Chairman Bacon (00:00):
… the subcommittee's jurisdiction. We're at war in the cyber domain. And just the last two years the United States has been directly and deliberately attacked by the People's Republic of China and other nation states in the cyber domain. Volt Typhoon, Salt Typhoon, Flax Typhoon and countless other cyber attacks have taken aim at U.S. transportation, energy, water, telecommunications, and other critical infrastructure.
(00:26)
It is time to stop talking about preparing for conflict because we are already in one. I, for one, believe that it is now time that we start acting like it. However, recent actions by this administration raise some concerns for me and others on this subcommittee where they truly believe it.
(00:43)
First is the issue of leadership. A few weeks ago, the cyber commander of U.S. Cyber Command and director of the NSA, the two most important cyber organizations of the United States government, was relieved from command without any explanation, Joe Haugh was the most cyber-experienced officer to ever hold this position.
(00:59)
He was widely respected by his people and his peers and feared by our enemies. Removing him from the cyber battlefield. In this way serve absolutely no national security interest. All this did was help Russia, China, Iran, and North Korea to do what they could not do for themselves. And I don't ask our two folks today to talk about this. This is not on you, but when the Secretary of Defense comes to the Arms Services Committee, he will have to answer for this.
(01:23)
Secondly, it's a renewed speculation about the separation of the dual-hat relationship between Cyber Command and NSA, a construct that proves its value to our national security every minute of every day. This issue has been studied exhaustively, but somehow there are still those who believe they know better. I've spoken to my colleagues on this panel and our friends in the Senate, and on a bipartisan and bicameral basis, the Armed Forces Committees, plural, are strongly opposed to ending this dual-hat relationship. I want to take this opportunity to make very clear to the department's leadership that if they believe that they have allies on this issue who sit on the Pentagon's congressional oversight panels, they do not.
(02:01)
Third, I remain concerned about the state of our cyber training and readiness. Joe Hartman's statement noted that the service cyber components only recently attained foundational readiness standards. Foundation readiness has a very specific meaning, and the fact that it took us more than a dozen years to reach this point, is not something to celebrate, though I'm glad we're here now.
(02:21)
To succeed in the cyber domain. We need more, far more than foundational readiness and particularly interested in hearing from both of you what you need to create and sustain a high level of readiness across the cyber warfare enterprise. I believe a good starting point is to ensure the cyber readiness metrics reported to Congress are meaningful, accurate, and honest.
(02:39)
As we discussed with your teams at the last Cyber Quarterly Brief, we don't request these numbers to hear good news, but to understand the ground truth and focus on our finite time and efforts and what we need to improve. I say all this because our adversaries are clearly not deterred from acting against us, and we're clearly not meeting our potential in developing the cyber capability, capacity, and posture that is commensurate with the threat.
(03:03)
Over my last eight years on this committee, I've often heard how we are getting better. That may be true, but it's been 15 years, and we should be there by now. I ask both of you here today to help us chart a course to get us there quickly.
(03:13)
With that, I want to introduce our witnesses, Ms. Lori Buckhout and Lieutenant General Joe Hartman. Ms. Buckhout and I actually served together. We were in the military just a few years ago, dealing with electronic warfare matters, and I'm excited to be working with her again in her present role, performing the duties of the Assistant Secretary of Defense for Cyber Policy. Joe Hartman is the acting Commander of the U.S. Cyber Command, and I've appreciated the great job you've done stepping in, sir.
(03:37)
I now turn to the ranking member and my friend Ro Khanna for his opening remarks, and then we'll hear from our witnesses. And I appreciate the spirit of both sides of the aisle on this. These issues are not Republican and Democrat. They're American issues, and we're working together for our country. With that, I yield to the ranking member.
Ranking Memeber Khanna (03:52):
Thank you, Mr. Chairman. Thank you for your leadership. Let me reaffirm what you said about keeping our Cyber Command and NSA together. That is a bipartisan position. That is a position that we have discussed many times now. And people on this side of the aisle support you in that. It's bicameral, it's bipartisan, and I just want to make that clear, because it keeps coming up, and I said, where is it coming from? Because the support in the Congress is very strong for keeping those two departments together.
(04:36)
I also appreciate your candidness about the questions you raised on General Haugh's dismissal. General Haugh was an extraordinary public servant. He would often brief us and brief this committee. He had dedicated his entire life to the military and to public service, who's here today, aren't in a position to give those answers because they're not the ones who made the decision to dismiss him. But [inaudible 00:05:06] this Committee's cooperation in helping you succeed in your roles and I look forward to hearing your testimony.
Chairman Bacon (05:13):
Thank you. Who would like to start off? Ms. Buckhout. Okay, I yield to you. Thank you.
Ms. Buckhout (05:26):
The talk button? This is why he is the commander of Cyber Command.
(05:33)
Chairman Bacon, Ranking Member Khanna, members of the committee, thank you for the invitation to be here today and discuss the Department of Defense cyber posture. It is an honor to share the stage with Lieutenant General Hartman. I cannot succeed without a strong partnership with U.S. Cyber Command, and I value the strong ongoing relationship between our organizations, one guided by the President's vision of peace through strength. I'm deeply grateful for opportunity to serve as the Deputy Assistant Secretary of Defense, DASD, for Cyber Policy, and I'm currently performing the duties of the Assistant Secretary of Defense, ASD, for Cyber Policy.
(06:10)
I come to this role after more than 40 years in communications, and intelligence and cyber. I'm proud to once again be serving my country under Secretary Hegseth. Mr. Chairman, I look forward to working with you and the subcommittee to achieve your goals.
(06:24)
The president has nominated Ms. Katherine Sutton to serve as the ASD for Cyber Policy, and I look forward to supporting her as a DASD for Cyber Policy, should she be confirmed.
