 Good morning, everybody. I'm Lauren Leid at CSIS, and it's a real honor to have this morning Vice Admiral Jan Tai, if you were going to look up superstar in the dictionary, or over a cheerer. Her picture would be there. She's a graduate of the Naval Academy. She has a master's in applied math, a PhD in electrical engineering from the postgraduate school. She is a graduate of the Defense Language Institute study Russian. She began her career as a cryptologist, which became an information warfare specialist, and is now the commander of Fleet Forces Cyber and the Navy's 10th Fleet. She's about six months into that position. She has served at multiple senior levels across the cyberspace enterprise, and both at the joint level at Cyber Command and within various Navy commands. And also, as her academic credentials are well-prepared for on the institutional side as the interim president of the Naval Postgraduate School. So she has graciously agreed to come talk a little bit about what Fleet Forces Cyber and 10th Fleet are, how they are evolving and where they're headed in the future, and then we'll engage in a conversation with you. So if people could turn off the ringers on their phones, we would appreciate it. And when we get to the question and answer period, if you would raise your hands, and we'll come around with a mic, and if you could briefly identify yourself and be succinct, we would appreciate it. Again, thanks for coming. Admiral Tai, over to you. OK, thank you very much. Well, thanks for coming out in this treacherous weather. Hopefully it'll be worth your time and effort and danger to get here. I thought I would give you a little bit of the Navy perspective today on how we are approaching, principally, the cyberspace problem. And why would the Navy perspective be different than the Army perspective or the Marine Corps perspective or the US cybercom perspective? Largely, our perspective is not different. You've heard Admiral Rogers talk about cyber being a team sport. Well, that is incredibly true. On a daily basis, we're collaborating across the DOD with our interagency partners and even with corporate security firms on how to best operate and defend the networks, the DOD networks, the Navy networks. We're sharing lessons learned, particularly across the other services. We are learning from each other. We're training to a joint standard. But at the same time, we recognize that principally with cyberspace, we all tend to approach it from our service perspective. Navy freedom of action in cyberspace is necessary to accomplish all missions that the Navy is expected to accomplish on behalf of the United States, winning wars, deterring aggression, freedom of the seas. And so our ability as a Navy to bring capability to the Department of Defense, to the co-coms, is critically linked to our cyberspace capabilities. And so each of the services recognize those dependencies. And as we evolve our capability and our ability to operate and defend in cyberspace, understanding what the synergies are with other missions across our services and with DOD is an incredibly important optic to have as we're moving forward. So just to describe a little bit about how the Navy thinks about cyber, put it in the larger context of information dominance. Beginning around the 2009 timeframe, we began to organize and resource and acquire things through the lens of information dominance, bringing information capabilities together. So what is traditionally a two type of a portfolio, if you start at the echelon one, the OPNAB, the CNO staff, we've brought the N2 organization, intelligence type, all types of intelligence, together with the SIX organization, which is communications and signals and cyber. And we brought in some other capabilities that were linked in with various platform type sponsors, submarine air, surface platforms that were data links that were about bringing information together to create the N2 and SIX, which is a single organization at the OPNAB level. And the next step in that evolution was the establishment of Fleet Cyber Command as the operational commander for networks, cryptology, electronic warfare, cyber, EW, and space. Most recently, sort of in our evolution of how we're embracing information dominance and cyber, as a part of that, is we've created what we call a type commander in the Navy. So this is what all of the other war fighting areas in the Navy have to focus on generating readiness for surface warfare, for example, or for air warfare or for submarine warfare. So we have type commanders that generate readiness and flow that readiness to operational commanders. And so we're beginning to organize our cyberspace capabilities and the larger information dominance, it's not all cyber, the larger information dominance capabilities in the same way that the Navy organizes all of its other war fighting capabilities. We think about information dominance across three pillars, assured command and control. Clearly that's important to the Navy as we operate in peacetime and wartime forward. Our ability to command and control and communicate with our platforms at sea is critically important. And so assuring that Navy command and control is incredibly important. We've got to bring battlespace awareness to commanders in the Navy forward. So that is operating intelligence surveillance and reconnaissance capabilities that are within the Navy, leveraging capabilities across the other services in our national agencies and bringing together the best possible information for decision makers wherever they may be in terms of battlespace awareness. The third pillar is integrated