Pentagon Press Secretary Air Force Brig. Gen. Pat Ryder and Deputy Assistant Secretary of Defense for Cyber Policy Mieke Eoyang Hold a Press BriefingGuidance For Continuation[...]

BRIGADIER GENERAL PAT RYDER: All right. Well, good afternoon, everyone. Today, it's my honor to welcome Deputy Assistant Secretary of Defense for Cyber Policy Mieke Eoyang as we make public an unclassified summary of the 2023 Department of Defense Cyber Strategy, which will be posted on the DOD website this afternoon.

Secretary Eoyang will provide some opening remarks and then take some questions, which I will moderate, and I would respectfully ask that you keep your questions relevant to the Cyber Strategy and keep your follow-ups limited to provide your colleagues a chance to ask any questions. Afterwards, the Secretary will depart the briefing room and I will take the podium to provide some separate DOD updates and answer any questions you may have.

And with that, over to you, Secretary Eoyang.

DASD FOR CYBER POLICY MIEKE EOYANG: Thank you, General Ryder. Good afternoon, everyone. As he mentioned, I am Mieke Eoyang, the Deputy Assistant Secretary of Defense for Cyber Policy and I'd like to take a few minutes to provide an overview of the Defense Department Cyber Strategy summary being released today.

This unclassified strategy represents the overarching priorities of the classified 2023 DOD Cyber Strategy, which DOD transmitted to Congress this past May. This strategy builds upon the direction set by the 2018 DOD Cyber Strategy and is informed by years of real-world experience of significant DOD cyberspace operations.

It's the department's fourth Cyber Strategy and represents the Secretary's vision for operationalizing the 2022 National Defense Strategy in cyberspace. It also compliments the Biden administration's National Security Strategy and the National Cybersecurity Strategy released last year.

This strategy draws from our experience conducting offensive and defensive operations. It's also informed by DOD's close observation of the Russia-Ukraine War and the integration of cyber into large-scale military operations, which is to say this is not an aspirational document, it reflects hard-won lessons and truths.

As mentioned upfront, this unclassified summary is intended to present the overarching priorities for the strategy and should not be considered exhaustive. The scope of this document is limited to the cyber domain. It does not establish policy for the department's operations in the information environment.

I'd like to highlight the key elements of this strategy as captured in the summary. First, it identifies the People's Republic of China as the department's pacing challenge in the cyber domain and recognizes the significant threat that Russia poses in cyberspace. It also identifies other persistent threats, from the Democratic People's Republic of China, Iran, and transnational criminal organizations, to include ransomware gangs, cyber thieves, and hacktivists.

Second, it establishes the role of cyberspace operations in integrated deterrence, which is employing cyberspace operations in concert with other instruments of national power, especially in defending the homeland and ensuring the resilience of the Joint Force.

Third, it outlines how the department will continue campaigning in cyberspace -- which is the conduct of and sequencing of logically-linked military initiatives intended to reinforce deterrence and frustrate adversaries.

Fourth, it provides a blueprint for building enduring advantages in cyberspace, overseeing investments across the defense ecosystem.

And fifth, and distinct from previous iterations of the DOD Cyber Strategy, this strategy commits to building the cyber capability of global allies and partners and to increase our collective resilience against cyberattack.

Allies and partners are a strategic advantage that no competitor can match. Adversaries continually attempt to undermine the capabilities of our partners, and it's in our interests to strengthen the network defense of our allies and partners. This strong network of allies and partners boosts our reach and capabilities and protect us in cyberspace.

Finally and importantly, this strategy emphasizes the department will continue to collaborate with our domestic partners across the federal government to share best practices and expertise. We will deepen our relationship with private industry through voluntary and timely information sharing.

In closing, as the cyber domain has grown, foreign adversaries have exploited it to identify U.S. vulnerabilities, commit espionage, steal intellectual property, violate U.S. sovereignty, and recently, to wage war.