(06:35)
The United States faces a strategic environment of heightened complexity and risk. The environment is defined by the vulnerability of our homeland to the evolving capabilities of near-peer competition and other adversaries who pose alarming threats across both kinetic and non-kinetic spheres. Cyberspace, a domain essential for global connectivity, communications, and innovation, has also become a contested battle space. Of particular concern is the increasing willingness of adversaries to use cyber capabilities not only for espionage, but also to gain access and pre-position for disruptive actions in cyberspace, and to threaten critical infrastructure and services that underpin our society.
(07:20)
The People's Republic of China poses an extensive cyber workforce and supporting ecosystem that contributes to the Chinese Communist Party's malicious cyber activities. Through activities like Volt and Salt Typhoon, PRC has shown themselves to be a dangerous risk to our homeland. The secretary has defected DoD to prioritize resources towards the most lethal and effective capabilities required for the joint force to defend the homeland and deter China. And this is a strategic imperative in which cyberspace plays a foundational role.
(07:53)
The Russian Federation continues to pose a significant cyber threat to the United States as well, and to our allies and partners. Russia's cyber operations are often integrated with its broader geopolitical objectives, aiming to sow discord and project power on the global stage. The Kremlin views cyberspace as an essential tool for advancing its strategic aims in challenging United States national interests.
(08:18)
Other threat actors, such as the Islamic Republic of Iran and the Democratic People's Republic of Korea, remain capable adversaries and malicious actors in cyberspace. For-profit criminals and transnational criminal organizations, which might be referred to later as TCOs, target U.S. critical infrastructure for ransomware, and take advantage of the speed and anonymity of cryptocurrencies to hide and launder illicit gains.
(08:45)
Within this complex and varied threat environment, the office of the Assistant Secretary of Defense for Cyber Policy provides guidance and oversight for DoD cyberspace activities, as well as the implementation of plans related to cyber forces, capabilities, and their employment. Invested with the authorities of the principal cyber advisor to the Secretary of Defense, the ASD for Cyber policy is charged with oversight of U.S. Cyber Command's service-like responsibilities.
(09:16)
Our strategic aims focus on Secretary Hegseth's three priorities, homeland defense, lethality, war fighting. To that end, we are concentrating our efforts in three key areas, re-establishing deterrence, and securing the homeland. Our foremost priority is to protect and defend the American homeland against aggression in cyberspace. We ensure our cyberspace operations forces have the resources, authorities, and strategic direction they need to contribute to deterrence that if necessary, defend against and defeat cyber threats from abroad.
(09:50)
Restoring the warrior ethos. Our people remain our most important asset in cyberspace. Recruiting, retaining, developing, and rewarding the highly skilled individuals on the front line of cyber operations, is paramount. To maintain our advantage in the face of evolving cyber threats, we must prioritize recruiting, training, and retaining the most talented individuals to achieve mastery in the cyber domain.
(10:15)
Rebuilding our military. We continue to evolve our capabilities against technologically sophisticated threats. In many cases, we can capitalize on advanced lower-cost solutions from the private sector. DoD is enhancing its acquisition pathways to improve the ways we buy software, including through new partnerships with non-traditional suppliers.
Chairman Bacon (10:38):
Ms. Buckhout, are you near the end? We just hit our five minutes.
Ms. Buckhout (10:40):
Oh, my goodness. Yes, sir.
(10:42)
In conclusion, I remain grateful for Congressional support. This support is essential to Mission Success. We look forward to demonstrating the tangible outcomes of support for this posture review. We're deeply grateful for the support of Congress. Look forward to working with you in the future. Thank you so much.
Chairman Bacon (10:57):
Thank you.
Ms. Buckhout (10:58):
Yes, sir.
Chairman Bacon (10:58):
Joe Hartman.
Lieutenant General Hartman (11:00):
Good morning, Chairman Bacon, Ranking Member Khanna, distinguished members of the subcommittee. It's an honor to be here representing the men and women of United States Cyber Command.
(11:10)
I appreciate the opportunity to testify alongside Ms. Buckhout. I also want to acknowledge Chief Master Sergeant Kenneth Bruce, the CyberCom senior enlisted leader, who's seated behind me.
(11:22)
The role of a senior enlisted leader is critical to our mission accomplishment. Our senior enlisted leaders are committed to increasing readiness, focusing the force on lethality, and providing candid professional counsel to their commanders on all matters impacting the force.
(11:39)
Chief Bruce is the epitome of a senior enlisted leader. He represents our professional non-commissioned officer corps, our nation's proven advantage against our adversaries. I recognize Chief Bruce for more than just his exemplary service and leadership. His impact on the future cyber force is equally as important. Chief Bruce, alongside the dedicated men and women of United States Cyber Command, is instrumental in our operational success. Our people are our most valuable asset.
(12:12)
The professionals at Cybercom are at the forefront, defending our networks, encountering threats every day. Their innovation and perseverance are essential to maintaining our nation's advantage in cyberspace.
(12:25)
Cyber Command's mission is straightforward. We defend the nation from cyber threats. We protect the Department of Defense's networks, and we support the joint force. We are dedicated to ensuring the department's mission advantage and providing options across the conflict continuum to the president and the secretary.
(12:47)
The Secretary of Defense has directed us to be more agile, responsive, and lethal. Achieving our assigned objectives requires a force equipped with a strong warrior ethos and the means to meet our national objectives. Deterrence is essential to our strategy in cyberspace, and we are focused on maintaining a credible capability that dissuades adversaries from targeting our critical infrastructure.
(13:10)
In 2024, we executed over 6,000 successful operations, roughly 25% more than in 2023, and we are on pace to surpass that number In 2025. Our operations continue to grow in scale, speed, and complexity. Through the service-like authorities granted by Congress, we are strengthening the cyber mission force. Cybercom works with the services to manage our talent and improve retention.
(13:37)
We have improved the quality of our training, providing new challenging opportunities for our operators. And the authority to conduct the development and acquisition of cyber operation capabilities has an outsized impact on the cyber mission force.
(13:52)
Lastly, enhanced budget control streamlines a process that previously required months of staffing and coordination, empowering Cybercom to maintain our operational advantage in a dynamic environment. In fiscal year '24, Cybercom responsibly managed over 2.5 billion, tightening the alignment of authorities and accountability for cyberspace operations.
