP Data (also 
known as NIPRNET), which will not be completed before FY14.
    In our shore-based environment, the Navy has encountered challenges 
with scalability of HBSS. Our Navy and Marine Corps Intranet (NMCI) 
networks are larger than most networks encountered in the private 
sector, and we have had difficulty configuring HBSS to accommodate 
larger network environments. While the vendor has responded to 
technical problems, these issues have challenged the Navy's ability to 
be fully compliant with USCC orders for installation of HBSS. For any 
future similar programs, scalability should be a key factor when 
designing solutions.
    The Navy is leveraging HBSS Tactics, Techniques and Procedures 
(TTPs) developed by USCC and continuing Service-specific efforts to 
develop additional TTPs. Additionally, we are leveraging best practices 
within the Service, such as those developed by Naval Air Systems 
Command (NAVAIR), to better manage HBSS and ensure it meets our 
operational needs. The Navy also continues to develop Standard 
Operating Procedures (SOPs) and other documentation and training that 
aid in operationalizing HBSS to provide actionable and timely 
information to Cyber decisionmakers and operational commanders. Future 
capabilities we would like integrated in future HBSS generations should 
account for legacy hardware/software network environments. Capabilities 
should also address low-bandwidth operations and upgrade installment 
flexibility to account for the unique requirements of the U.S. Navy. We 
continue to work closely with our partners at USCC and DISA to further 
refine operational concepts, and ensure follow on versions and 
acquisition efforts take advantage of lessons learned. We remain 
especially focused on ensuring acquisition efforts and system release 
schedules are tied closely to operational requirements and are 
sensitive to operational environments.
    Mr. Thornberry. How are your Services leveraging in-house graduate 
educational facilities, like the Air Force Institute of Technology 
(AFIT) or the Naval Postgraduate School (NPS), as well as DOD 
accredited programs, such as the National Centers of Academic 
Excellence in Cyber Operations, in order to improve workforce training 
and education?
    Admiral Rogers. Navy is leveraging in-house graduate educational 
facilities and DOD accredited programs through close coordination with 
these institutions and a focus on a smart post-education placement 
process to ensure our most recently educated Sailors and civilians are 
detailed to positions which will benefit the Navy most. We recognize 
that affording our personnel graduate educational opportunities is 
critical to maintaining our expertise as we drive advancements in Navy 
cyberspace operations. With the quickly evolving nature of cyber, it is 
absolutely critical that the educational partners and programs we 
leverage keep pace with the changing cyber landscape.
    To that end, the U.S. Navy leverages education and training from 
six major programs:
    Air Force Institute of Technology (AFIT) and Naval Postgraduate 
School (NPS) In 2002, AFIT and the Naval Postgraduate School formed an 
educational alliance to eliminate duplicate degree programs in the 
fields of Oceanography and Aeronautical Engineering, and consolidate 
educational resources. Navy continues its close coordination with AFIT 
to refine course requirements, explore potential resource 
consolidations, and improve quality.
    NPS
    NPS offers an 18-month Master of Science degree in Cyber Systems 
and Operations that addresses a broad range of cyberspace operations 
such as computer network attack, defense, and exploitation; cyber 
analysis, operations, planning and engineering; and cyber intelligence 
operations and analysis. Navy will graduate 14 officers from this 
program in FY12 and is programmed to send 14 officers in FY13 per the 
approved Officer Graduate Education Quota Plan.
    NPS's Graduate School of Operational and Information Sciences 
offers an Information Systems and Operations (ISO) Certificate Program. 
This warfighter-oriented degree program focuses on integrating 
information technologies, command and control processes, and 
Information Operations (IO) methods and elements into innovative 
operational concepts for IO in the context of Network Centric Warfare. 
Since the program's inception in 2002, 318 officer, enlisted and 
civilian personnel have completed this certificate program.
    The Information Systems and Technology (IST) certificate program 
provides an educational opportunity that is essential to helping the 
U.S. military reach information superiority in the operational 
environment. It offers advanced education in areas essential to 
enabling global networked communications, including: databases, systems 
analysis and design, decision support systems, and network security. 
Since the program's inception in 2003, approximately 96 officer and 
enlisted personnel have completed this certificate program. Both 
programs are taught via asynchronous Web-based media (i.e., the 
Internet). The asynchronous nature of these certificates has allowed us 
to deliver these certificates to deployed forces at sea and ashore.
    Additionally, NPS will offer a 12-month Enlisted Cyber Master's 
Degree in September 2012 that provides selected Navy Sailors a Master 
of Science in Cyber Systems and Operations; Security and Technology. 
Selectees are assigned to a Navy-funded education program as full-time 
students under permanent change of station orders to Monterey, CA. Navy 
is sending five sailors through this program this year.
    Finally, NPS just completed the approval process for a resident 
Master of Science, Network Operations and Technology degree that begins 
this fall and has eight officers scheduled to attend in 2013.
    Masters of Information Technology Strategy (MITS)
    In 2010, the Chief of Naval Operations directed the creation of the 
Masters of Information Technology Strategy (MITS) pilot program in 
partnership with Carnegie Mellon University (CMU). This program affords 
civilian and military IDC personnel the opportunity to attend CMU for a 
16-month Master's degree program in cyber-related disciplines. The 
degree conferred is a Master's Degree in Information Technology and 
Strategy (MITS) and is a cooperative endeavor between of the College of 
Engineering (CIT), School of Computer Science (SCS), and College of 
Humanities and Social Sciences (H&SS). The initial cohort of two 
military and three civilians students commenced August 2011, and the 
second group of four commenced in August 2012.
    National Defense University (NDU)
    NDU's Government Information Leadership (GIL) Master of Science is 
a 39-credit hour curriculum of the GIL Master of Science Degree Program 
and offers a combination of information management, technology, and 
leadership intensive courses. Navy currently has 36 Master's degree 
enrollments and 497 certificate enrollments.
    NDU's ``iCollege'' Chief Information Officer (CIO) Program is the 
recognized leader in graduate education for Federal CIO leaders and 
agency personnel. It directly aligns with the Federal CIO Council-
defined CIO competencies and addresses the Clinger-Cohen Act and other 
relevant legislation mandates. It is sponsored by the DOD CIO.
    United States Naval Academy (USNA)
    Although an undergraduate program, USNA's Center for Cyber Security 
Studies is an important investment as it enhances workforce education 
and training at the Service academy level. Established in 2009, the 
Center provides support for the proposed curricular and professional 
reforms across the Naval Academy and encompasses support for all 
programs that contribute to the knowledge, study and research of cyber 
warfare.