The department has long recognized the dangers inherent in the cyber domain and has maintained efforts to protect its own system. The new strategy establishes how the department, with a robust and integrated cyber capability, will operate in and through cyberspace to protect the American people and work to deter conflict where it can and prevail where it must.

Thank you.

GEN. RYDER: Thank you, Secretary Eoyang. We'll now take some questions. First, we'll go to AP on the phone, Lita Baldor.

Q: Hi, thanks a lot. Two quick questions for you if possible.

Number one, could you tell us in your perspective, what the key lesson learned from Ukraine and Russia's activities has been? What is the primary lesson you've learned?

And then secondly, we've heard a lot for years about the shortage of cyber experts within the department and efforts to find people who you could sort of hire away while competitive companies are paying more. Can you give us a - bit more detail on how deep this shortage is and whether you're far -- the department is falling further behind or if this is getting any better?

Thank you.

MS. EOYANG: Thank you for that. First, on Russia-Ukraine and the main lesson learned here, it's that I think prior to this conflict, there was a sense that cyber would have a much more decisive impact in warfare than what we experienced.

What this conflict has shown us is the importance of integrated cyber capabilities in and alongside other warfighting capabilities, and that is consistent with the approach in the NDS on integrated deterrence and is an important lesson for us to think about, that cyber is a capability that is best used in concert with those others and may be a limited utility when used all by itself.

To the second question on the shortage of workforce, I'm not going to get into specifics about numbers but it is a recognition of the department that people are essential to our capability in cyber, which is why we talk about cyber forces as the number one critical enabler in the context of the defense cyber strategy, and our focus on making sure that we are getting the people part right is a key line of effort for us in this strategy.

GEN. RYDER: Thank you, ma'am. We'll come into the room here. Oren?

Q: Two questions. I'm going to quote from the unclassified strategy: "The department will also use cyberspace operations for the purpose of campaigning, undertaking actions to limit, frustrate and disrupt adversaries' activities below the level of armed conflict and to achieve favorable security conditions." First, what do you mean -- and could you describe cyberspace operations as part of campaigning? And then how do you define favorable security conditions? And then my other question is, it repeatedly talks about defense forward. What is that? Is that a euphemism for offensive cyber operations? Because there's nothing about offensive cyber ops and that must be part of the strategy.

MS. EOYANG: Yeah. Let me answer the second part first, which is that on defend forward, and as we talked about in the 2018 cyber strategy, as we talk about defend forward and the recognition that we cannot simply defend our way out of a problem. There is a recognition that we will, as the department, need to disrupt adversary cyber -- malicious cyber activity coming at the United States, and we have been doing so. And we do that not only as the Department of Defense, but as part of an integrated effort with our interagency colleagues. So yes on that one.

On your -- sorry. Can you repeat the first question?

Q: Yeah. The de- -- I'll read the quote again...

"The department will also use cyberspace operations for the purpose of campaigning." Can you just kind of define what that means...

MS. EOYANG: Yeah.

Q: ... or what that looks like?

MS. EOYANG: Yeah. So to go back to a phrase that we used in the 2018 cyber strategy, which I think underlies this campaigning concept here, we talked about persistent engagement here. One of the challenges is that the cyber domain is one that is constantly being updated, patched, modified as technology changes. So in -- outside of an armed conflict, there is a need for us in the department to remain engaged with the cyber domain to be able to deny adversaries at -- advantageous positions for themselves within the cyber domain.

GEN. RYDER: Thank you very much. We'll go back now to the phones. Georgina from Inside Defense?

Q: Hi. Thank you very much for this briefing. For my question, the strategy mentioned that to strengthen the DIB, the department plans to prioritize new technologies. What areas will these new technologies be focused on?

MS. EOYANG: Yeah, thank you for that question. I'm not going to get into the specifics of particular technologies, but I would just say that as we have seen adversary tactics and techniques change and evolve, there are technologies as we think about as part -- for example, of zero-trust architecture that would enable us to better identify malicious and anomalous behavior on DOD networks, and we are interested in the development of those technologies, among others.