(14:13)
These are all things we're doing now. With your support in Congress, we will continue to do more. True excellence requires a world-class workforce. Cybercom is collaborating throughout the department to develop, pilot, and implement tools such as artificial intelligence and other opportunities to invest in our workforce. A world-class workforce requires world-class training, facilities and capabilities to excel and thrive.
(14:41)
With leadership and assistance from Congress and the department, we are well positioned to achieve world-class results. Our work is far from finished, but with your continued partnership, I'm confident we will succeed in defending our nation. Cybercom will rise to the challenge, outpacing our adversaries, securing our
Lieutenant General Hartman (15:00):
Securing our interest and protecting our future. Thank you, and I look forward to answering your questions today.
Chairman Bacon (15:07):
Hey, General Hartman, it's not lost on us that the other combatant commands are preparing for war every day, but cyber command, we are in cyber warfare every day, as we speak. We're being attacked by China, Russia every day.
(15:21)
Now, Ms. Buckhout, my first question is to you, the current administration inherited the Cybercom 2.0 effort. Can you share the latest updates about where Cybercom 2.0 effort stands, as well as any changes the administration may be considering? Thank you.
Ms. Buckhout (15:34):
Thank you, sir. We think that 2.O was a great effort to improve our workforce management and retention. We have taken another relook and decided that we think it needs even more work. We consider cyberspace as importantly as you do. We really appreciate your continued emphasis on that matter, so we have decided to do a deeper look and make it a better product. Thank you.
Chairman Bacon (16:01):
One follow up question, and piggybacking on comments that Mike Waltz has made earlier, but something that I've also positioned out there, are we looking at re-scoping our rules of engagement? I mean, we're being attacked every day, but we have more limited rules of engagement. What's your perspective on this?
Ms. Buckhout (16:21):
I don't want to get ahead of the Secretary and the President, but I know that we're always re-looking the better ways to counter our adversaries in cyberspace, and our challenge, of course, is keeping up policy with the pace of technology and the pace of our adversaries. I would say that we're always looking for better ways for our cyber forces to address the enemy across the globe, and I would defer to General Hartman if he has any additional comments to that.
Lieutenant General Hartman (16:50):
Chairman, thanks for the question.
(16:53)
I would offer that, on a daily basis, we are actively engaged with our adversaries. As the adversary changes, we adjust our tactics, techniques and procedures. I acknowledge that we need to get faster, we need to get better. There is certainly an authorities and policy piece that we will continue to engage with the administration and with Congress on. There's a capability piece that it's my job to continue to push and ensure that we are as capable and as lethal as possible, and I would welcome the opportunity in the closed session to discuss this with you more.
Chairman Bacon (17:30):
Thank you. I got a follow up question for you, General Hartman. We were looking at all the general officers, all the services, trying to get a feel for just how much depth we have in the cyber career field and really only spot one general officer that has extensive cyber experience before they became a general officer. So our question, are we doing enough to develop our cyber leadership here? It seems like we're low on cyber, but we got a lot of depth in air surface warfare, infantry space, but in the cyber area, there seems to be a shortage.
Lieutenant General Hartman (18:05):
Chairman, thanks for your question.
(18:08)
Experience takes a number of different things, right? There's education. I think, across the services, we have done a good job of integrating cyber into the curriculum, really, from the basic level up through the general officer ranks. I attended a course called Pinnacle at the three-star level six weeks ago, and certainly, a significant amount of our curriculum and discussion was about advanced capabilities like artificial intelligence and how does the department leverage that. I think we have done a good job at the general officer level. My deputy right now is a surface warfare officer in the United States Navy. My chief of staff is an infantry officer. But I do agree with you that we have to integrate officers into cyber organizations and cyber command at really every echelon of their career. And so we build officers that, not only have the experience that we need in order to lead in cyber, but also lead their organizations fully taking advantage of what cyber can offer them.
Chairman Bacon (19:12):
One final question. What would you say is your top one or two priorities right now for cyber command?
Lieutenant General Hartman (19:18):
Chairman, our top priority remains talent management and ensuring that we can build mastery in the force. That mastery is required to defend the homeland. That mastery is required in order to outpace China, and we will remain laser focused on that.
Chairman Bacon (19:36):
Thank you. With that I yield to the ranking member.
Ranking Memeber Khanna (19:39):
Thank you, Mr. Chair.
(19:41)
Ms. Buckhout, with some of the cuts at the State department and USAID which support our allies, what is the department doing to mitigate those shortfalls, and what support do you need?
Ms. Buckhout (20:04):
I'm not aware of the particular cuts and their interface with DOD. I can say that, in my job, I remain focused on ensuring that our cyber forces are ready to lean forward in any way possible and prepared to do so.
Ranking Memeber Khanna (20:21):
And are you still working with allies in doing that?
Ms. Buckhout (20:25):
Yes, sir. Absolutely, we are allies around the globe and we continue to work and strengthen our allies and their cyber security postures. Thank you.
Ranking Memeber Khanna (20:36):
Question for both of you. What is the current state of the workforce in terms of recruitment, retention, and readiness?
Ms. Buckhout (20:46):
I will start with that, that that remains a focus at the Department of Defense and, of course, as a secretary as well, he understands the criticality of cyber forces. We understand them as critical to all operations and plans we have ongoing in the globe, as technology advances and as our adversaries advance. For particulars of the workforce, I would defer to General Hartman.
Lieutenant General Hartman (21:13):
Ranking member, if I could first just comment on allies and partners, if that's okay.
(21:17)
In the six weeks I've been in this acting position, I have met with 11 different counterparts from allied and partner nations to include all of our five eyes partners, the majority of our partners focused on the Arctic. I do believe we continue to have a very positive relationship and will continue to work constructively with them to counter the threats that we face together.