fires. And so from our perspective, when we think about electronic warfare, delivering non-kinetic cyber warfare, delivering a non-kinetic effect as part of a war fighting plan or campaign, that's an aspect of it. The other aspect of it is delivering kinetic effects. You've got to be able to get targeting information. You've got to be able to command and control those things. And all of that is based on the availability, integrity of our communication systems, of our command and control systems and how we interact with the launching platform and the weapon. And so bringing all of those things together at the echelon one level and thinking about that as from a resource sponsor perspective is how the Navy is approaching information dominance in general. And now we have an operational commander and now we have a type commander. And so this is beginning to regularize how we do information dominance inside of the Navy. When you bring it down to the Fleet Cyber Command level, I'll neck it down to be my responsibilities at Fleet Cyber Command and 10th Fleet responsible for Navy networks for cryptology and SIGINT, for IO, cyber and electronic warfare and space. So the space, the Navy portion of the space constellations that we have out there, we actually are the operators of that constellation. Because I have those responsibilities inside the Navy, I serve as the Navy component commander to US Cyber Command. I serve as the Cryptologic Component Commander to NSA, CSS. I serve as the Navy component commander to STRATCOM for the operations of the space capabilities. But the key part of all of that is operations. And so I am viewed as the operational commander to operate Navy networks, communications and to defend those Navy networks and communications, not a service provider, not an enabler, not the CIO, not the policy writer, not the acquisition organization or the resource sponsor, I'm the operational commander. I'm driving all of those people. I need all of those people to be the supported commander to do their part of the job. But thinking and thinking across the Navy about Fleet Cyber Command and 10th Fleet as the operational commander in this space is something that has been evolving over the last four years. I also have a supporting role to other maritime commanders or to the joint commanders and all operational commanders have those kinds of supporting activities as well. I like to think about our success as Fleet Cyber Command within my domain. We are trying to get to a place where we can measure our success based on basically five high level goals and figuring out how to exactly measure this is something that we're refining as we go. But the first one and most important is being able to operate the Navy network as a war fighting platform. That includes our Fleet communications actually our space assets and our networks all together because I have responsibility across all of those. Those have to be available and they have to be secure. So we have to juxtapose those two things. How available are the networks to anybody who needs to be able to use them and how confident are we that there are no malicious actors in there or that the data in there is what we expected the data to be or that the communications flowing from those networks are what we expect. And so operating the Navy networks as a war fighting platform is a principal goal that we're gonna begin to measure that we will measure ourselves and create strategies around continually improving our game in that space. The second is under my SIGINT and Cryptologic hat. We provide SIGINT to both maritime supported commanders directly. We provide SIGINT packages capabilities and people to embed within our forward operating forces and then we provide people to the National Security Agency the Navy part of the National Security Agency Central Security Service to conduct their National Foreign Intelligence mission. Third goal is that we'll measure ourselves is being able to deliver effects in support of war fighting objectives. And so again that hits back on our electronic warfare requirements, information operations and cyber. I have a role as the Navy component commander of the U.S. cyber com as the joint force headquarters cyber whereby I will represent U.S. cyber command to combatant commanders to oversee cyber operations on behalf of those combatant commanders and create capabilities that can be integrated in to their war fighting plans and their capabilities. And so we're gonna measure the goodness of our ability to deliver war fighting effects in that. And then finally the last piece it's kind of inherent in the first goal but being able to create situational awareness whereby I can make good decisions about how we maneuver Navy networks whereby I can share situational awareness the cyber situational awareness with supported commanders as well so that they know when they're trying to accomplish their mission, how secure, how available, how do we fight through if there's adversaries out there on the network to accomplish their missions as well. So being able to share with our partners across the Navy with U.S. cyber command and the other services, information about our networks is gonna be critically important to our success as a DOD. So whether we like it or not cyberspace is an established operational war fighting domain and just like the maritime and air and space domains this domain has to be defended and through this domain we will deliver those war fighting effects against adversaries that wish to do our nation or our allies harm. The threat in cyberspace is evolving on a near daily basis. Arguably cyberspace