    NSA/DHS National Centers of Academic Excellence
    National Security Agency (NSA) and the Department of Homeland 
Security (DHS) jointly sponsor the National Centers of Academic 
Excellence in Information Assurance (IA) Education (CAE/IAE), IA 2-year 
Education and Training (CAE/2Y) and IA Research (CAE/R) programs. The 
goal of these programs is to reduce vulnerability in our national 
information infrastructure by promoting higher education and research 
in IA and producing a growing number of professionals with IA expertise 
in various disciplines. Students attending CAE/IAE or CAE/R designated 
schools are eligible to apply for scholarships and grants through the 
Department of Defense Information Assurance Scholarship Program (IASP) 
and the Federal Cyber Service Scholarship for Service Program. NPS is a 
participant in this program.
    To date, 84 uniformed and civilian Navy personnel have participated 
in the DOD IASP from commands across the Navy.

    Mr. Thornberry. One of the main tools you have for defending your 
networks is something called the Host-Based Security System (HBSS).
    a. How has your experience been in implementing this system and 
what improvements might you recommend for similar programs in the 
future? b. Have you implemented the necessary tactics, techniques and 
procedures to maximize the use of this tool? c. What capabilities would 
you like to see integrated into future generations of HBSS?
    General Mills. a. The Marine Corps had little trouble implementing 
HBSS as directed by USCYBERCOM. Challenges to the installation of HBSS 
included anticipating and mitigating the potential impacts that various 
modules could have on specific applications within the Marine Corps 
Enterprise Network (MCEN). We recommend that future programs of this 
type are designed and implementation timelines determined with Service 
involvement at the earliest stages of development.
    b. The Marine Corps continuously strives to improve our Tactics, 
Techniques, and Procedures in an effort to maximize our defense in 
depth strategy and enhance our security posture. There is more work to 
be done in order to realize the benefits of HBSS--we need to train more 
marines on the various modules and their employment, baseline, and 
tuning. We need to educate commanders on the benefits of full 
implementation and utilization of HBSS.
    c. The Marine Corps recommends four areas of improvement for HBSS:
    (1) HBSS lacks the redundancy provided by other critical IT 
systems. The capability for production HBSS server suites to mirror 
each other does not exist. The strength of the HBSS architecture could 
be greatly improved if clients could seamlessly fail-over between 
geographically separate servers.
    (2) HBSS could be utilized to assist in the Information Assurance 
Vulnerability Management (IAVM) program by analyzing systems for 
critical vulnerabilities. Ideally, the DOD HBSS Program Manager could 
obtain or develop benchmarks within HBSS to detect vulnerabilities of 
interest published by the IAVM program.
    (3) The number of local events logged at the local machine should 
be pushed up to the enterprise level. Enterprise logging will allow 
Computer Network Defense Service Providers (CNDSPs) to more effectively 
respond to incidents and therefore better defend networks. (Examples 
are of Data Loss Prevention (DLP) which identifies USB usage on DOD 
Networks and Host Intrusion Prevention System (HIPS) which monitors 
traffic for anomalies.
    (4) We would like to see the continued integration of industry best 
practice solutions into the management console to provide a single 
optimized interface for operators. It is also important that the DOD 
fully employ HBSS and the associated existing modules. Once those 
efforts are complete, a true gap analysis can be conducted and specific 
areas within our network architecture that lack coverage can be 
identified, addressed, and mitigated.
    Mr. Thornberry. How are your Services leveraging in-house graduate 
educational facilities, like the Air Force Institute of Technology 
(AFIT) or the Naval Postgraduate School (NPS), as well as DOD 
accredited programs, such as the National Centers of Academic 
Excellence in Cyber Operations, in order to improve workforce training 
and education?
    General Mills. The Marine Corps actively participates in the 
Department of Defense Information Assurance Scholarship Program, which 
provides access for both enlisted and officer students to AFIT, NPS, 
the National Defense University, Capitol College, George Mason, and 
other National Centers of Academic Excellence in Cyber Operations for 
graduate degrees in cyberspace security, information assurance, and 
computer security fields.
    Through the National Intelligence University, marines with 
intelligence-related military occupational specialties are able to 
complete a Master of Science of Strategic Intelligence. Although this 
curriculum does not include cyber-specific courses as part of the core 
requirement, students are able to tailor their electives and focus 
thesis topics to include cyber operations.
    The Marine Corps is currently in discussions with Northern Virginia 
Community College to establish a program to provide college credit for 
marines receiving military training and experience within the 
cyberspace operations workforce.
    The Marine Corps University has initiated additional curricula in 
its educational programs that include topics in cyberspace operations, 
cyberspace planning, cyberspace law, and cyberspace implementation 
theories. Thus far, the Marine Corps University has had one class 
complete its program of instruction with this additional material. 
Initial feedback is that it was well received, and the Marine Corps 
University is evaluating comments to refine its curricula for future 
courses.
    The Marine Corps also leverages cyber and cyber-related courses 
through NSA's National Cryptologic Schools for personnel serving at the 
Marine Cryptologic Support Battalion and the operating forces' Radio 
Battalions which provide Signals Intelligence and cyber related support 
to the Marine Air Ground Task Force, USCYBERCOM through MARFORCYBER, 
and the National Security Agency. Additionally, the Marine Corps uses 
the U.S. Navy's Joint Cyber Analysis Course (JCAC) and the Joint 
Network Attack Course to train enlisted marines and officers in cyber 
and cyber-related skill sets for MOS development.

    Mr. Thornberry. One of the main tools you have for defending your 
networks is something called the Host-Based Security System (HBSS).
    a. How has your experience been in implementing this system and 
what improvements might you recommend for similar programs in the 
future? b. Have you implemented the necessary tactics, techniques and 
procedures to maximize the use of this tool? c. What capabilities would 
you like to see integrated into future generations of HBSS?
    General Vautrinot. a. The Air Force continues to address the 
challenges of integrating and sustaining HBSS within existing 
architecture as well as incorporating it within the numerous critical 
mission systems operating on the Air Force provisioned portion of the 
Global Information Grid. In addition to the challenges with fixed HBSS 
implementations, expeditionary environments present additional risks in 
HBSS employment, such as saturating downrange bandwidth and remaining 
compliant. HBSS is critical to our Net Defense posture and we will 
continue to review its fielding, operating, training and sustaining 
needs.
    b. The Air Force has taken significant action to maximize the HBSS 
capability's effectiveness in increasing the defensive posture of our 
network and IP-capable assets. We use the capability to generate 
enterprise-wide situational awareness information, which is critical 
for enabling and maintaining Command and Control across the network. 