(21:41)
From a workforce standpoint, we operate in a domain that was built by private organizations across the globe. The challenge and competition that we have for talent is significant, but we offer an opportunity to execute exquisite operations in support of national security that you simply don't get on the outside world. Our general assessments remain very positive. Our retention for, really, our key work roles, and in cybercom, we always highlight that's interactive on that operators, a.k.a. nation state hackers. It's exploitation analysts, which are really those key members of a team that understand the networks that we're operating against, and it's really the people that write the code that we need to integrate into a platform in order to execute operations.
(22:41)
Working with the services, we have been able to manage those key billets in a way that keeps them in the workforce and that generally has yielded very good retention results. But in order to be successful, we also require access to talent across the workforce. Think linguists. Think intel analysts. Think planners. And we've got to do a better job working with the services to ensure that we can keep those experts in our formation for a longer period of time.
Ranking Memeber Khanna (23:11):
I appreciate the answer. And how is the hiring freeze affecting our professionals here? I mean, do you think that it's hurting and would you recommend that we have an exemption for cyber command for the hiring freeze?
Lieutenant General Hartman (23:30):
Ranking member, certainly, we are working with the department to address the impact of the hiring freeze. We're hiring a highly technical workforce, oftentimes, with investments over a number of years in order to create the skill sets that we're looking for. So we are working with the department and we are hopeful that that freeze will be lifted soon.
Ranking Memeber Khanna (23:53):
Ms. Buckhout, last question for you on the hiring freeze.
Ms. Buckhout (23:58):
Thank you, sir. We also have been examining that we have a cyber-accepted workforce that we collaborate with on the DOD-CIO, and we are working through options now to see how many folks we can bring in under that umbrella.
Ranking Memeber Khanna (24:18):
Thank you. Thank you, Mr. Chair.
Ms. Buckhout (24:18):
Thank you, sir.
Chairman Bacon (24:21):
Dr. McCormick, you are recognized.
Dr. McCormick (24:26):
Thank you, Mr. Chair. Thank you for both being here today and a busy Friday right before we get out of town.
(24:34)
Lieutenant General, I appreciate you stopping by the office yesterday. We had a very candid conversation about Cyber 2.0 and its organization. One of the things that we mentioned, and you just kind of alluded to it, Ms. Buckhout, that we're essentially moving on from the traditional Cyber 2.O. We're going to revamp that, correct?
Ms. Buckhout (24:52):
Yes, sir. That is a plan.
Dr. McCormick (24:54):
Okay. One of the things that confused me about our conversation on reflecting on it, we had a great conversation about three different ways we could do this, as a single column, single command, kind of like we did with Space Force, either keeping it in silos like we do right now with the militaries, or tucking it back under SOCOM. Is that correct, Lieutenant General?
Lieutenant General Hartman (25:17):
Congressman, our OPT that evaluated based on…
Dr. McCormick (25:23):
I would ask the gentleman to not use the acronyms because most people don't know what that means.
Lieutenant General Hartman (25:27):
Okay. Congressman, we had a requirement from Congress, NDA section 1533, to analyze the force presentation model for the cyber force. We developed a operational planning team from Cybercom and across the Department of Defense in order to look at three models.
Dr. McCormick (25:51):
So I got to be concise here because I have three and a half minutes, so I need you to keep your… This is not our typical brief. We've got to be quick for me.
Lieutenant General Hartman (25:59):
So, Congressman, we analyzed three models, status quo, a SOCOM-like model, and the creation of a cyber force.
Dr. McCormick (26:08):
Which one's your preference?
Lieutenant General Hartman (26:09):
Our preference was the SOCOM-like model.
Dr. McCormick (26:12):
The problem I have with that one, and this goes to the point of what I was worried about, if we talk about what SOCOM is and the different services, the special operations capable people, the operations, there's a difference between operational command and tactical command, correct?
Lieutenant General Hartman (26:34):
Correct.
Dr. McCormick (26:35):
Okay. I just wanted to make sure that when we talk about SOCOM responsible for building and special operations forces, but geographical component commanders have operational command over them, correct?
Lieutenant General Hartman (26:46):
That's correct.
Dr. McCormick (26:46):
Okay. This seems to fly in the face of what Cybercom would be both building the forces and employing them in that kind of model. Do you have something to say on that, Ms. Buckhout? Okay. So the different services of special operations, or SOF operations, are each unique and perform different missions like SEALs versus Joint Tactical Attack Controllers. You talked about CyberCam managing common training requirements, so that regardless of uniform, everyone is trained to operate as interchangeable, correct?
Lieutenant General Hartman (27:19):
That is correct.
Dr. McCormick (27:20):
Okay. And am I incorrect in understanding that there's purposeful no service specialization when you do that? Is that correct?
Lieutenant General Hartman (27:29):
That is correct.
Dr. McCormick (27:30):
Okay. So this is where I don't really understand, because JSOC isn't a combatant command like Cybercom is, correct?
Lieutenant General Hartman (27:39):
That is correct. They are sub-unified command.
Dr. McCormick (27:41):
Okay. So it sounds good at first glance, but what it worries me is that the command has been trying to incorporate this for 12 years where you can't do both inside of SOCOM, or am I misunderstanding that?
Lieutenant General Hartman (27:54):
Congressman, just like SOCOM, we have components and we have sub-unified commands to include the Cyber National Mission Force and Joint Force Core Stoden, similar to SOCOM.
Dr. McCormick (28:05):
Okay. I guess, I wonder if, Ms. Buckhout, you can weigh in this anytime you want because I know this is a complex issue. It really is, and we've been arguing this since I got here. We're going on two and a half years and they were arguing way before I ever got here, and I just want to make sure, when we're recreating 2.0 that we are moving at light speed, as fast as possible without the get-ups of organizational cross-contamination, if that makes sense. When you talk about prepping somebody administrative versus deploying them tactically, usually it's done in separate commands, not in the same command.
(28:34)
And that's what worries me is that we're bumping up against this. The services want to have their own silos. We want to have a same command. We tuck it under SOCOM. It hampers us to do the mission correctly and that's what I'm just really worried, that we put a lot of thought process into this before we jump on this next time that we understand. We look before we leap. Does that sound reasonable?
