 Good afternoon again. Now that you've heard about the strategic and legal challenges to combating the adversary, our next speaker will discuss the importance of building a global network of partners. It is my absolute pleasure to introduce Rear Admiral Heidi Berg. Rear Admiral Berg is the Director of Plans and Policy, or the J5, at U.S. Cyber Command. She has done it all from flying over 1,000 hours as a communications intercept evaluator onboard EP-3E aircraft, to participating in fleet staff talks with the post-Soviet Russian Navy in the Mediterranean while at Sixth Fleet. She also deployed to Afghanistan as Director of the International Security Assistance Force, ISAF Red Team, at ISAF headquarters in Kabul. And she's held multiple command tours. Her most recent assignment was Director of Intelligence J2 at AFRICOM. And as the current Director of Plans and Policy at U.S. Cyber Command, there is no one better to build, to discuss building a global network of partners. So ladies and gentlemen, please join me in welcoming Admiral Berg. And I have to say, as I look out at a room full of lawyers, I am actually comforted. So as we, you know, particularly in this job as strategy, policy, doctrine, planning, and as we do both our contingency planning and our campaign planning, and then with partnerships, our lawyers are such an absolutely critical part of ensuring that we get this right. And I'll talk a little bit about why it's so important and some of the complexities. At a chance to look at your agenda, you've just had, hopefully, a really interesting day and it looks like a fantastic three days. And I am so impressed with both the academia that we have involved in this forum, that you've got industry partners here, that we've got a heavy interagency partnerships, and then of course, you know, 22 international partners representing 10 nations, because that in a nutshell is really what we are trying to build and expand at U.S. Cyber Command. It is not simply the international partners that we all think about when we think about partnerships, what is so critical in this ultimate team sport of how do we come together to address malicious cyber actors who really have some significant advantages with some of the ambiguities and significant advantages with how we have constructed so much of our policy, so much of our programs, our weapon systems, which are designed to be open, designed to be interoperable. Partly because, you know, as we look at the joint force, sometimes our services when we're building things don't necessarily work well together. So creating that interoperability has been a driving force for 50 years. And as we start to look at that, those vulnerabilities, it is this team sport of bringing together the best minds in the academic world, ensuring that we have a strong alignment with our industry partners, oftentimes who can sense threat and sense the network ahead of what we can. And then, of course, as we look at our interagency partners, because of some of the significant challenges that we see with how we craft our partnerships. And I'll talk a little bit more about that as we go on. So first, I think you probably had a chance to get some of the insights in the national defense strategy. But as we look at the national defense strategy in really this idea of integrated deterrence and then the balance between our, thank you, our campaigning activities. So the day to day challenges that we look to put in place to really ensure that we are continuing to deter adversaries against the investments that we need to make to build operational advantage. And so this whole idea of how we deter is really constructed on the ability to ensure that we create that reputational risk so that our adversaries wake up and think, today is not the day. So in order to do that, that really is about ensuring that we are reinforcing the concept, the confidence in our own capabilities and undermining an adversary's confidence in their own. And then, of course, ensuring that as they look at this idea of what the status quo and what those stakes are, if they use force, that that estimate is in our favor. But deterring, just like campaigning, the end state is simply that we are able to continue to create the conditions that we need. That balance is always going to be a significant challenge. And how we deter and how we campaign is how we are also setting conditions for potential conflict. And that means in campaigning, ensuring that we are creating that interoperability with our international partners, that we are creating the policies, the processes, the procedures to be able to do the work that we need to do, again, interagency partners, our industry partners with academia and with our international partners. Our DOD, oftentimes as we look at, particularly when it comes to our international partners and how we are proceeding, there is often a desire to have less strategic guidance. I think in this case, particularly in this domain, the level of strategic guidance that we have has been fantastic with what has been coming out of this administration that provides us that broad policy guidance that enables our ability to move at speed. It is challenging when you don't have the level of specificity and you don't have that level of support given the work that we have to do in this domain in particular. I want to talk a little bit about our partner engagement strategy at U.S. Cyber Command. So our traditional focus had been on really building our full spectrum partners to be able to enable our ability to execute operations, whether it is in peacetime as we go into crisis and into conflict. As we look at the national defense strategy, the national military strategy, our DOD cyber strategy, our DOD cyber strategy, which is creating a fourth line of efforts focused on allies and partners, that it is critical that we create a much more agile and flexible partner strategy. The intent is that as we create this agile and flexible partner strategy that we're able to take one very high demand, low density resources that we have, be able to provide a broader framework when we can integrate both geographic combatant command roles and responsibilities as well as their priorities with functional combatant command roles and responsibilities and their priorities, as well as bringing in other assets and resources