WASHINGTON -- Pentagon officials addressed emerging cyber challenges and the game plan to confront them in remarks Thursday before the Senate Armed Services Committee hearing on foreign cyber threats to the United States.
Marcel Lettre, under secretary of defense for intelligence, appeared with Navy Adm. Michael S. Rogers, commander of U.S. Cyber Command and director of the National Security Agency, to clarify the tasks at hand.
"We confront no fewer than five immediate but also distinct and evolving challenges across all operating domains," Lettre said. "We are countering the prospect of Russian aggression and coercion, especially in Europe, something we've … energetically had to renew our focus on in the last several years."
Lettre said the Department of Defense is managing historic change in what he called perhaps the most consequential region for America's future, the Asia-Pacific. In addition to monitoring risks associated with China's destabilizing actions in the region, he noted DOD is checking Iran's aggressive influence across the Middle East.
The under secretary also outlined efforts to bolster deterrent defense forces in the face of North Korea's continued nuclear and missile provocations, as well achieve a lasting defeat of the Islamic State of Iraq and the Levant and al-Qaida.
Lettre explained the DOD has named the efforts "4-plus-1," or the four state-based challenges and an ongoing condition of battling terrorism. "Each of these security challenges -- China, Russia, Iran, North Korea and global terrorist groups such as ISIL -- presents a significant cyber threat dimension to the U.S. military."
And cyber, Lettre emphasized, is an operating domain that is real, complex, dynamic, and contested. In recent years, DOD has pursued a comprehensive strategy for maintaining the necessary strategic dominance in this domain, he said.
DEFENDING AGAINST CYBER THREATS
Defense Secretary Ash Carter has pressed for DOD to change, adapt and innovate to meet not only today's challenges but also ensure an effective defense against cyber threats well into the future, Lettre said.
"We have built and continue to build the means and methods that will strengthen our relative position against each of these dimensions of the cyber threat," he added.
The U.S. government's cyber policies reflected in presidential policy directives and executive orders provide guidance on the absolute necessity of a whole-of-government approach, critical to protecting the United States, the under secretary said.
Currently, DOD has developed and refined cyber mission objectives, he said, which include defending defense networks, providing cyber options for military commanders and defending the nation against cyberattacks.
Since 2009, DOD has matured the cyber command to ensure clear command responsibility, authority and growing capabilities essential to cyber operations, Lettre said.
According to Lettre, DOD will continue to develop and refine its national cyber policy framework, which includes the evolution of all dimensions of the deterrence posture -- encompassing the nation's ability to deny the adversary's objectives, impose costs, and ensure a resilient infrastructure to execute a multi-domain mission.
"This refinement and evolution and our deterrent thinking capability will further empower decision-making at net speed," he explained.
Cyber command, Lettre asserted, is doing more to protect the nation and support global operations than ever before. "We need to continue, in fact, accelerate this maturation," he urged.
Lettre also said he champions a deepened partnership between the government and the private sector and between the U.S. government and allies.
ASSISTANCE FROM U.S. INDUSTRY
"We must continue to seek help from American industry, the source of much of the world's greatest technology talent in innovating to find cyber defense solutions, build resiliency into our critical infrastructure systems and strengthen our deterrence," Lettre said.
Rogers warned of taking for granted the interconnectivity built into every facet of users' lives, saying that malicious cyber actors who seek to harm Americans use the very same internet, communications devices and social media platforms "that we, our families, and our friends here and around the world use."
"We must keep pace with such changes," he said, "in order to provide policymakers and our operational commanders the intelligence and cyber capabilities they need to keep us safe."
That means understanding our adversaries, their motives and their attack methods, Rogers emphasized. Confronting cyber threats requires technology assets, as well as talented, motivated people.
"We are investing more than ever in the recruitment and retention of a skilled workforce that is knowledgeable, passionate and dedicated to protecting the nation for the safety of our citizens and of our friends and allies around the world," Rogers said.
"We need to invigorate the cyber workforce to think creatively about challenges that do not ascribe to traditional understandings of borders and boundaries."