Lieutenant General Hartman (28:57):
Yes, Congressman.
Dr. McCormick (28:59):
That's too easy. Too easy. All right. Well, thanks. As with that, I yield Mr. Chair.
Chairman Bacon (29:05):
Thank you. Mr. Whiteside, you are recognized.
Mr. Whitesides (29:08):
Thank you, Mr. Chairman. I'm grateful to the two witnesses here and for the bipartisan leadership of this subcommittee. I would add my voice to their comments this morning.
(29:16)
Today is May 16th, six weeks after the previous cyber command commander was removed on April 3rd. Over those six weeks, Congress and the subcommittee have received no details from the Secretary of Defense or the White House about the reasons for his removal. This is utterly unacceptable and a sign of the cavalier lack of professionalism from this administration. Without explanation, it seems clear that the reason that our top general fighting cyber attacks was removed was because an extreme conspiracy theory with the ear of the president had it out for him. This is, to put it mildly, a crazy situation and highly dangerous given the extreme stakes of this domain. It puts our citizens at risk. It hurts the morale of the dedicated men and women of cyber command,
Mr. Whitesides (30:00):
… and it hurts the national security of the United States. Now, to today's witnesses, thank you for being here this morning. I know the chaos that has been injected into US cyber operations over the past months is not your fault, and I know that you are both doing your best in a challenging situation. With that said, there has, indeed, been chaos. We've seen orders that paused our cyber operations against one of our key global adversaries without any credible justification. And although I know that none of this can be laid at your doorstep, it nonetheless falls to this subcommittee to turn to you with our questions.
(30:29)
Secretary Buckhout, has the Department of Defense resumed planning for offensive operations against all US near-peer competitors?
Ms. Buckhout (30:39):
Thank you for that question, Congressman. I'm afraid that I cannot discuss cyber operational matters in this open forum, but we remain committed to countering our global adversaries in cyberspace.
Mr. Whitesides (30:52):
Did the pause in offensive cyber operations against Russia, which was publicly disclosed, serve any specific operational purpose?
Ms. Buckhout (31:00):
I cannot confirm that pause, sir.
Mr. Whitesides (31:02):
Okay. General Hartman, in this time when our adversaries are putting untold resources towards recruiting talented cyber operators, it's important that we do everything we can to draw talented operators to government service despite the myriad opportunities offered by our world-leading technology industry. Can you talk to us about specifically what new opportunities and employment structures Cyber Command and NSA now offer for recruiting and retaining our top talent and how the agency is working to get the word out to recruit the best possible people?
Lieutenant General Hartman (31:35):
Congressman, we have a number of initiatives. I think from a technology standpoint, the one that's most worth mentioning is where we're going with artificial intelligence. We have an artificial intelligence roadmap thanks to a requirement from Congress. We have an artificial intelligence task force that executes pilot programs across the full spectrum of our operations, and we partner very closely with the National Security Agency to ensure that we leverage the advanced technical capabilities that the agency has in a way that makes the best use of the resources of the American taxpayers.
Mr. Whitesides (32:15):
Are we paying our folks enough to compete with the private sector?
Lieutenant General Hartman (32:20):
Congressman, we have made significant progress in our ability to provide incentive pay for both our military and our civilian workforce. I think it is adequate. We're never going to attract and keep talent because of the money we pay them. We're going to do so because of the mission and because of the culture and the organization that's laser focused on defending the nation.
Mr. Whitesides (32:45):
I think I speak for the committee, we want to make sure we help you get the best possible people. So if there are other ideas or structures, I think we're all ears on that.
Lieutenant General Hartman (32:54):
Thanks, Congressman.
Mr. Whitesides (32:55):
Last question. I hate to ask this, but Ms. Buckhout, do you have Signal on your phone, on your work phone?
Ms. Buckhout (33:05):
I do not.
Mr. Whitesides (33:06):
Yeah, why not?
Ms. Buckhout (33:09):
Because there are other means. It is a basically encrypted work phone and I remain dedicated to ensuring our national security remains as secure as it can be. I have 41 years of a top-secret clearance with absolutely no security violations and I remain committed to that.
Mr. Whitesides (33:28):
Thank you, ma'am.
(33:29)
Mr. Chairman, I yield back.
Chairman Bacon (33:32):
Thank you.
(33:33)
Mr. Vindman, you are recognized.
Representative Vindman (33:35):
Thank you, Mr. Chairman. So first of all, I want to say that I completely agree with your statements, your opening statements, Mr. Chairman, this morning about how important the cyber mission is to this country and the fact… And echoing my colleague Mr. Whitesides, that it is completely unacceptable that the commander of a combatant command would be fired solely at the request of a nut like Laura Loomer. That's unacceptable. It's disrespectful to the uniform and the decades of service that General Hawk and everybody in uniform puts in.
(34:24)
So the second thing I want to talk about is this idea of restoring the warrior ethos. I think that is also tremendously disrespectful to the Department of Defense and people that have served. The warrior ethos is part of what's ingrained throughout the career. And it's a headline. The remainder of the commentary is acceptable, but this idea that the American service member does not have the warrior ethos is, frankly, outrageous and unacceptable, and I want to be on record for that because I know this is a priority from the Secretary of Defense and that's an issue I'll take up with him, but that verbiage is ridiculous.
(35:19)
Let me kind of jump into the meat of the questions here. So thank you for joining us, Ms. Buckhout, and for your years of service. In your testimony, you spoke about the significance of the Russian cyber threat to the United States, our allies and our partners, and I share your concerns, and I assume you agree that given the significance of the threat, we should keep all defensive and offensive cyber operations on the table as it relates to confronting the Russian threat.
Ms. Buckhout (35:49):
Thank you, Congressman. We do have a number of elements on the table now. As far as specificities, I would refer that perhaps to a different place to discuss and to General Hartman.
Representative Vindman (35:59):
Okay. What I'm asking is that as it relates to the Russian threat top line, that we should keep defensive and offensive cyber operations on the table. Is that in your role?