Expeditionary systems are now deployed with current patches and 
policies to reduce or eliminate the initial unresponsive period when 
updates were installed. Additionally, we continue to establish key Net 
Defense policies, which are implemented across the Air Force and shared 
with our DOD partners, to defend against active, future and existing 
threats.
    c. The HBSS capability has numerous critical network defense 
capabilities that can identify existing vulnerabilities and report that 
information for action to our operators who then must take intensive, 
manual remediation and mitigation actions. The next step is integrating 
into HBSS the capability to identify vulnerabilities and executing 
automatic actions to remediate and mitigate the deficiency. This would 
increase our capacity to leverage capabilities in support of the Joint 
fight.
    Mr. Thornberry. How are your Services leveraging in-house graduate 
educational facilities, like the Air Force Institute of Technology 
(AFIT) or the Naval Postgraduate School (NPS), as well as DOD 
accredited programs, such as the National Centers of Academic 
Excellence in Cyber Operations, in order to improve workforce training 
and education?
    General Vautrinot. Air Force Space Command (AFSPC) and Air 
Education and Training Command (AETC) have established a full-range 
cyber training and education construct that begins in Basic Military 
Training and follows a challenging path that includes specialized 
cyber-focused graduate degrees.
    In addition to cyber-focused graduate programs (MS/PhD) in Computer 
Science, Computer Engineering and Electrical Engineering with research 
focused on such areas as encryption algorithms, botnet disruption, 
network intrusion detection, and wireless network security, AFIT offers 
two Master's programs in cyber operations and cyber warfare. The 18-
month Cyber Operations Master's Program provides extensive hands-on 
laboratory experience with both offensive and defensive measures and 
countermeasures, and is open to officers, enlisted, and civilians. The 
12-month Cyber Warfare Degree Program for Majors and civilian 
equivalents provides a developmental education opportunity that 
addresses technical as well as policy and doctrine aspects of cyber 
operations.
    The Information Assurance Certificate Program (IACP) is a subset of 
the Master of Science program. Students completing the required 
coursework are eligible for certificates under National Training 
Standards as an Information Security Professional, Senior System 
Manager, and Senior Risk Analyst.
    On June 19, 2008, the Secretary and Chief of Staff of the Air Force 
designated AFIT and the Center for Cyberspace Research (CCR) as the Air 
Force's Cyberspace Technical Center of Excellence (CyTCoE). The Center 
serves as a bridge between the operational AF cyber forces and various 
cyber research, education, and training communities across the Air 
Force, the DOD, and national organizations.
    The Center provides cyberspace professional continuing education 
for currency and professional development of the cyberspace workforce. 
The Air Force's Cyber 200 and 300 are Joint-accredited professional 
development courses designed to increase the depth and breadth of cyber 
operations understanding and to prepare individuals to apply cyber 
capabilities and concepts in Joint military operations. These courses 
are available to and attended by our Joint brethren in an effort to 
standardize training and proficiency across the DOD. The Air Force is 
also in the process of establishing disclosure guidance that will allow 
our international partners to send individuals to Cyber 200 and 300.
    The Air Force also utilizes graduate-level educational 
opportunities offered by our DOD and Agency partners such as the 
Information Assurance Scholarship Program (IASP) and the Computer 
Network Operations Development Program (CNODP). The IASP is open to all 
Air Force officers and is designed to retain a corps of highly skilled 
IA professionals to accommodate diverse warfighting and mission 
requirements. The CNODP is an intense, 3-year graduate-level internship 
at the National Security Agency that develops technical leaders who 
will lead the DOD and Services' employment of cyber capabilities. 
Graduates of this program receive focused follow-on assignments that 
capitalize on their breadth and depth of knowledge.
                                 ______
                                 
                  QUESTIONS SUBMITTED BY MR. LANGEVIN
    Mr. Langevin. How are your Services leveraging both in-house 
graduate educational facilities and DOD accredited programs, such as 
the NSA/DHS National Centers of Academic Excellence?
    General Hernandez. ARCYBER continues to take a holistic approach by 
leveraging the constellation construct for both training and 
development to improve workforce training and education. The construct 
consists of U.S. Government, Academia and Industry elements, each are 
discussed below in both current and future actions, and will complement 
each other to provide a more capable workforce.
    Currently ARCYBER is leveraging U.S. Government developmental 
activities and capabilities to take advantage of efficiencies and 
future requirements. These activities include: The DOD Joint 
Information Operations (IO) Range, Government Laboratories (such as: 
Sandia, Army Research Laboratories, Johns Hopkins applied Physics 
Laboratory, Adelphi, and Aberdeen Proving Ground Cyber Test 
Laboratory), and continuous coordination with United States Cyber 
Command, U.S. Strategic Command (USSTRATCOM), and Office of the 
Secretary of Defense (OSD) Cyber initiatives. Future activities will 
include increased partnerships with DHS, FBI, DARPA, DOD, and the 
Intelligence community. Examples of early successes include five USMA 
faculty and cadets summer internships with ARCYBER through the Advanced 
Individual Academic Development (AIAD) program. Shortly, ARCYBER will 
benefit from more than 14 interns from the Army Civilian Training, 
Education Development System (ACTEDS). Moreover, ARCYBER will be an 
active contributor to the Service and USG cyber lessons learned 
programs.
    Current Academic developmental activities include: Cooperation with 
the Air Force Institute of Technology (AFIT) and its Masters Program, 
and the ARCYBER scholarship program. This program is a two-year, 
degree-producing program open to regular Army (RA) captains and majors 
in the maneuver, fires & effects, operations support, and force 
sustainment branches. Three officers per year pursue a master's degree 
in cyber security at the University of Maryland (with additional 
universities to be added). Though we are still assessing how best to 
integrate and execute the NSA/DHS National Centers of Academic 
Excellence training, it is a key component of our future training and 
developing way ahead. We have two students attending the Naval Post 
Graduate School and ARCYBER will receive three second-year masters 
candidates in the NSA Information Assurance Scholarship Program (IASP) 
in the spring of 2013. ARCYBER is continuing to address organizing 
cyber within the Army e-Learning and Continuing Education Program. For 
example, ARCYBER supports Civilian Career Program 34's, Information 
Technology Management, and Cyber Academy Training Framework through 
partnerships with University of Maryland University College (national 
policy and law), University of Maryland Baltimore County (secure S/W 
engineering), George Mason University (ethical hacking/analysis) and 
Carnegie Mellon University (operational security). Future activities 
will include Senior Service college ``Cyber fellows,'' RAND Cyber 
Fellowships, and efforts to identify and recruit cyber talent from ROTC 
programs and the USMA.