that exist to focus and align these resources to advance the partnerships. That would be things like our state partner programs that we have within the National Guard Bureau looking at how our allies and partners, as opposed to how many of you have grade school kids? How many of you have gone to their soccer games? Yeah, you know what I'm talking about, where we swarm the ball. We have got to be able to better play zone defense. How do we align the capabilities and capacities that we have with partners to build our defensive cyber capability and capacity, to build our cyber security, to ensure that that rising tide is lifting all boats as we confront adversaries. This has a couple of key outcomes that are absolutely essential. One is we have the ability to identify where there are potential challenges or friction within our policies. And when we look at international partners in particular, it would be easy, much like I'm a naval officer. So our chief of naval operation, we look at a foreign partner and they've got a chief of naval operation that's easy to see the military to military relationship. It's easy to see who your counterparts are in cyberspace that is much more challenging. Whether it is the intelligence organizations that have one capability under their command, military organizations that have been tasked to do homeland defense or defense of their critical infrastructure, whether you have equally title 10 roles and responsibilities that are very restricted or may look a lot like internal cyber defense similar to what our federal Bureau of Investigation or our Department of Justice has. As we look at each international partner, we see that the relationships that we have to have are not as straightforward. And we have to create the frameworks that enable our ability to bring in all of the stakeholders and enable our ability to create that common framework where we can identify what are our common objectives and starts to work through where is the greatest potential for our cooperation. It may be something as simple as intelligence sharing and information sharing. It may be something as complex as how do we do mission rehearsals for coordinated operations or potential combined operations. And across that range, there is an extraordinary number of opportunities to be able to collaborate together. Ideally, when we look at the sophistication and the advancement, the low barrier to entry for adversaries to be able to conduct operations against the our allies and partners and against ourselves, the ability to leverage proxy forces again creating complexity with our response options and the noise and complexity of the environments that we're operating in, this is driving how we must create those flexible partnerships that allow us to be able to operate really shoulder to shoulder with our partners. When we look at how we are going to effectively advance those partnerships, I often look to our lawyers and it really is that foundation that and I look because literally almost every week we're in talking about very specific opportunities for how we drive together that partnership. And this could be if we're going to do joint capability development, you know, how do we create those agreements that enable and ensure that we are doing this within the legal frameworks that are required? Do we need if we're going to do operator exchanges or we're going to do liaison officer exchanges or we're going to look to create and agrees all of this ensures and requires that we have the appropriate framework in place to be able to do this. Particularly countries where we have not yet had those direct relationships, we need to ensure that we build that foundation and those repeatable processes that allow us to be able to exercise as we go into potentially crisis or conflict. But it's not always that. It is not always about ensuring that we can fight together. Because when we think about the deterrent value of simply the fact that we have these partnerships, that we are sharing how we can adapt to adversaries, the insights that it gives us as adversaries rapidly evolve and develop TTPs that allow us to be able to have that broader understanding, rapidly share that and ensure that by doing so that we can protect that we have the opportunity to protect the United States and understand what's coming at us from afar so that we're playing the away games instead of the home games. What we build the relationships, the networks that that engagement plan that we have in place is what will enable our ability to respond rapidly and will also enable our ability to ensure that when the crisis comes that we know who it is who are the stakeholders and that we can create that coalition. It's interesting when I was junior officer, we were looking at counter piracy operations. And at that time, we had not really looked hard at this was all going through the Babelman Deb and up to the Straits of our Moons. And as we're looking at counter piracy operations, I see a lot of Navy uniforms in there. Has anyone worked with CTF 151? We've got a couple here. So as we were looking at how we're going to do counter piracy operations, we formed this combined task force 151 that really worked with bringing in industry partners, particularly the insurance companies. We brought in some academic partners who helped advise us at some of the root causes that we saw. And as a result of that, we created this task force that when we first started it, I have to say it looked a little bit like the Star Wars bar. We had partners that we had never worked with before. We had partners that generally I had marked as red when we were doing intelligence reports. And yet we all came together as a coalition to work to focus on these piracy operations because it all was about ensuring that we had the ability to have freedom of maneuver in that maritime space. Much of what we try and do, we frame in a similar light, that this is about how we create that freedom of maneuver in cyberspace. How we ensure that we've got the appropriate international rules-based world order but really that appropriate layer in cyberspace that everyone knows where we are driving to. So when I think of some of the practical ways in which we're doing this, we've created a series of kind of regional focuses that allow us to bring together allies and partners as we