Ms. Buckhout (36:13):
I think we do so at this time. And to the specificities, I would refer to General Hartman,
Representative Vindman (36:19):
That's what I was looking for. And in early March it was widely reported in the press, and this is a follow-up to the line of questioning Mr. Whitesides was asking you about, but there's a specific point here I want to get to. It was widely reported that Secretary Hegseth issued an order to Cyber Command to pause offensive cyber operations against Russia. On March 4th, the DOD Rapid Response Twitter account, so that's from DOD, denied that, saying that the secretary neither canceled nor delayed any cyber operations directed against malicious Russian targets and there has been no stand-down order whatsoever from that priority.
(36:56)
I'd like you to confirm that the secretary did not issue any stand- down orders to Cyber Command as it relates to Russian operations.
Ms. Buckhout (37:04):
I was not here at that time, but I'm not aware of any stand-down operations ordered at that time.
Representative Vindman (37:09):
Okay. Mr. Chairman, are we going to have a second round of questions?
Chairman Bacon (37:22):
Yes.
Representative Vindman (37:23):
Okay. So let me start then on this line and-
Chairman Bacon (37:26):
Mr. Vindman, If I could, I'm going to put you on pause for a second. I actually dug into this whole matter, I just want to address it. There was a one-day pause, which is typical for negotiations. That's about as much as I can say. It was a one-day pause.
Representative Vindman (37:37):
Okay. Thank you for that clarification. All right. As it relates to cyber operations, as we know, and this is not an exhaustive list, but there is a… And so this will give you an opportunity to think about it for the second round of questioning, but cyber attacks have objectives of attacking, damaging, destroying systems. But there are also aspects that are more pernicious and pervasive. And this is attacks related to deception, disinformation. And what I'm not seeing, and it seems to me as a result of ideology from this administration is this idea of attacking disinformation from our adversaries around the world. And if we're not doing that, then we are leaving ourselves completely open to a major line of attack. And so I only have 13 seconds left, I'll let you ruminate on that and then come back to it during the second round.
(38:41)
Thank you.
Chairman Bacon (38:44):
Thank you, Mr. Vindman. I ask unanimous consent that non-subcommittee members be allowed to participate in today's hearing. Is there any objection?
(38:53)
Okay, with that Elfreth, you are recognized.
Representative Elfreth (38:55):
Thank you very much, Mr. Chair, and thank you for your grace in letting me join you today. So I am the very proud representative of the fence line of your home at Fort Meade and represent many of the men and women who work every day in Cybercom. So I'm going to try to focus my questions on them.
(39:12)
I also want to echo my colleague's deep concern with the firing of General Hawk and the signal that that sends to our adversaries abroad. And I want to follow up on a few points made and dig in a little bit on personnel.
(39:24)
General, I was really glad to hear you say that people are the most valuable asset of Cybercom, and I think this committee, just in the 37 minutes I've been here, would agree with that as well. Not just the hiring freeze, I wanted to dig into the impacts or potential impacts of the actions of DOGE on the personnel. I would be curious to hear from your perspective, how many under your command took advantage of the fork in the road offer? How many probationary employees were separated from the agency? And I have a follow-up question to that, but I would love clarification from you first.
Lieutenant General Hartman (40:00):
Thanks for the question. From a percentage of the workforce, the target was 5 to 8% and we will fall somewhere in the 5 to 8% category. No probationary employees were terminated as a result of this unless it was for non-performance or disciplinary reasons. To date, we haven't had any.
Representative Elfreth (40:24):
Okay. So 5% still, I would argue that, as everybody has mentioned before, this is an incredibly important command. 5% of that is going to be felt. Can you speak to how you're going to balance out being able to deliver while losing 5% of your workforce?
Lieutenant General Hartman (40:41):
Congresswoman, we have a deep and talented workforce and we have junior leaders that will move up and assume those responsibilities. And it will be difficult, it will require leadership, but we know who's leaving. We've developed contingency plans and it's my job to ensure that we execute those plans and continue to perform our mission.
Representative Elfreth (41:06):
On the note of those who are leaving, I'm deeply concerned about the potential and unnecessary national security threats of disgruntled employees, especially if they're separated in the way General Hawk was, not to imply he would ever at all or anybody would, but I think it's an unnecessary national security risk to separate employees in any kind of disrespectful manner. Can you speak to what you are doing to ensure that everybody's treated with respect and that the information that they carry with them continues to be classified?
Lieutenant General Hartman (41:36):
So first, we terminated no one against their will at Cyber Command. So I'm not as concerned as a workforce that would've been terminated. Two, the guidance I've given is that every person that has served their nation, the first thing we should say is thank you. And we should do everything we can to facilitate their transition and to help them be successful.
Representative Elfreth (41:58):
I would also recommend to you, even the folks who separated willfully, willingly, in order for them to land successfully and continue to be able to keep food on their family's tables and roofs over their heads, has there been any discussion of helping them… I understand their resumes have to go through a clearance, some type of process, and that can take up to a number of months. That's deeply concerning for my constituents. Can you speak to how you're preparing for that?
Lieutenant General Hartman (42:27):
Congresswoman, I have visited that facility and I have worked with the team and I will tell you they are doing just an enormous amount of work in order to clear the resumes in a way that allows personnel to go out and find employment. I do not believe that we will see any significant delay as it relates to what we have to do to enable the people that have served with us in order to go find a new job.
Representative Elfreth (42:54):
So I'm hearing from you that you're committed to ensuring that that goes faster than a few months. Do you have any timeframe of which your goal is to clear those resumes?
Lieutenant General Hartman (43:04):
I will be more than happy to take that for the record and provide you an answer. I don't have the exact number of days.