    Industry is the third leg in training and development. It is 
critical in providing additional current and future capabilities/
requirements as well as leveraging emerging trends and capabilities and 
will assist in ensuring our DOD programs and in-house educational 
activities are developed accordingly. Current developmental activities 
with industry include: Coordination with Defense contractor 
Laboratories, Training with Industry (e.g. MIT/Lincoln Labs, Lockheed 
Martin, and Cisco), and participation in trade conferences (e.g. the 
Armed Forces Communications and Electronics Association [AFCEA] and the 
Association of the U. S. Army [AUSA]). Future activities will include: 
Establishing additional industry research partners; Science and 
Technology (S&T) outreach; Leveraging partner expertise to manage 
problems; and increased recruiting and cyber training with industry.
    Conclusion: A key attribute of the ARCYBER vision is to develop a 
trained, professional team to complete our roles as the Army Service 
Component to U.S. Cyber Command; To train, organize, and equip forces; 
To provide Cyber Education, Training, and Leader Development; and 
Execute Cyber Proponent functions. The three part constellation 
approach is our way of getting at the issues of developing a workforce 
in a dynamic environment. Our approach continues to evolve.
    Mr. Langevin. Could each of you explain the Command and Control 
Relationships between your respective Service Cyber Components and 
CYBERCOM, regional combatant commanders, and other command structures?
    General Hernandez. Army Cyber Command (ARCYBER) operates under the 
Operational Control (OPCON) of USCYBERCOM (USCC). As the Army's Service 
component to USCC, Army Cyber Command exercises the designated command 
and control authority and responsibility over trained and ready Army 
forces, in support of Unified Land Operations, to ensure U.S./Allied 
freedom of action in cyberspace.
    A significant example is the 780th Military Intelligence Brigade 
(780th MI BDE) (Cyber), which supports USCYBERCOM and combatant command 
cyberspace operations. ARCYBER has OPCON of the brigade, which conducts 
signals intelligence and computer network operations, and enables 
Dynamic Computer Network Defense of Army and Department of Defense 
networks.
    The Army's Network Operations Security Centers and the Regional 
Computer Emergency Response Teams are also under the OPCON of ARCYBER. 
Control of these units has increased unity of command for the operation 
and defense of our networks. Additionally, Reserve Component cyber and 
information operations organizations are now OPCON to ARCYBER.
    The Army has delegated OPCON of the Network Enterprise Technology 
Command (NETCOM) to ARCYBER and the Secretary of the Army has delegated 
OPCON of the 1st Information Operations Command.
    There is no command relationship between ARCYBER and the Regional 
Combatant Commands. To facilitate seamless integration, USCYBERCOM 
directed the establishment of Cyber Security Elements (CSEs) to support 
each of the Combatant Commands. The CSEs function under the OPCON of 
USCYBERCOM in direct support of the respective Combatant Commands. 
USCYBERCOM provides direct support to Regional Combatant Commanders 
through its Service components. ARCYBER leads the Joint effort for 
USCYBERCOM to provide cyber support to U.S. Central Command and U.S. 
Northern Command.
    Headquarters Department of the Army (HQDA) retains administrative 
control over ARCYBER and is responsible to man, train, and equip Army 
cyber forces. While ARCYBER provides support to both Joint and Army 
commands, it currently has no established command relationship with 
other Army Major Commands (MAJCOMs), Army Service Component Commands 
(ASCCs), or Army Direct Reporting Units (DRUs).
    Mr. Langevin. The value of red-teaming--threat emulation--was 
proven perhaps most clearly in the Vietnam War with the establishment 
of Top Gun. The Director for Operational Test and Evaluation (DOT&E) 
has identified a shortfall in threat emulation and red teaming 
capabilities across the FYDP. What is each of the Services doing to 
address these shortfalls? Is the DOD investing adequately in the test 
capabilities and range environments that will be needed to remain 
current with advancing technologies?
    General Hernandez. Army Cyber Command established the World Class 
Cyber Opposing Force (WCCO) to provide live, interactive, expert, and 
realistic adversarial emulation in support of Army Training and Leader 
Development activities at the National Training Center and in support 
of COCOM exercises. The WCCO builds upon and compliments existing red 
team capability in 1st Information Operations Command and 780th 
Military Intelligence Brigade, extending its mission beyond traditional 
Information Assurance focused activities to include broader training 
and leader development. The WCCO supports the Army's Opposing Force 
program, providing a wide range of adversary ``Information Warfare'' 
activities during training events, to include Computer Network Attack 
and Exploitation, Deception, and Propaganda.
    Recognizing overall Army shortfalls in cyber capacity, we are 
increasing our investment in all Defensive Cyber Operations (DCO) 
forces which, in addition to adversary emulation, includes advanced 
capabilities for adversary hunting and cyber vulnerability assessments. 
While they support Army units from a blue perspective, they provide 
many of the same benefits as traditional red teams. Beginning in FY14, 
the planned growth in DCO capability will significantly improve our 
ability to both protect Army systems and information and better 
incorporate red team activity into training activities.
    DOD leverages numerous cyber range capability for the purpose of 
training and leader development, capability test and evaluation, and 
modeling and simulation.

    Mr. Langevin. How are your Services leveraging both in-house 
graduate educational facilities and DOD accredited programs, such as 
the NSA/DHS National Centers of Academic Excellence?
    Admiral Rogers. Navy is leveraging in-house graduate educational 
facilities and DOD accredited programs through close coordination with 
these institutions and a focus on a smart post-education placement 
process to ensure our most recently educated Sailors and civilians are 
detailed to positions which will benefit the Navy most. We recognize 
that affording our personnel graduate educational opportunities is 
critical to maintaining our expertise as we drive advancements in Navy 
cyberspace operations. With the quickly evolving nature of cyber, it is 
absolutely critical that the educational partners and programs we 
leverage keep pace with the changing cyber landscape.
    To that end, the U.S. Navy leverages education and training from 
six major programs:
    Air Force Institute of Technology (AFIT) and Naval Postgraduate 
School (NPS) In 2002, AFIT and the Naval Postgraduate School formed an 
educational alliance to eliminate duplicate degree programs in the 
fields of Oceanography and Aeronautical Engineering, and consolidate 
educational resources. Navy continues its close coordination with AFIT 
to refine course requirements, explore potential resource 
consolidations, and improve quality.
    NPS
    NPS offers an 18-month Master of Science degree in Cyber Systems 
and Operations that addresses a broad range of cyberspace operations 
such as computer network attack, defense, and exploitation; cyber 
analysis, operations, planning and engineering; and cyber intelligence 
operations and analysis. Navy will graduate 14 officers from this 
program in FY12 and is programmed to send 14 officers in FY13 per the 
approved Officer Graduate Education Quota Plan.