look at things like the Russia-Ukraine crisis, where clearly there is a broad range of stakeholders that are participating as we look at the counter rush activities. So we look at how we are building a coalition of like-minded partners to look at defensive cyberspace operations in the broader Middle East and North Africa region. And as we look at the Indo-Pacific Command as well, how do we counter those partners? We've created exercise programs, both multilateral exercise programs where we bring together a wide range of operators and we walk through defensive cyberspace operations, policy considerations, doctrine developments, key areas of tactic techniques and procedures, but we also talk about readiness. And this creates again that community of interest and then a bilateral exercise series. We currently conduct a very robust bilateral exercise series with partners such as Israel and our newest partners coming up with with Singapore and we are developing an exercise series that we'll be conducting with Korea, with Poland and with Taiwan. These bilateral exercise series enable our ability to really have focused engagements with how again do we do we build that capability and capacity with our key partners. This area of partnership and how do we create and sustain our broader global network. We have also been very focused in how do we build an academic engagement network. I know we've been kind of thinking through that that international partnership, but the relationships with academia has been essential. In fact, this week we're hosting cyber recon where we're bringing together students from over 10 institutions. We're bringing together their professors and our senior staff and mentors that have been assigned within our senior staff to really think through some of those key challenges and key problems that we are facing that we would like to bring the academic community together and focus on. We're also looking at how do we bring the National Defense University more closely into our coordination and thinking through our problem sets as we build that capability and capacity and that familiarity with cyberspace operations within the broader Department of Defense. So as we go back to our strategic guidance, one of the areas that is a crucial component to our national military strategy is how do we effectively integrate all of these partners and allies integrate multiple domains across the spectrum of conflict to be able to both deter and should deter and fail to prevail in conflict. And as we see, you know, that that concept of strategic discipline as such an essential element of it, how do we weigh and balance against that investment in future capability and capacity against how we are deterring by conducting our operations and continuous or persistent engagement. When we think about trying to balance those, we cannot do it alone. When we look at the force that we have that is aligned to this problem set, we must bring in allies and partners. We must look at how do we effectively burden share. We have got to ensure that we have aligned not just our own interagency partners and our own academic partners, but how do we bring in that that the entirety of that ecosystem together to be able to ensure we've got that consistency and coordination to be able to counter those emergent threats. We've sought to take the lessons learned that come out of the Russia Ukraine crisis and there have been many the lessons learned that have really come out of the last five years of operations as we have conducted that significant transition. You probably talked about it this morning of pre-2018 and post-2018. And how are we going to evolve that as we look at this changing dynamic within the information domain where we've got to truly understand cyber-enabled information operations? How does that get engaged to truly create integrated kinetic and non-kinetic fires? This challenge that we have before us is one that really requires that consistent partnership, the engagement that we are going to need with this global framework that will be a necessary part. But it's not going to be where every partner wants to participate in every element. This is where creating these flexible and agile partners, we're ensuring that we have an ability for partners to engage to the level of their focus, their commitment, their bandwidth and their absorptive capacity becomes such a critical element of where we're driving. So wanted to introduce these broader concepts and then really wanted to hear from you on what are your concerns, are their focus areas, are their challenges that you'd like to address more fully in this discussion. I tell you, as we think through, the problem sets that we are addressing on a day in, day out basis. This has been one where the strategic guidance has been incredibly helpful, but we have significant areas that we still need to really get a better collaborative understanding with what our approach is going to be and how we are going to drive forward. The challenges that we face, and I think back to my early days of Cold War, which were really focused on just a single adversary and again, really within the three domains, we have a much more complex environment that I know all of you navigate day in and day out. But how we do it, how we create those elements of cohesion that we need to have in place between our adversaries, ensure that we've got the appropriate frameworks to proceed, I think it takes us from simply the concepts that we want to advance to achieving concrete deliverables, concrete outcomes. You'll have an opportunity tomorrow morning, I think, to hear from General Nakasone. You know, as we think through our DOD cyber strategy that is about to be released, has not yet been released, that key element of partners and allies and what that means to truly operationalize this, the other key element that we think of is risk. Because I think as we have seen from the unauthorized disclosures that have taken place that are well trumpeted in the press, we always think through the risks associated with the broader expansion and exposure of some of those military advantages that we currently have in cyberspace. And as we think through those balancing of the risks that we have with the benefits that we have of again pursuing these partnerships, building that common lexicon, exercising