has profoundly changed the way that we live our lives, the way that we conduct warfare, the way that we do business. It's presented opportunities for goodness and it's presented opportunities for those with less than good intent, malicious intent criminals. The scope of the problem runs from, when we think about it, we have everything from criminals to hacktivists to nation states conducting espionage in support of their own national interests, to people conducting destructive or disruptive attacks to express displeasure or to have a debilitating effect on some company or some nation or some set of actors. All of those different types of problems come from different types of motivation. Some of it is clearly profit driven, some of it is trying to gain a competitive advantage both from an industrial perspective or from a war fighting perspective, being able to take data about capabilities that have been developed or intellectual property that has been developed and take it to instantly delivering capabilities without all of the research and development that has needed to go in, gives a competitive advantage without having to put all of the work in. And so we've seen all kinds of different actors out there, Estonia, Saudi Aramco, Razgas, Sony Pictures most recently, we have all types of different actors using different motivations to go in and exact their will through cyberspace. Because of the low cost of entry, we don't always have an ability to attribute particular intrusions to any particular nation state or actor. It's really hard in a lot of cases to determine the intent of those malicious actors when they gain entry into your network. And so we tend to, within Navy networks, think of it as we have to treat those attempts at intrusions or suspicious activity on our network as the most dangerous, which would be a destructive type attack or a poisoning for a destructive type attack in our networks. So we're approaching it sort of in two different dimensions within the Navy. We think about those opportunities that our network presents to malicious actors as the intrusion attack surface, just like you would in a regular war fighting domain. How much opportunity do you present for malicious actors, be they criminals, be they nation states, be they hacktivists, be they somebody that just stumbled into your network because they were looking for opportunities. How much opportunity do you present to bad actors to intrude into your network or to move laterally when you get there? And so there's a lot of people involved in reducing the attack surface for Navy networks. Because on a daily basis, that attack surface tends to grow and shrink when an operator gets online and clicks on a spear phishing email, potentially introduces opportunities for malicious actors to get into our network. When we delay modernization of systems, we are delaying the upgrade of operating systems, which means it's very difficult to defend in old operating systems against new zero day activities. When the new zero days come out on any given day, and it seems to be every given day these days, suddenly your attack surface has grown wherever you happen to have that vulnerability throughout the Navy network. And so taking actions to crunch down that attack surface to be as small as possible, it's not gonna go to zero. Even if you had it perfectly, everything patched. Every operator understanding the nature of his or her behavior online, every day a new vulnerability potentially is gonna be found. And so we recognize that there's gonna be an attack surface. Let's try to make it as small as possible. And we have a lot of opportunities and people working on that across our systems command, across the op-nav staff, across our type commander. Make that attack surface as small as possible. And then we have the layered defense in depth that runs from the boundary of our internet all the way down to an individual computer inside of Navy networks. And that defense in depth depends upon those first couple of layers, U.S. Cyber Command and DISA are involved in defending. And then we get down to the Navy boundary and we have sensors and countermeasures that are witting of potential types of attacks and threat vectors that we've configured to prevent intrusions into our network or detect intrusions into our network and detect movement inside of our network. And so we're using, basically we think of it like in ISR, intelligence, surveillance and reconnaissance. We use intelligence to track the threat actors that are out there and inform how we maneuver our network or how we arm our defenses against those threats. And then we do surveillance inside of our networks using sensors to detect or try to prevent any kinds of intrusions or malicious activity on our network. And then finally we have people that go hunt. They go hunting in our networks because if the passive sensors don't do the trick, we need to have people go out and verify and look for bad actors in new and different ways. And so that is sort of the approach that we're taking and we have quite a few initiatives across the Navy that get after those types of changes, both cultural, educational changes to how we do acquisition, how we do requirements, how we plan and program for the cyber threat that is unknown in the future but we know what's gonna be there. And so we have lots of initiatives ongoing. You've probably heard about Task Force Cyber Awakening. There was a few articles on that a few weeks ago and that's getting after how we make investment decisions and what are the right processes by which we deal with future cyber threats within our