    NPS's Graduate School of Operational and Information Sciences 
offers an Information Systems and Operations (ISO) Certificate Program. 
This warfighter-oriented degree program focuses on integrating 
information technologies, command and control processes, and 
Information Operations (IO) methods and elements into innovative 
operational concepts for IO in the context of Network Centric Warfare. 
Since the program's inception in 2002, 318 officer, enlisted and 
civilian personnel have completed this certificate program.
    The Information Systems and Technology (IST) certificate program 
provides an educational opportunity that is essential to helping the 
U.S. military reach information superiority in the operational 
environment. It offers advanced education in areas essential to 
enabling global networked communications, including: databases, systems 
analysis and design, decision support systems, and network security. 
Since the program's inception in 2003, approximately 96 officer and 
enlisted personnel have completed this certificate program. Both 
programs are taught via asynchronous Web-based media (i.e., the 
Internet). The asynchronous nature of these certificates has allowed us 
to deliver these certificates to deployed forces at sea and ashore.
    Additionally, NPS will offer a 12-month Enlisted Cyber Master's 
Degree in September 2012 that provides selected Navy Sailors a Master 
of Science in Cyber Systems and Operations; Security and Technology. 
Selectees are assigned to a Navy-funded education program as full-time 
students under permanent change of station orders to Monterey, CA. Navy 
is sending five sailors through this program this year.
    Finally, NPS just completed the approval process for a resident 
Master of Science, Network Operations and Technology degree that begins 
this fall and has eight officers scheduled to attend in 2013.
    Masters of Information Technology Strategy (MITS)
    In 2010, the Chief of Naval Operations directed the creation of the 
Masters of Information Technology Strategy (MITS) pilot program in 
partnership with Carnegie Mellon University (CMU). This program affords 
civilian and military IDC personnel the opportunity to attend CMU for a 
16-month Master's degree program in cyber-related disciplines. The 
degree conferred is a Master's Degree in Information Technology and 
Strategy (MITS) and is a cooperative endeavor between of the College of 
Engineering (CIT), School of Computer Science (SCS), and College of 
Humanities and Social Sciences (H&SS). The initial cohort of two 
military and three civilians students commenced August 2011, and the 
second group of four commenced in August 2012.
    National Defense University (NDU)
    NDU's Government Information Leadership (GIL) Master of Science is 
a 39-credit hour curriculum of the GIL Master of Science Degree Program 
and offers a combination of information management, technology, and 
leadership intensive courses. Navy currently has 36 Master's degree 
enrollments and 497 certificate enrollments.
    NDU's ``iCollege'' Chief Information Officer (CIO) Program is the 
recognized leader in graduate education for Federal CIO leaders and 
agency personnel. It directly aligns with the Federal CIO Council-
defined CIO competencies and addresses the Clinger-Cohen Act and other 
relevant legislation mandates. It is sponsored by the DOD CIO.
    United States Naval Academy (USNA)
    Although an undergraduate program, USNA's Center for Cyber Security 
Studies is an important investment as it enhances workforce education 
and training at the Service academy level. Established in 2009, the 
Center provides support for the proposed curricular and professional 
reforms across the Naval Academy and encompasses support for all 
programs that contribute to the knowledge, study and research of cyber 
warfare.
    NSA/DHS National Centers of Academic Excellence
    National Security Agency (NSA) and the Department of Homeland 
Security (DHS) jointly sponsor the National Centers of Academic 
Excellence in Information Assurance (IA) Education (CAE/IAE), IA 2-year 
Education and Training (CAE/2Y) and IA Research (CAE/R) programs. The 
goal of these programs is to reduce vulnerability in our national 
information infrastructure by promoting higher education and research 
in IA and producing a growing number of professionals with IA expertise 
in various disciplines. Students attending CAE/IAE or CAE/R designated 
schools are eligible to apply for scholarships and grants through the 
Department of Defense Information Assurance Scholarship Program (IASP) 
and the Federal Cyber Service Scholarship for Service Program. NPS is a 
participant in this program.
    To date, 84 uniformed and civilian Navy personnel have participated 
in the DOD IASP from commands across the Navy.
    Mr. Langevin. Admiral Rogers, your predecessor Admiral McCullough 
previously testified that much of the power and water systems for naval 
bases are served by single sources and have very limited backup 
capabilities. Can you provide an update on how the Navy is addressing 
threats to both its critical infrastructure and its secure and unsecure 
networks? Are you sharing information with critical infrastructure 
operators, and if so, through what channels does this information flow?
    Admiral Rogers. In an effort to correct vulnerabilities/
deficiencies identified during recent critical infrastructure 
assessments the Navy is coordinating efforts with OSD to prioritize and 
fund the most urgent issues with FY13 Defense Critical Infrastructure 
Program (DCIP) resources.
    U.S. Navy Defense Critical Assets (DCA) and Task Critical Assets 
(TCA) have been identified. The Naval Criminal Investigative Service 
(NCIS) provides all DCAs, validated through the Joint Staff, 
comprehensive counterintelligence support plans to identify foreign 
entity threats. TCAs, recently validated by the U.S. Navy, will receive 
similar coverage as required in DOD Instruction 5240.19. Identified 
threat information to the critical assets is provided to the asset 
operators through the most expeditious methods, however, generally 
through the identified NCIS representative assigned to the facility.
    Mr. Langevin. Could each of you explain the Command and Control 
Relationships between your respective Service Cyber Components and 
CYBERCOM, regional combatant commanders, and other command structures?
    Admiral Rogers. The below figure (on page 99) from the Joint Staff 
Transitional Cyberspace Operations Command and Control (C2) Concept of 
Operations signed on 1 May 2012, depicts the C2 structure. The C2 
relationships follow command relationships as defined in Joint Doctrine 
unless otherwise specified in supplemental orders or directives. The 
framework establishes a standardized baseline for cyberspace operations 
C2 by documenting Joint Cyber Center (JCC) and Cyber Support Element 
(CSE) command relationships, missions, functions, and tasks. In 
addition, USCYBERCOM Operational Directive 12-001 specifies that 
Service Components have Direct Liaison Authorized (DIRLAUTH) with other 
Service Components, COCOMs, DOD Organizations, the Interagency, and 
foreign and commercial partners, to plan and execute assigned cyber 
operations.
