Washington D.C.House Armed Services Committee Ranking Member Adam Smith released the following statement for today’s committee hearing on the Department of Defense cyber strategy:

 

Thank you, Mr. Chairman and thank you to the witnesses for appearing before us today on the Department of Defense’s (DOD) new Cyber Strategy released in April 2015. I look forward to hearing the witnesses’ perspective on the five strategic goals, their views on the objectives outlined in the strategy in order to achieve those goals, and what else we should be thinking about to improve the posture of the Department of Defense in the cyber domain. 

Cybersecurity is an issue the Chairman and I have been focusing on throughout our tenure on the House Armed Services Committee. Our time on the Emerging Threats and Capabilities subcommittee gave us great insight into what has been recognized since 2013 by the Director of National Intelligence as the number one strategic threat to national security. We’ve worked in coordination with the Department of Defense, across the whole of government, and with the private sector for many years to better enable the country to deter, defend, and respond to cyberattacks.

Despite best intentions, as a nation we are not keeping pace with the sophisticated and ever evolving cyber-threat. The DOD has made progress but as Admiral Mike Rogers noted in his June 2015 vision and guidance for U.S. Cyber Command, “the Department is still in the early stages” of “harnessing the power of our nation’s cyber enterprise.”

I believe the new cyber strategy will better guide the Department in its efforts to harness the cyber enterprise. The five strategic goals – building and maintaining ready forces and capabilities; defending the network, securing data, and mitigating risks to missions; being prepared to defend the homeland and U.S. vital interests from cyberattacks of significant consequence; building and maintaining viable cyber options and plan to use those options to control conflict escalation and shape the conflict environment; and building international alliances and partnerships to deter and increase stability – set the stage for the U.S. to gain an advantage across the cyber domain. An advantage we desperately need as evidenced by the recent hack of the Joint Staff unclassified network.

Yet not all of these goals and objectives are necessarily new concepts. Many are significant issues the Congress and Department have discussed for years. Yet execution of the objectives has presented technological, policy and doctrinal challenges at the tactical, operational and strategic levels. The new strategy provides us an opportunity to confront and address those challenges so our goals can become realities sooner rather than later.

For instance, we know the Department needs qualified military and civilian personnel in order to build and maintain forces to conduct cyber operations. But how does the Department compete with the private sector for highly skilled individuals, especially in a budget-constrained environment?

 This committee has also been hearing about the necessity for an effective cyber deterrence strategy for several years. Time has shown the need for such an effective policy has only grown but we are still grappling with how to approach deterrence given the difficulty of attributing attacks and the overall strategic implications of such a policy. Deterrence requires us to relook at the way we tend think about warfare, about what constitutes an act of war. I look forward to the witnesses’ views on this issue, as well as how we can operationalize other aspects of cyber.

These are just a few of the issues I hope we examine today.

Thank you Mr. Chairman, I yield back.