system. And so with that, we are focused on the Navy network, the security of the Navy network, the integrity of the Navy network. But we also know that that kind of focus is not sufficient to protect all the Navy interests in cyberspace. One of our great problems also revolves around the loss of data that is of value to Navy inside of our defense industrial base. On a fairly routine basis, we are losing great intellectual property and important data to the Navy out of the commercial sector of the defense industrial base. And so that becomes a problem because our warfighting advantage when those types of unclassified but sensitive information that lives in the defense industrial base unclassified networks is given to people that it was not intended for. And so it can reduce our warfighting advantage in future conflict. It can result in operational security lapses and losses in terms of how we operate in the Navy where we're going or what we're doing. And it can greatly accelerate potential future adversaries capabilities if they can just take what we are building and build it themselves. And so we are working with law enforcement, FBI and our NCIS and US Cyber Command to try to get after better sharing of information and try to get to a place where today we're in a reactive mode. So we find out about it after someone has broken in. Law enforcement or NCIS goes out and takes a look at what was taken. We do forensics on what was taken. We do a risk assessment on what it means to the Navy. But that's where our cybersecurity sort of started out within DoD 10 years ago. We were reacting to intrusions. We need to get the rest of the defense industrial base to a place where we're more proactive. Where if there is a suspicious activity in those networks that our defense industrial partners have an opportunity and ability to do something about it before it becomes a loss. And so getting to better sharing in real time sharing is something that is really important to us. That is true for the United States Navy and their defense industrial based partners, but it's as equally true with the rest of government in terms of bringing the power of all the information and our sensor information together and having the entire government benefit from the information that we have, the responses that we could generate for that. So with that, I think I will throw it open to questions. Okay, great. Thanks. I've covered a lot of waterfront questions. Oh, sorry. Appreciate it. I'm sorry. So let me start with two quick questions if I could. You talked about utilizing and the evolution of information dominance as a war fighting function in every sense and the institutionalization of that and the delivery of integrated fires in particular. Recent joint doctrine has emphasized cross domain synergies and clearly the delivery of integrated fires and cyberspace's role in that addresses affecting cross domain from cyberspace to other domains. How would you characterize, how far along are we conceptually in having, thinking about the other domains, delivering effects into cyberspace in ways that help really realize those synergies? I mean, how much potential is there and have we realized it? Yeah, if I understand your question correctly, I think we're still at the beginning. I mean, being able to integrate the cyber aspects of how you would project power and defend your own capabilities into the overall combatant commander war fighting plans. I mean, that's what combatant commanders do. They bring the capabilities of the Army and the Navy and the Air Force and sometimes the Coast Guard and special operations. They bring it together and achieve effects with the integrated application of those capabilities. And so when it comes to integrating cyberspace in, we have been exercising it, to some extent in the abstract. Right. To some extent in the abstract, we've been exercising both the defense of cyberspace for the warfighter and their ability to project power or to achieve some effect that either couldn't be achieved or we don't want to achieve with a kinetic effect. Does that get at your question? I didn't ask the question very well. I think we have made a lot of progress in thinking about how to deliver effects through cyberspace in support of operations on land and in the sea and in the air. Have we fully fleshed out thinking about how to deliver effects from air or land or the sea to enable cyberspace operations? Go the other direction. Well, I mean, I think to some extent, in the mutually reinforcing way, I mean, is it that, is the thread woven yet in that regard? I don't know that we have the expertise built to perfectly say that we've got it, right? But I mean, in some regards, you've seen some of the, we've used kinetic against command and control. Right, right. And that's not really different than cyberspace, to some extent. So we've gone after command and control kinetically since the first Gulf War, at least. That's what I remember. That's as far back as my memory goes. So, to some extent, we always view that as an option and even in some of the exercises we've done in the last several years, we've looked at it from both perspective. We've set, from an exercise perspective, we've set it up a target as a non-kinetic and something went wrong and we couldn't get to it. It's just part of the exercise. What do you do now? Oh, let's consider hitting it kinetically. And so we are thinking about those things together. I think as we mature and grow the force, part of the cyber mission force, we will get better at planning in a more integrated fashion, and less at abstractly, if that makes sense. One