[GRAPHIC] [TIFF OMITTED] T5668.047

    U.S. Fleet Cyber Command/U.S. TENTH Fleet is the Navy's Component 
Command to United States Cyber Command, and an Echelon Two Navy 
Command, subordinate to the Chief of Naval Operations. Fleet Cyber 
Command has unique responsibilities as the central operational 
authority for networks, cryptology, signals intelligence, information 
operations, cyber, electronic warfare and space in support of forces 
afloat and ashore. As such, we organize and direct Navy cryptologic 
operations worldwide and integrate information operation and space 
planning and operations as directed.
    Mr. Langevin. The value of red-teaming--threat emulation--was 
proven perhaps most clearly in the Vietnam War with the establishment 
of Top Gun. The Director for Operational Test and Evaluation (DOT&E) 
has identified a shortfall in threat emulation and red teaming 
capabilities across the FYDP. What is each of the Services doing to 
address these shortfalls? Is the DOD investing adequately in the test 
capabilities and range environments that will be needed to remain 
current with advancing technologies?
    Admiral Rogers. Fleet Cyber Command also values the impact of red 
teaming. We believe that the issue is not one of capacity, but rather 
how we better use the capacity that already exists within the cyber 
domain. To make more efficient use of red teams, we have concentrated 
improving coordination across all DOD red teams to increase support to 
our cyber forces and help standardize red team activity.
    The ongoing development and maturation of the USCYBERCOM and 
USFLTCYBERCOM staffs has allowed broader and timely coordination during 
the planning and execution phases of red team activity. As cyber 
actions are becoming more common events in major exercises, early 
planning and incorporation of cyber effects and training objectives 
have allowed improved synchronization across Navy and all DOD red 
teams. This early planning allows the capabilities of Service and DOD 
teams to be synchronized to best stimulate local, theater and global 
responses and allows the command and control structure of Defensive 
Cyber Operations to be exercised under real world conditions. The 
inventory and capabilities of Navy and joint test ranges is sufficient 
to meet current demand. However, range environments and test 
capabilities must be continually evaluated as technologies advance and 
as cyber policies and doctrine allow increased application in the joint 
planning and execution.

    Mr. Langevin. How are your Services leveraging both in-house 
graduate educational facilities and DOD accredited programs, such as 
the NSA/DHS National Centers of Academic Excellence?
    General Mills. The Marine Corps actively participates in the 
Department of Defense Information Assurance Scholarship Program, which 
provides access for both enlisted and officer students to AFIT, NPS, 
the National Defense University, Capitol College, George Mason, and 
other National Centers of Academic Excellence in Cyber Operations for 
graduate degrees in cyberspace security, information assurance, and 
computer security fields.
    Through the National Intelligence University, marines with 
intelligence-related military occupational specialties are able to 
complete a Master of Science of Strategic Intelligence. Although this 
curriculum does not include cyber-specific courses as part of the core 
requirement, students are able to tailor their electives and focus 
thesis topics to include cyber operations.
    The Marine Corps is currently in discussions with Northern Virginia 
Community College to establish a program to provide college credit for 
marines receiving military training and experience within the 
cyberspace operations workforce.
    The Marine Corps University has initiated additional curricula in 
its educational programs that include topics in cyberspace operations, 
cyberspace planning, cyberspace law, and cyberspace implementation 
theories. Thus far, the Marine Corps University has had one class 
complete its program of instruction with this additional material. 
Initial feedback is that it was well received, and the Marine Corps 
University is evaluating comments to refine its curricula for future 
courses.
    The Marine Corps also leverages cyber and cyber-related courses 
through NSA's National Cryptologic Schools for personnel serving at the 
Marine Cryptologic Support Battalion and the operating forces' Radio 
Battalions which provide Signals Intelligence and cyber related support 
to the Marine Air Ground Task Force, USCYBERCOM through MARFORCYBER, 
and the National Security Agency. Additionally, the Marine Corps uses 
the U.S. Navy's Joint Cyber Analysis Course (JCAC) and the Joint 
Network Attack Course to train enlisted marines and officers in cyber 
and cyber-related skill sets for MOS development.
    Mr. Langevin. Could each of you explain the Command and Control 
Relationships between your respective Service Cyber Components and 
CYBERCOM, regional combatant commanders, and other command structures?
    General Mills. The Service Cyber Component to USCYBERCOM is 
MARFORCYBER. MARFORCYBER is assigned to USSTRATCOM and USSTRATCOM has 
delegated OPCON of MARFORCYBER to USCYBERCOM. There is no direct 
command relationship between MARFORCYBER and the geographic combatant 
commanders. That being said, USCYBERCOM tasked MARFORCYBER to, in 
conjunction with USCYBERCOM, lead the joint effort to conduct cyber 
support of U.S. Special Operations Command (USSOCOM). MARFORCYBER was 
also tasked to provide a recommendation to USCYBERCOM on the 
requirements and support structure for a joint Cyber Support Element 
(CSE) at USSOCOM. In anticipation of approval of the CSE recommendation 
provided to USCYBERCOM for USSOCOM, MARFORCYBER staffed a colonel at 
USSOCOM as the USCYBERCOM Liaison Officer and Officer-in-Charge of the 
CSE. Additionally, a major, a captain, and two staff sergeants have 
orders to USSOCOM to form the nucleus of the CSE for USSOCOM.
    Mr. Langevin. The value of red-teaming--threat emulation--was 
proven perhaps most clearly in the Vietnam War with the establishment 
of Top Gun. The Director for Operational Test and Evaluation (DOT&E) 
has identified a shortfall in threat emulation and red teaming 
capabilities across the FYDP. What is each of the Services doing to 
address these shortfalls? Is the DOD investing adequately in the test 
capabilities and range environments that will be needed to remain 
current with advancing technologies?
    General Mills. The Marine Corps Network Operations and Security 
Center (MCNOSC) is task organized with organic red team and 
intelligence sections. The Marine Corps Information Assurance Red Team 
(Red Team) is tasked with finding new exploits and with emulating 
threat vectors/adversary tactics, techniques, and procedures (TTPs). 
This includes penetration testing, phishing, remote exploitation of 
network devices, exploitation of website vulnerabilities, wireless 
exploitation, close access, and insider threats. The Red Team 
operations in cyberspace are based on two distinct operational 
requirements: (1) internal and external exercise support and (2) MCNOSC 
directed operations. The Marine Corps will continue evaluating its red 
team requirements as added emphasis is placed on red team utilization 
within the Department.
    On behalf of the Department, the Marine Corps manages the DOD 
Information Assurance Range--which is located in Quantico, Virginia. 