together, operating together to ensure that we're able to counter adversaries, I think the risk element is one that we have to address, that we have to ensure that we are addressing both our risks to mission with clarity and with precision, and that we are also focused on understanding what the aggregated risks are. Because every time in these multiple layers where we are making these independent risk decisions, there is an element where that boils up and that's an area that we want to ensure that we are laying out what those risk decisions are for each of it. But I think we're at a point and I think that we have established a level of trust with many of our partners that we're taking the risk decisions that frankly would have been unimaginable 15 years ago, even 10 years ago. And that is as we face, I think as we've faced malicious cyber actors and the growth of these proxy forces, it is one that if we don't ensure that we are operating in a manner that allows us to be able to have those that coalition approach, it will be near impossible to ensure that we can confront these challenges individually. So with that, I want to open up for any questions that anyone has or any topic areas that that you'd like to address more fully. Please, sir. Thank you very much, ma'am. Lieutenant Commander Mike McCarthy, Officer Jag, Canada. So as you noted, militarily, we're used to working together, we used to operating together. On the intelligence agency side in particular, there are lots of networks that they they already have. Can you perhaps pass on some of your best lessons learned in how you've managed to take all of those separate things, put them all together? So as we as we move forward to build those really important partnerships you've discussed, ma'am? Yeah, no, that's a great question. And I realize now my my fear is fully justified as I look to ask a roomful of lawyers questions. But really, it's so so as we look at and give a specific partner example, but but I think oftentimes we will have intelligence agencies that will own the, you know, when it comes to the offensive cyber aspects, defensive cyber owned by the military, there will be parts that we would look at for Homeland Defense that that that have elements within both. And yet there are specific both, both, I would say military and an intelligence relationships that have to be a part of it. So one of the things, you know, is we that the the construct that the United States has, I would say is is probably unique. So oftentimes, we like to, you know, to tout this is how we would do x, y or z. This dual hat where we've got a National Security Agency director and a US cybercom commander as one in the same with the two separate organizations. Clearly, not a lot of folks have that. So critical for us is to rapidly identify both what are the stakeholders and what are their authorities. So understanding the the authorities element and in who those stakeholders are as really a first element, then bringing together a management framework or an oversight framework is an essential element. And that allows us to rapidly identify what are the areas of cooperation or collaboration that we're really truly that we see as common objectives and common goals. And these are truly bilateral discussions that we want to have. Oftentimes there may be areas that there's a desire to partner, but it really falls outside of our authorities. We have an opportunity then either to to continue to bring in other interagency partners to ensure we've got that kind of focused effort or focused engagement. Or do we look to to keep our framework associated and focused on either our, you know, defense of military networks. Or you can also expand that to look at things like malicious cyber actors or malware focus or ransomware focus that that may be part of that construct. Again, as you get that agreement, laying out with those critical lines of effort that you want to advance, what are those those key paths that you see as as essential for advancement allows us to ensure that we've got the right policy framework in place that we ensure that we've got the agreements in place and and allows us to have a very deliberate approach to to the way ahead. Frankly, I think another key element is to really look at particularly with a bilateral framework that we have with our closest partners is that you want to have a multi year plan. Many times ensuring that that that it is not a one and done where oftentimes, you know, your ability to detect and mitigate one thing. This is a problem that's like mowing the lawn. We're going to have to do this forever. We are going to have to ensure that we are bringing in things like, you know, some machine learning potentially AI capabilities and we're doing it in a way that is legal and ethical. But the best practices and lessons learned that we can get from each other are a critical element, I think as well to how rapidly we're going to be able to to do this. And then lastly, to really shift away from, you know, again, I've been in the military many, many decades. And in our ability to innovate is often really hampered by some of the structure that we put in place to reduce risk. So taking on risk in how we're able to do spiral development, how we're able to really innovate in this sphere in this domain is going to be absolutely essential. And we can't do that without industry partners. So as we look at a bilateral international relationship, how do we bring in some of the industry partners that can truly be helpful to to advance our outcomes? But great question. Did that Thank you very much, ma'am. It was great. Okay, I didn't know if I was hitting your your question, sir. Good afternoon, ma'am. Frank Shaw from Army Cyber. So it seems that with multinational exercises, there's this visible and tangible display of solidarity where both the civilians and adversaries can see that, you know, that we're working with our partners. Do you think there's a risk of losing that or challenge with losing that visibility when it comes to cyber operations where it's harder for the civilians to see that? And how does that messaging work to continue that show of solidarity? Yeah, no, that's a great question because, you know, frankly, I would say a great example of this is some of the international discussions and public discussions on