last question on your point about the Defense Industrial Base and the evolution of that very complicated conversation as it extends beyond the traditional Defense Industrial Base, which as the Defense Department seeks to leverage less traditional defense suppliers, particularly in your realm, how do we do that if it's not, I mean it's hard enough with the big defense companies that we traditionally do business with and if we're trying to expand that network, so to speak, both literally and figuratively, how are we gonna get to that space, do you think? How do you see that conversation evolving? Well, I think there has, for a great many years, been a lot of pressure put on obtaining capabilities, particularly in communications and networks, for the lowest price. So that pressure to be efficient from a fiscal perspective is juxtaposed in some cases with being secure, knowing where you're getting that router or that switch from at any given time, knowing that it's assured and that you know what's sort of running on it. So I think we are, we've been talking about supply chain risk management for a long time. I think we are getting better and better in inculcating that into our acquisition process in a way that we have to be more assured of what we're buying. But there will continue to be, because of the pressures on the budget, a push on our acquisition system to get it at the lowest price. And the lowest price isn't always the most secure. And so this gets back to sort of that cultural challenge of, well, it's just IT and it's administrative thing. So go get it for the cheapest price. Industry will bring it. They'll bring the innovation. You don't have to worry about that. That's one line of thinking that we've sort of been operating under in the past. And the other part of it is you would never buy a weapon system in this manner. Nobody goes out and says, let's go buy the cheapest fill in the blank. We study what we should be buying. What is within the realm of the possible with physics and technology? And we understand how capable that's gonna be before we go out and buy it. And so we have to bring cyberspace more into the realm of thinking about it like we're acquiring a weapon system. It has to be defendable. It has to be defendable. Okay, if you could wait for the mics, we'll start up here and briefly identify yourselves. Let's go here, here, and then back there. Thank you very much for the form. It was just announced, I guess it hasn't formally announced that Ash Carter will be probably the new Secretary of Defense and he was the Chief Weapons Buyer. So will that be helpful to you in buying cybersecurity systems in a weapons kind of mode? Second part of the question was, just at International Sea Power Symposium, was cybersecurity a topic there? And how does the US help our NATO allies, other allies around the world be secure? Sure, great question. You just asked if the potential future next Secretary of Defense will be helpful to me? Depending on operation. Yeah, depending on operation. Certainly, over the last several years, he's been very involved in the discussion and the debate around cybersecurity, how we're building it in. He's been a primary driver. So it's not a new conversation. Whether you're coming from the private sector or a different part of government or the DOD, we all are dealing with these cybersecurity problems. But clearly, the DOD view and how we continually up our game to meet the threat is something that he spent a lot of time in the past couple of years working through. So I think that could be a very good thing for us. But as I said, we've all got different perspective whether you're coming from the corporate side or the DOD side, we have committed, we've made a choice to make sure that we are moving forward in a way that accounts for cybersecurity in everything that we buy. And I think that'll be great. Your second question. International C-Power. It was brought up as a topic of discussion at the International C-Symposium and it wasn't sort of on the agenda but it was brought up as a topic of discussion and agreed to that the next get together, not the next ISS but the next get together. In Singapore, there would be sort of a more focused discussion in terms of how we all collaborate from a maritime perspective in cyber and what the risks are. Here and then back there and then we'll go over here. Hi, Laura Seligman from Inside the Navy. You talked a little bit about how delay and modernization of systems is a problem for cybersecurity. So I'm wondering how this applies to ship platforms in terms of their age and limited availabilities. How big of a problem is this for you and what are you doing to counter this? That's a great question. I think, I guess it gets back to what I was talking about with respect to pressure on the budget. And so a normal way that we save money or if you have to find money for some other problem, when we're building programs is to potentially delay the modernization, spread it out. And so like I said, that modernization program often comes with the upgrades to operating systems and things that are necessary from a cybersecurity perspective. But in the past that we haven't had a way of really understanding or capturing or knowing how that decision to delay that's made as part of the program build potentially has an effect on the cybersecurity posture of whatever that system is that depends on an operating system or a set of applications or whatever. And so I think we've identified that that's an issue and figuring out how we're gonna change sort of the requirements process, the planning, programming, budgeting