The DOD Information Assurance Range was initiated and funded by the 
Comprehensive National Cyber Initiative in 2009. This range emulates 
DOD networks--to include computer network defense (CND) capabilities, 
support to cyber exercises, and testing and evaluation of CND products 
and TTPs. It can operate in a standalone mode or can be integrated with 
other ranges (such as the Joint IO Range). The Marine Corps is 
participating in a Department-wide effort to evaluate an appropriate 
construct for cyber range governance to more effectively integrate, 
resource, and utilize these capabilities in the future.

    Mr. Langevin. How are your Services leveraging both in-house 
graduate educational facilities and DOD accredited programs, such as 
the NSA/DHS National Centers of Academic Excellence?
    General Vautrinot. Air Force Space Command (AFSPC) and Air 
Education and Training Command (AETC) have established a full-range 
cyber training and education construct that begins in Basic Military 
Training and follows a challenging path that includes specialized 
cyber-focused graduate degrees.
    In addition to cyber-focused graduate programs (MS/PhD) in Computer 
Science, Computer Engineering and Electrical Engineering with research 
focused on such areas as encryption algorithms, botnet disruption, 
network intrusion detection, and wireless network security, AFIT offers 
two Master's programs in cyber operations and cyber warfare. The 18-
month Cyber Operations Master's Program provides extensive hands-on 
laboratory experience with both offensive and defensive measures and 
countermeasures, and is open to officers, enlisted, and civilians. The 
12-month Cyber Warfare Degree Program for Majors and civilian 
equivalents provides a developmental education opportunity that 
addresses technical as well as policy and doctrine aspects of cyber 
operations.
    The Information Assurance Certificate Program (IACP) is a subset of 
the Master of Science program. Students completing the required 
coursework are eligible for certificates under National Training 
Standards as an Information Security Professional, Senior System 
Manager, and Senior Risk Analyst.
    On June 19, 2008, the Secretary and Chief of Staff of the Air Force 
designated AFIT and the Center for Cyberspace Research (CCR) as the Air 
Force's Cyberspace Technical Center of Excellence (CyTCoE). The Center 
serves as a bridge between the operational Air Force cyber forces and 
various cyber research, education, and training communities across the 
Air Force, the DOD, and national organizations.
    The Center provides cyberspace professional continuing education 
for currency and professional development of the cyberspace workforce. 
The Air Force's Cyber 200 and 300 are Joint-accredited professional 
development courses designed to increase the depth and breadth of cyber 
operations understanding and to prepare individuals to apply cyber 
capabilities and concepts in Joint military operations. These courses 
are available to and attended by our Joint brethren in an effort to 
standardize training and proficiency across the DOD. The Air Force is 
also in the process of establishing disclosure guidance that will allow 
our international partners to send individuals to Cyber 200 and 300. 
The Air Force also utilizes graduate-level educational opportunities 
offered by our DOD and Agency partners such as the Information 
Assurance Scholarship Program (IASP) and the Computer Network 
Operations Development Program (CNODP). The IASP is open to all Air 
Force officers and is designed to retain a corps of highly skilled IA 
professionals to accommodate diverse warfighting and mission 
requirements. The CNODP is an intense, 3-year graduate-level internship 
at the National Security Agency that develops technical leaders who 
will lead the DOD and Services' employment of cyber capabilities. 
Graduates of this program receive focused follow-on assignments that 
capitalize on their breadth and depth of knowledge.
    Mr. Langevin. Could each of you explain the Command and Control 
Relationships between your respective Service Cyber Components and 
CYBERCOM, regional combatant commanders, and other command structures?
    General Vautrinot. U.S. Cyber Command is the warfighting Sub-
Unified Command for cyber. Each of the Services provides component 
cyber forces to the Joint fight through USCYBERCOM. For the Air Force, 
the 24th Air Force Commander is also designated the Commander of 
AFCYBER, the Service Component to U.S. Cyber Command. This direct 
command and control relationship stems from the authorities laid out in 
Title 10, USC. Operational orders flow from the President through the 
Secretary of Defense to the Combatant Commander to the Sub-Unified 
Commander and then to the Service Components. Under this authority, 
AFCYBER forces support Joint missions as directed by USCYBERCOM. 
AFCYBER, which is collocated with 24th Air Force in San Antonio, TX, 
has its Deputy Commander and a portion of AFCYBER personnel collocated 
with USCYBERCOM at Ft Meade, MD.
    AFCYBER provides operational-level command and control of AF cyber 
forces through the 624th Operations Center. The Operations Center 
coordinates offensive, defensive and exploitation activities, provides 
daily reporting of operations, and manages network operations on the AF 
portion of the DOD network in accordance with USCYBERCOM guidance, as 
well as acting as a Continuity of Operations Plan for USCYBERCOM. 
AFCYBER supports regional combatant commanders through reachback or in-
place participation in the Cyber Support Elements at the Combatant 
Command or AF Component (e.g., AF Central Command) level as tasked by 
USCYBERCOM.
    The Command and Control (C2) Transitional Concept of Operations 
(CONOPS) and the Operational Directive (OPDIR) were released and 
provided guidance for USCYBERCOM and Service Components, specifying 
standard tasks and mission responsibilities for each of the Services. 
Based on these two documents, AFCYBER is tasked with leading the Joint 
effort to provide cyber support to USTRANSCOM, USEUCOM and USAFRICOM. 
AFCYBER works with these COCOMs to ensure cyber effects are presented 
to the Combatant Commanders as required. We continue to provide 
planning and characterization efforts in support of future operations 
through Operations/Concept of Operations Plans and Crisis Action 
Planning tasks from USCYBERCOM.
    We also work, via SECDEF direction through USCYBERCOM tasking, with 
organizations and agencies while operating in support of authorities 
other than our traditional Title 10 role. Through USCYBERCOM, we have 
teamed with the Defense Cyber Crime Center and the Air Force Office of 
Special Investigations, as well as the Federal Bureau of Investigation, 
to work specific tasks under Title 18 authority. We use cyberspace 
operations to support the National Intelligence mission under Title 50. 
Additionally, we work with our Guard and Reserve personnel under Title 
32 to add capacity and capability to AFCYBER.
    Mr. Langevin. The value of red-teaming--threat emulation--was 
proven perhaps most clearly in the Vietnam War with the establishment 
of Top Gun. The Director for Operational Test and Evaluation (DOT&E) 
has identified a shortfall in threat emulation and red teaming 
capabilities across the FYDP. What is each of the Services doing to 
address these shortfalls? Is the DOD investing adequately in the test 
capabilities and range environments that will be needed to remain 
current with advancing technologies?
    General Vautrinot. The cyber red team concept focuses on 
vulnerability assessments and intrusion missions of DOD networks. 