Representative Elfreth (43:11):
Okay. I really appreciate that. It's of grave concern to me, Mr. Chair. So thank you. And then, finally, I'll just make a statement that when we're talking about… Obviously we talked about retention, but even recruitment, I think it's going to be really difficult for us as a nation to recruit the best and the brightest to this space. It was already incredibly difficult when they, to Mr. Whiteside's point, can make significantly more money in the private sector when we are treating our civilian employees across the board with the disrespect that we're seeing from this administration. Particularly here, I think everybody wants to see the best and the brightest young people want to go into public service. I'm grateful that you're committed to that mission as well. And it's just something I'll be focusing on.
(43:50)
And Mr. Chair, I'll yield back.
Chairman Bacon (43:52):
Thank you. And I share your concerns, Ms. Elfreth, on the reductions. I've served in the Pentagon, I get it that I think there could be reductions at the headquarters levels and I think so some of that assumptions I share. But Cyber Command, we are in a daily cyber war with Russia and China. China can put multiple times more people on cyber than we can, being they're just five times bigger than we are. And so, I'm an advocate for Cyber Command, making sure that we maintain the full capabilities and potential that we have there.
(44:25)
I'm going to do a second round of questions. I'm going to recognize myself for another five minutes, and please let us know up here if you'd like to speak. We'll get you back in the queue.
(44:33)
First of all, I want to ask both of you, I think we're doing a great job day-to-day cyber, but there's also a second part we've got to be thinking about. How do we support the other combatant commanders, the theater commanders? And there's been some reporting that there could be some improvement there. So could you both address that? How can we improve or is that an issue? Ms. Buckhout?
Ms. Buckhout (44:57):
Thank you, Congressman. I'm very grateful you've raised
Ms. Buckhout (45:00):
… raise that question, and grateful for your support on this. As part of my job to come in and review all policies, procedures, operations, and plans, I want to ensure that cyber is well-integrated across them all.
(45:15)
Additionally, my office is in the process of creating a new 2025 cyber strategy, which will also address ensuring that cyber is integrated in all appropriate ways in which we defend our country and approach the enemy. I think we'll be covering that down very adequately in the future. Thank you.
Chairman Bacon (45:35):
I'd like to piggyback a little bit on Dr. McCormick's comments earlier. I share the view that the SOCOM model, I believe, is the best, but there's some pros and cons. I think one of the things it takes to make the SOCOM model work is service buy-in, and that means they got to recruit and they got to provide trained people to the Cyber Command at a level that they need.
(45:55)
But they also got to develop cyber leaders within their promotion system and growing leadership. Gets to a earlier question I had. I'm not sure that we're doing adequate there, but we got to have full service buy-in to make this model work, and would you both… Be grateful if you comment on that thought.
Ms. Buckhout (46:16):
I would absolutely agree with you. I think the relationships with the services have been excellent, and they only continue to improve. As cyber continues to become more and more a way of life, and certainly a way for our adversaries to attack the United States, the services see it as more critically important than ever. I'll let General Hartman discuss particulars of how the services are working within Cyber Command.
Lieutenant General Hartman (46:45):
Chairman, the services have done a good job of presenting forces to CYBERCOM. There have been challenges. We've worked through those challenges. Congress has helped with legislation, and we appreciate that. But our assessment is that there is a more efficient model in order to take a basic-trained service member and create an expert-trained service member that gets at the idea we call mastery.
(47:15)
Instead of trying to do that across all the services, we do believe there's an opportunity using CYBERCOM service-like authorities, CYBERCOM joint force trainer authorities, in order to build that mastery in the force, and we look forward to working with the services to do that.
Chairman Bacon (47:31):
I think it's a very important point, but we'll try to help out there. Final question, I think recruiting cyber experts is a different, maybe recruiting an infantry person or a aviator, so what can we do to improve recruiting in this very important battle space?
Lieutenant General Hartman (47:54):
Thanks, Chairman. Look, we have made significant strides in recruiting on both the service and, really, the civilian side of the house. Our service numbers, while not perfect, are better than they've ever been. We transitioned from a service standpoint or a civilian standpoint to the Army as our combatant command support agency.
(48:14)
And prior to some of the workforce shaping efforts we're going through right now, we'd seen a 45% decrease in the hiring timeline. We do believe we have a plan moving forward and we look forward to working with the department to get after it.
Chairman Bacon (48:30):
Thank you. Mr. Khanna.
Ranking Memeber Khanna (48:32):
Thank you, Mr. Chair. You had referenced, General Hartman, the five Is, and we had talked yesterday when we met about not really having that much intelligence in South Asia, with Indian Pakistan. I saw Congressman McCormick left, he and I chaired the India Caucus. Do you think it makes sense, at some point, to move beyond the five Is, I know we have the nine Is, and to look at countries, like India, for closer intelligence cooperation, particularly with China's challenge and what's going on in South Asia?
Lieutenant General Hartman (49:14):
Ranking member. I would really defer to the DNI and the administration on where we go from a policy standpoint. But I do want you to know, on a daily basis, we interact with a number of different partners, not just the five Is. And we look forward to interacting with any country around the globe where there is mutual benefit to both the United States and that partner, and we'll continue to work those bilateral relationships very aggressively.
Ranking Memeber Khanna (49:46):
And is India one of those countries?
Lieutenant General Hartman (49:48):
Okay. Ranking member, I would welcome to discuss this further with you in the closed session.
Ranking Memeber Khanna (49:54):
Thank you.
Mr. Whitesides (50:00):
Mr. Chairman. In the interest of time, I don't have any questions. I yield back. Thank you.
Chairman Bacon (50:05):
Mr. You're recognized.
Representative Vindman (50:06):
Thank you Mr. Chairman. And thank you also for clarifying that point on the one-day pause. And so what I would like to do is obviously point out that that statement by DOD Rapid Response was a outright lie. It was at least misleading and that is not what the American people deserve. That'll be something that I intend to follow up with, the secretary when he actually shows up. On the point of disinformation is countering disinformation part of the mission set of CYBERCOM?
Lieutenant General Hartman (50:39):
[inaudible 00:50:40]-
Ms. Buckhout (50:39):
I will address, if I may, from the policy view first. We view cyberspace as part of a global IT information system, if you will, able to pass information. However, information operations is not the purview of my policy office.