and execution and what does sustainment look like for all types of systems, particularly shipboard systems? What does their sustainment plan look like because of restricted availability, because of some of these systems may not be modernized for a very long time. And so that's part of what our Task Force Cyber Awakening is looking at, what is that process? What are the things that have to be rendered cyber safe to assure the mission of any particular platform or any particular operating unit? And so that's exactly what we're working on. Those factors haven't largely been well understood in the past of sometimes decisions are made that we don't understand what the long-term effects are and sustainment of software heavy systems and most of them are these days, sustainment has to account for the fact that vulnerabilities will happen, baseline changes have to be made and the longer it takes us to do that, the more risk or opportunity for the bad guys that we present out there. And so like I said, we're gonna try to change processes and account for those things at the highest level, but at the same time, we're gonna find ways to mitigate risk of those vulnerabilities being in there through defensive measures and situational awareness. Hi, Joe Marx from Politico. Wondering, first of you can talk a little bit about how the Navy is talking about offensive cyber operations, which I know is being still in development all across the military. And then second, just on a staffing level, what does the Navy's piece of cyber mission forces look like and are there people in the Navy who are doing cyber operations on a day-to-day basis who aren't part of cyber mission forces and what is that looking like? Sure. So how we're talking about offense is what you first asked. Well, largely we're not talking about it too much. I mean, everybody wants them. So I spend a lot of time talking to my fellow number of fleet commanders and Navy component commanders and they are interested in how they would integrate and how they would think about bringing cyber operations and offensive cyber operations into their wheelhouse. We're not at a place today where I can say, well, this is exactly how you would do it. We're building the force and that force is largely aimed at satisfying co-com requirements. And so continuing to work with and again, a lot of my work on the defensive side with those other component commanders to assure their missions is sort of that first step, building the relationship between my Maritime Operations Center and their Maritime Operations Centers, how we're gonna fight through network issues or malicious actors in our network is sort of that first step. And we're regularizing and beginning to exercise those kinds of operations. With respect to the Navy portion of the Cyber Mission Force, the build of the Cyber Mission Force for the Navy looks like about 1850 new folks. And I think you asked if we had cyber operators before, we had the Cyber Mission Force. Clearly before there was a Cyber Mission Force, we had operators operating the network on a daily basis. System administrators, people doing patching, people looking for upgrading systems, operating the network. We had people defending the network from a network defense perspective, monitoring sensors, looking for malicious activity, responding to that malicious activity. And so with that, that force existed in each of the services to potentially differing extents. But the point that the DOD made the decision that that force alone was not sufficient to the threat, that we need to have additional forces to be focused on defending the nation, to be focused on integrating and delivering on the COCOM combatant commander requirements, and then finally additional protection and defense of DOD networks. And so the Cyber Mission Force lays atop that foundational force that operated and defended the network to begin with. Yes, I have a Navy cyber defensive operations command that existed before and it'll continue to exist. It'll just be more synergistically applied. It'll be more capacity to some extent to go out as I suggested and hunt for, I'll have a piece of the cyber protection teams that are service oriented. And those forces will operate in conjunction with my day to day 24 by seven defenders. We could launch them potentially to go look at specific key cyber terrain for any particular mission, sort of looking at it through the different lens. When I'm a supported commander, I'm looking at the Navy networks operating and defending them as a whole. I have to do that. I can use my cyber protection teams to turn the lens around and go, what does the commander of the six fleet need to assure? So he can accomplish his mission. What is most important? Let's focus on that. And so we'll send those teams to go explore sort of end to end, map it, make sure that the integrity and the availability and resiliency is there for his mission. Okay, I think I want to give some time to this side so we'll come back, so I was going to face this way too. Hi, Sam Lagrone with USNI News. Can you talk a little bit about sort of the intersection between 10th fleet and some of the more traditional EW capabilities that are out there? I mean, it seems to me that they're all electrons. There should be some overlap one way or the other there. So how are you all working together? Well, largely we are tending to be more involved in sort of the capability development, acknowledging that between the RF spectrum and the cyberspace spectrum, it's really one thing just with different frequencies. And so in terms of capability development and understanding what