AFCYBER's Opposing Force (OPFOR) construct enhances the red team 
concept by providing a standard process for identifying vulnerabilities 
in a realistic threat environment, as well as capturing lessons learned 
and improving specific cyber tactics, techniques and procedures. The AF 
OPFOR team's goal is to allow commanders to objectively assess mission 
effectiveness and validate lessons learned to improve mission 
readiness.
    AFCYBER employs the Air Force cyber range operated by the 346th 
Test Squadron at Lackland AFB, Texas, to support the full spectrum of 
cyber activities. These activities span capability development and 
tactics, techniques and procedures validation through employment of the 
OPFOR concept in support of Combatant Command exercises like Terminal 
Fury and Vigilant Shield. These ranges are already supporting the newly 
validated USAF Weapons School's Cyber Operations Weapons Instructor 
Course's capstone defensive mission and mission employment exercise, 
allowing for advanced weapons and tactics employment. AFCYBER also uses 
the Joint Information Operations Range to access and leverage the 
latest threat environments and emulations available from other DOD 
organizations, academia, and industry.
    We continue to streamline the procurement process to facilitate 
nation-state capabilities ensuring Air Force Cyber Test & Evaluation 
infrastructure and personnel are able to reflect the changing nature of 
benign and contested cyber environments.
                                 ______
                                 
                   QUESTIONS SUBMITTED BY MR. FRANKS
    Mr. Franks. It is my belief that manmade and natural 
electromagnetic pulse is the ultimate cybersecurity threat. For 
example, an EMP attack on the U.S. would render our communications and 
computer systems useless, and disrupt virtually everything reliant on 
electricity. Furthermore, the DOD relies on a commercial electric grid, 
which is butterfly wing delicate to EMP, for approximately 99% of its 
military installations power requirements. What action is CYBERCOM 
taking to ensure its electricity is not disrupted by a manmade or 
natural EMP event, and how important is protecting the civilian 
electric grid from EMP for CYBERCOM's mission effectiveness?
    Admiral Rogers. Fleet Cyber Command does not have a specific 
program to address EMP scenarios. We have very few facilities that are 
hardened against an EMP event, and even those facilities are not fully 
hardened. However, we have an aggressive program to manage power 
outages, regardless of cause, across our domain. We have robust, well 
managed, critical power systems that provide continuity of operations 
to our mission critical systems. The critical power infrastructure 
includes standby generators, automatic transfer switches, and UPS 
(Uninterruptable Power Supply) systems. For most sites, this 
infrastructure results in zero loss of power or mission when commercial 
power is lost. This equipment is maintained, tested, and replaced as 
needed. Facilities across the domain are routinely evaluated for areas 
where the capacity or redundancy are insufficient, or mission growth 
now requires critical power, and these recommendations are balanced 
against other installation funding needs.
    Given the criticality of the civilian electric grid, the Navy, 
through its DOD leadership, continues to work closely with the 
Department of Homeland Security on how to best to protect critical 
infrastructure in the commercial sector.
    Mr. Franks. Over the years the DOD has invested billions of dollars 
hardening critical components against electromagnetic pulse. My efforts 
to protect the civilian grid against EMP have had a mixed reception. 
Most realize the enormity of the threat and the necessity to take 
action; but others have expressed opposite convictions, and feel that 
EMP is not the threat described in numerous scientific studies and 
reports. Do you assess this investment to be wise or unnecessary? If 
wise, should Congress make efforts to expand EMP protections to the 
civilian grid?
    Admiral Rogers. As stated in the question, science and studies 
indicate EMP is a valid threat to the civilian power grid. Given the 
criticality of the civilian power grid, it is prudent to consider the 
protection of this infrastructure against EMP and all other threats. 
The Navy, through its DOD leadership, continues to work closely with 
the Department of Homeland Security on how to best to protect critical 
infrastructure in the commercial sector.
                                 ______
                                 
                   QUESTION SUBMITTED BY MR. CONAWAY
    Mr. Conaway. During the hearing, you referenced a direct accessions 
program in the Navy. I would suggest that there could be a large number 
of highly skilled cyber warriors that may not see the military as an 
option. Can you expand on the direct accessions program for cyber?
    Admiral Rogers. There are three specific cyber-related skills sets 
the U.S. Navy directly accesses to develop and maintain our cyber 
expertise: Cyber Warfare Engineers (CWE), Information Professionals 
(IP) and Information Warfare Officers (IW).
    Cyber Warfare Engineer: As a means of addressing the increased 
demand for officers with specific computer network operations (CNO) 
focused knowledge, skills and abilities, the Secretary of the Navy 
approved the establishment of the Cyber Warfare Engineer (CWE) 
designator in June 2010. CWE is a restricted line community within the 
information Dominance Corps (IDC) and CWE officers use specific cyber 
expertise to develop CNO capabilities. These CWEs apply the principles 
and techniques of computer science and computer engineering to 
research, design, develop, test, and evaluate software and firmware for 
computer network attack, exploitation, and defense in cyberspace 
operations. In addition to academic, age, and physical requirements, 
CWE candidates must meet strict citizenship and security clearance 
requirements and complete an interview process with Commander, Fleet 
Cyber Command. The direct accession requirement has been established at 
five officers per year.
    Information Professional: Information Professionals (IP) provide 
expertise in information, command and control, and space systems 
through the planning, acquisition, operation, maintenance and security 
of systems. Their roles include leading the Navy's network warfare 
missions, developing tactics, techniques and procedures to realize 
tactical, strategic and business advantages afloat and ashore, and 
driving interoperability with Joint, Allied and Coalition partners. In 
addition to academic, age, and physical requirements, IP candidates 
must meet citizenship requirements, hold one or more active IT 
certifications and complete a professional review board process. Work 
experience in the field is strongly preferred. There are approximately 
555 IPs in the Navy and we directly access approximately eight officers 
per year.
    Information Warfare: Information Warfare (IW) Officers (IWO) are 
the DOD's premier force for Signals Intelligence (SIGINT), Electronic 
Warfare (EW) and CNO. Their mission is to execute the full spectrum of 
cyber, cryptology, SIGINT, information operations, CNO and electronic 
warfare missions. This occurs across the cyber, electromagnetic and 
space domains to deter and defeat aggression, to provide warning of 
intent, and to ensure freedom of action while achieving military 
objectives in and through cyberspace. In addition to academic, age, and 
physical requirements, IW candidates must meet strict citizenship and 
security clearance requirements and complete a professional review 
board process. There are 930 IWs in the Navy and we directly access 
approximately 40 officers each year.

                                  