Representative Vindman (51:00):
Okay. General Hartman.
Lieutenant General Hartman (51:05):
Congressman, CYBERCOM has never executed operations to counter disinformation, but we have and remain laser-focused on malicious cyber actors operating in foreign space that would support those operations.
Representative Vindman (51:24):
So our adversaries are daily attempting to influence us, and they're either attacking our systems or attempting to influence us. Military deception, obviously, is one of the key components to military operations. Would you disagree with any of that?
Lieutenant General Hartman (51:44):
No, Congressman.
Representative Vindman (51:45):
Okay. Whose job is it to, if they're using cyber means to perpetrate disinformation, whose job is it to attack that or stop that?
Lieutenant General Hartman (52:01):
Congressman, we have, and we will remain focused on foreign adversaries, linked to foreign governments, who are attempting to execute operations targeting the United States. And I would be happy to discuss more of this with you in the closed session.
Representative Vindman (52:21):
And we'll get into it in more detail in the closed session. Let me ask you this question, and this goes to both of you. Has there been a change to how the department and CYBERCOM, between the previous administration and the current administration, respond or engage with disinformation in the cyber realm?
Ms. Buckhout (52:49):
From the point of OSD policy? Again, that does not fall under my particular purview and I would defer any particular actions on, deferring disinformation, from a cyber point of view where it's appropriate, to General Hartman. But, again, we may want to discuss that more in a closed session.
Lieutenant General Hartman (53:08):
Congressman, there's been no change in the guidance for us to target foreign actors. Again, we don't go after information.
Representative Vindman (53:21):
Okay. Well this is probably part of a larger conversation, but again, if disinformation is a key mechanism that our adversaries are using in the cyber realm, it falls in the cyber realm, because it comes through TikTok and Twitter and Facebook, and it's not necessarily changing ones and zeros in the digital space to mess with systems.
(53:47)
But it is messing in a much more pernicious way with the way people think about things. It's an influence operation. It's not clear to me, and maybe this will be a response in the secure setting, but we're talking really high level. Who has purview of that mission and how are we countering that?
Ms. Buckhout (54:14):
We have policy organizations that engage in that. I would again refer to a closed session to discuss that further.
Lieutenant General Hartman (54:25):
Congressman, really nothing that I can add in this session.
Representative Vindman (54:28):
Okay. All right. Thank you.
Chairman Bacon (54:29):
Ms. Elfreth.
Representative Elfreth (54:33):
Thank you again, Mr. Chair. I'm particularly concerned about the mental health support for service members under CYBERCOM. These folks are basically functionally on deployment while they're right here stateside. I'm also concerned that Congress directed an evaluation of the occupational resiliency of our cyber operators. And the report confirmed that what we all suspected, that military services' organic resources are insufficient to meet the specific needs of this community.
(55:01)
It's troubling that this issue appeared to go unaddressed until Congress intervened. And also concerning are reports from service members who encounter obstacles or stigma when they seek critical mental health care. So given these realities, how can we be assured that CYBERCOM will give this issue the priority it deserves? What are you working on, General?
Lieutenant General Hartman (55:20):
Thanks for the question. Look, I acknowledge the report. I will tell you, five years ago when I commanded the Cyber National Mission Force, we partnered very closely with the National Security Agency in order to leverage some of the occupational health specialists that they had. We'll continue to work that.
(55:39)
We have this year hired the first psychologist at CYBERCOM. We've recommended it's a challenge. We will continue to work with Congress and the department to get the resources required in order to bring the professionals on. You and I are really in a hundred percent agreement here. We acknowledge it's a problem and we're working to get after it.
Representative Elfreth (55:58):
I appreciate that and the step that you took with the psychologist. If you could, for the record, give us maybe in writing your plan here. It's not a priority for me if it's not written down. I would appreciate your thoughts there.
(56:12)
I also want to move on to the Air Force recently announced the expansion of, again, Maryland Air National Guard's Cyber Vision, transitioning the current unit into the 175th Cyber Wing. I understand that under its current structure, the 175th Cyber Space Operations Group has supported CYBERCOM and cyber operations. Could you speak to how the establishment of the new Cyber Wing will benefit CYBERCOM's mission?
Lieutenant General Hartman (56:35):
Thank you. First of all, the Air National Guard teams are awesome. Okay? They have been integrated into the Cyber National Mission Force for the last 10 years, and the nation derives significant benefit because of the work they do. We're excited about having additional capacity. One, the ability to bring more Air National Guardsmen from Maryland into the mission space, we welcome that. Two, from a talent management standpoint, it provides another mechanism for us to transition active-duty service members to the Air National Guard so that the United States can continue to utilize their unique skills and capabilities in order to support the mission. I think there's a lot of opportunity there. I am aware of the facility that touches the, almost, fence line and we're excited about it moving forward.
Representative Elfreth (57:27):
I appreciate that. And final question, as part of community engagement outside of the fort, CYBERCOM has traditionally gone into high schools and tried to, we talked about recruitment and retention, tried to get young kids excited about coding. I understand that Secretary Hegseth has paused that program. I'm curious if you've given any thought to restarting it in the mission of long-term recruitment.
Lieutenant General Hartman (57:57):
We certainly welcome any opportunity to engage with young people in high schools and across America, and we'll continue to do that as aggressively as we can, consistently.
Representative Elfreth (58:10):
I'm not sure you answered my question. Could you commit to restarting that in the near future?
Lieutenant General Hartman (58:15):
We commit to restarting it as soon as we can, consistent with the department policies.
Representative Elfreth (58:21):
Okay. I'll live with that answer. Thank you, Mr. Chair. I yield back.
Chairman Bacon (58:25):
Want to thank both of you, Ms. Buckhout, General Hartman for your leadership. Thank you for your candor. Our desire is to make sure we give you the tools and the support you need to succeed in this very valuable mission. And I do, I'll say again, I appreciate your leadership and the hard work. With that, we'll adjourn.
(58:52)
We're going to go to the, what's it, 2337 for the SCIF portion.