we could create for war fighters that are at sea, not executed from fleet cyber command or 10th fleet, but actually being executed by other supported commanders. We are in the capability development and the advocacy role. We also have served as a sort of a readiness and certifying official for those capabilities that are embedded in our ships at sea. And so that piece of it has been more of a readiness function. And we are looking at what makes most sense going forward. We have the information dominance type commander. And so he is a readiness generator. And so those forces that I have serving for fleet cyber command could be accomplishing that on his behalf and he would be responsive to fleet forces command pack fleet and the rest of the fleet in terms of generating that readiness and assessing and certifying those folks to go to sea. She's had her hand up in the back right for a while. Thank you. Anne Lilina, Admiral, could you discuss the working relationship with the other cyber units and the other forces? Is it just through US cyber command or do you have ad hoc working relationships or whatever you can share? Army, Marines, et cetera. Oh, no, definitely. I mean, we talk about being a team sport. It's definitely a team sport. There are aspects to how we operate and defend Navy networks that we share and work directly with the other service components because their problems are more like ours than US cyber command looking at it globally. We also are working incredibly closely with DISA in terms of creating defensive strategies across the two of us. So we work across the services directly with US cyber command with DISA. And to some extent, we don't, we tend to work through US cyber command with the other agencies, the DHSs, the FBIs, those kinds of things. But on any given day, we may be collaborating with them on something specific and using our NCIS folks as a conduit as well. The NCI JTF team. So there is criminal investigation, there is counterintelligence and there is cyber. And sometimes working together as a team, we can achieve what we need to across all those different authorities. Up here and then here and then over here. I'm Tony's research fellow at the CSIS. Thank you for your talk. My question is when we see cyberspace as a potential battleground, I think it's very inevitable to cooperate with the private sector because cyberspace has been combined with several different sectors, such as military, governmental and civil society. But on the other hand, can you talk more about how military sector is able to isolate or to divide into different parts with like a private sector when national information infrastructure has been established upon a civil society. So for instance, like when those competing system has been established upon computer system, how military or how naval sector is able to isolate themself from this private work. Okay. I think I can. You can think of it even within the civil sector as an enclave, right? A set of computers that are wired together. I mean, there is a physical dimension to it. And if you build that network from that perspective of controlling what those connections are, so that they to some extent don't use the full power of the commercial infrastructure in which they ride, they are, we're the DOD, we can control this a little better than the commercial sector can. And so it has more to do with the paths through which we communicate on the network and controlling those paths and putting boundaries around the paths where we interface with the public part of the sector. Does that make sense? Does that answer your question? I mean, we have limited the number of ways in which we interact with the public internet. And through those boundaries, we can control what comes in and what comes out. No, I think it's a choice. I think it's a choice that we've made for the defense of the DOD networks. Thank you, Admiral, for your talk. This is Ellen Nakashima with The Washington Post. I have two questions. One focusing on your operations overseas and the other on your operations at home. Overseas, being the Navy, do you have any special expertise in say the intelligence area in understanding the threat of particular adversaries or nation states? For instance, China or North Korea, given the regional combatant commands that you're supporting and just the nature of your service. And can you talk about that a little bit what those adversaries might be and what you do with that intelligence, how you use it to support? Yeah, certainly we use all-source intelligence, national intelligence capabilities and our own intelligence capability to try to understand the threat actors that are out there, be they nation states, be they criminals, be they activists. We're gonna take that information, each of us, each service, each agency is gonna take it and configure it to what we need to be able to defend globally. I mean, yes, there are regional actors and they may have specific intent in a certain region but there's nothing to bound them to that region, right? So we are defending more globally against those threats. I guess I was saying with vis-a-vis the Army or other services, would you have any particular expertise into a particular adversary? No, I mean, we operate globally. I've gotta be able to respond to and configure my defenses against everything from the criminal actor to specific hacktivists or whatever. And are you? So we're not, we haven't sort of subdivided the threat actors into different services. Okay, you guys worry about them and you worry, no. Because we are operating forward and especially with the Navy, we're out there in