Russia, Ukraine, right? So sometimes you hear this narrative like Russia, Ukraine, cyber was a dog that didn't bite. And in this idea that that really cyber didn't play much role because it's just not that visible. But there's there's a couple elements to this. So first, there is an absolute deterrent value. I completely agree with really the public ways in which we come together. And so exercises, doing conferences together, where we have cooperation announcements that we can make on cooperation, where we can have those engagements all create an atmosphere and all create a contribution to that deterrence value in this idea of an adversary be facing again more than one that we're doing that collaboration coordination together. But when we're doing operations together, there is also I think even though it is not as visible, it is oftentimes very visible to an adversary. That's where, you know, again, as we look at that, ensuring that we've got close cooperation and coordination with industry partners who can sometimes through their own sensing convey things in a public setting that that again, we wouldn't or we couldn't. But you've also seen through I think Russia, Ukraine is another great example of where the use of information and the use of intelligence has been really unprecedented, both in our ability to use it to build the alliance and partnership and then to ensure as we have identified where adversaries are planning on taking action, you've got an ability to really throw off kind of false flag operations, etc. So when it comes to, I think partners, I think there is an element that there will be recognition, but you've got to continue both, right? I think that exercising that participation, that public narrative, how we are demonstrating our continued resolve as a coalition or as an alliance, as like-minded nations. So even if we're not intending or we have partners that really don't want to develop some of the capabilities or some of the approach or are concerned about, you know, the neighborhood they live in, there are still ways that we can collaborate. And frankly, some of the, you know, when we think through things like how we come together on, you know, countering ransomware actors, protecting our own and protecting others' critical infrastructure, ways that we can do counterterrorism, all of these are things that I think are areas that we've got significant mutual equities and mutual objectives. Please. Ma'am, Nate Kerns, I'm the National Guard, Liaison, U.S. Cyber Command. I wanted to ask you as you began discussing the state partnership program. And I spent half my career active duty and now probably a little more than the other half so far in the National Guard. And I've seen in certain countries there's a state partnership program that is robust of a 30-year relationship where the, you know, Lieutenant of 30 years ago is now the admiral of today and they've had that robust relationship with that partner nation. I was wondering if you could address your thoughts or opine a little on the ways in which the active duty may be able to leverage that relationship with that already existing bilateral partner. No, great question. Frankly, you know, when I was at AFRICOM, having a chance to see the state partnership program in action absolutely rocked my world. They had the presence, they had persistence, they had those deep relationships, and they had trust. And when we think through all of this and what is such a critical element, whether it's an industry partnership, an interagency partnership, or international partnership, trust is really that foundation. And what our focus is, as we see, there are some state partner programs with extensive and cyber capability and capacity. There are others that don't. And again, there's a variety of reasons for it. But one, we want to ensure that we work and collaborate with the National Guard Bureau on what those standards are so that we've got consistency across the state partner program. If you're going to get this kind of, you know, cyber training that those standards are met and that there's consistency across it. So, whether it's a work role, that specific training, or some of the collaborative training, it would be similar. But second, that there is that broader awareness and understanding so that we don't have, you know, multiple, a partner that's asking for something and we have both a cyber component, say Army Cyber, plus US Cyber Command, plus US Central Command, plus a state partner program, all doing the same thing, but we can instead look across our priorities and ensure that we are allocating our resources to go against our highest priorities. There's also, you know, the potential for other international partners that are executing some training and getting that broader awareness and the ability to be able to make more informed decisions about where we apply it is really what we're driving towards. But the state partner program, incredibly impressive, we have seen, you know, from the work that the Maryland National Guard has done with Estonia, to the work that Texas has done with Egypt, I mean, it is impressive that the scope and scale of what can be done. So it's really thinking through all of the capability and capacity that we have across the Department of Defense and how do we best align it to be able to really advance partner requirements and advance partner needs. But, yes, the state partner program, I think is going to be one of those key elements. And General Zana has been, I think, an absolutely fantastic partner as we've sought to start to build those, build both those standards as well as build that better integration that we see through that broader awareness. It's the beauty of being the end of day. So thank you all so much for the opportunity to come and talk to you. It is truly an exciting field to be working in. It's an incredibly exciting demand. Your services are needed in just about everything that we do and are going to be a critical element to ensuring that we create this sustainable legal ethical framework that's going to allow us to have the partnership across the range of actors that we want to continue to partner with. Really appreciate your time and attention. If you think of questions later, just ask Sarah, because she's the one who's probably going to answer them anyways. But thank you all.