our allies are very assured by us being out there, but other people don't necessarily like us being out there. And so we tend to be in the face of people whether they like it or not, but it's freedom of the seas. And so that potentially draws fire against us. But again, it doesn't mean that it would be bound regionally. It could draw fire anywhere in the Navy if someone wanted, again, to express this pleasure or have an effect, a disruptive effect on the United States Navy. And then domestically, what is, you mentioned the defense industrial base and I think you said you do investigations with the FBI into defense contractors who might have been hacked and had intelligence stolen that relates to the Navy. What is your role there? Yeah, my role is not to do the investigation. We're responding to what the either FBI or if NCIS goes in, if it's a national security system there, it triggers different types of investigations. We use the data to, first of all, defensively make sure that we're protected but understand what might have been taken and that's a whole nother sort of assessment of what that means to us from a capability perspective, not cyber per se, but any type of capability where data has been lost about our capabilities. What might that mean? And so if in your defend the nation role you're called on to take some form, some action to defend a big company that's been attacked, what might you be able to do? Yeah, so technically Fleet Cyber Command wouldn't be called upon for the defend the nation. We have the National Mission Force to do that and it would depend upon what the president authorized us to do in response and it's gonna have so many factors in terms of what is the risk to national interests and national security and what is US Cybercom authorized to do to defend those interests. And so there's probably a fairly wide range of things that could be authorized and we're building the capacity and capability to be able to do it. My role in that is to provide the Navy forces to that national mission force and make sure that they're trained and ready to go. Ray DuBois, CSIS. Admiral, I read recently an interesting discussion about the name, the domain name Cybersecurity and the author was suggesting it's really a misnomer or at least terribly inadequate that the domain really should be described as electromagnetic spectrum. I'm setting that aside for the moment. Do you have military department of the Navy responsibility i.e. for the Marine Corps also? And if not, who has that? Number one, number two, do you have a precise counterpart in the Army and the Air Force with a similar role and responsibilities? Sure. So as it pertains to the United States Marine Corps, the department, one department but two services and so I have a counterpart that is Marine Forces Cyber in the Marine Corps that does the operation and defense. The other services are not all organized or aligned in the same way. Again, the Navy's approach to information dominance sort of led us down this path of combining the power and the synergistic effects of all things information and particularly the intel and the signals side of the house, the communications and thinking about those things together, not separately. And so as a result of that Fleet Cyber has the cyber responsibilities but also the significant responsibilities today embedded in one commander. The other services have two. So I have two counterparts in each of the other services. Milt Neaton, Ethan Allen Institute. Historically, we've always found that the weak link is the human operator. Do you find that educating the agencies and industries that you're dealing with is a major part of your program? Sure, I do. That's why I tend to talk about the defense industrial base. I've actually gone out and talked to others just in the private sector about the choice you make. The choice you make in investing in your own cyber security. And I think a lot of people feel to some extent victimized by the state of cyber security across the nation and whether it's an individual company going, well, we don't have those kinds of resources. This is a choice. This is a choice we all have to make in terms of how important is your reputation. How important is the security of information I care about? Maybe it's my information that I gave to you to build something, but it also could be your own intellectual property that I've helped fund or that IRAD has funded. It doesn't mean that it should be available globally and multiple companies be able to then take that development and go into production. I feel that having this conversation is something we have to do as a nation to understand what is the real risk to our national interests. And it goes way beyond the DoD, but a lot of the effects in the private sector will have an effect on our ability to do our mission as well. And so it's not that we're better. We've been thinking about it perhaps a little bit longer, but the private sector is really, in terms of cybersecurity capabilities and knowledge, really coming on, a lot to offer. But how do we get that across the whole of government and those things, critical infrastructure and the sectors that our nation is dependent upon? And so continuing to push down that road, both from an educational perspective, but also from an ability to share and work more collaboratively together is something I think we have to continue to work on. For taking the time to be with us this morning for making the trip down from Fort Mead in the terrible weather. No problem. Good luck getting back. Oh, thank you. Very much appreciated. Thanks so much. Thank you. Thank you.