GEN. RYDER: OK, and we'll go to Mark from Defense Scoop.

Q: Hi. Thanks so much for doing this. Two related questions, I believe. Through operations and observations of conflict, has DOD essentially come to the conclusion that cyber is really a tool that's best suited for the gray zone, this competition phase short of conflict? And I guess relatedly, how do you see cyber operations contributing to kinetic forces and capabilities meeting the timing and tempo of commanders in the physical realm?

MS. EOYANG: I think that for the -- as this strategy identifies, this is not just a gray-zone activity; that it also has -- plays a role in the conflict itself. We have seen and observed, I think as you have all reported, that there have been cyber disruptions occurring in conflict, and that those can play a role in warfighting capability in the department. It intends to use them that way. I'm not going to get into specifics about particular operations.

GEN. RYDER: And we have time for a couple more. Any in the room here? Yes, sir?

Q: Just wanted to clarify your comments about engagement with commercial companies. It'll be voluntary and timely information sharing. Is that kind of the extent of it, or is there going to be more engagements and more kind of cooperation?

MS. EOYANG: Yeah, thank you for the question. I think that phrase comes from a particularly important part of the defense cyber strategy, which is how we think about defending the homeland. We are recognizing that there are very sophisticated network owners and operators inside the United States. The Department of Defense's authorities are pointed outside the United States, but we can enable those network owners and operators to better defend themselves.

You have seen the department engaging those efforts as part of the whole-of-government Shields Up activities, where we are able to provide information to the private sector about what kinds of threats they might see. You have seen the department lean into providing cyber security warnings for the private sector with our domestic partners, the FBI and CISA, and we continue to provide technical assistance on a voluntary basis through NSA's Cybersecurity Collaboration Center. We recognize that this model is a productive one for the Department of Defense.

GEN. RYDER: OK, last two questions will go to Lara, and then onto the phone for the last question.

Q: Yeah, thanks for doing this. Two questions quickly. One, is there going to be some kind of implementation plan released in the near future that lays out sort of the detailed goals for the cyber strategy? I know you did that for the cyber workforce strategy, as well.

MS. EOYANG: Yeah, that will be a -- something that we will have to work through in the Department of Defense. As you can tell by the lag between the classified strategy and the unclassified strategy, the process of providing something to the public may take us a little bit of time.

Q: And then secondly, what is your stance on the necessity of a cyber force?

MS. EOYANG: Yeah, any model the Department of Defense uses has pros and cons to it, the current model and the cyber force model. Congress has asked us to look at our model and alternative models of force generation. We are taking that report very seriously. I think it would be premature to say at this point whether or not a cyber force model is the right answer for the Department of Defense, given all that we've been able to accomplish on the current model, and I think we need to understand the implications of such a model before we were to take a position on that.

GEN. RYDER: Thank you. And final question will go to Alexandra, Federal News Network.

Q: Yeah, thanks. To build on the staffing, most of the ideas that it looked like were in the summary were things that we kind of heard before. Are there new ways to bring in more workers? Is there new funding? Is there enough funding for the kind of bonuses and programs that you're looking to do?

MS. EOYANG: Yeah, it's a really important question for us to think about how we are incentivizing the cyber workforce here, especially as we face competition from the private sector. It is part of the study that we are undertaking to be able to better understand our human capital requirements.

GEN. RYDER: All right. Thank you very much, ladies and gentlemen. That is all the time the secretary has available today. Secretary Eoyang, thanks so much for joining us.

All right, so just a few things to pass along at the top, and then we'll get right to your questions. Again, I want to thank Deputy Assistant Secretary of Defense Eoyang for taking some time today to provide details on DOD's cyber strategy.

So first, a quick update on Red Hill. Recently, the department notified Congress that defueling the Red Hill Bulk Fuel Storage Facility in Oahu, Hawaii will not adversely impact DOD's ability to support military operations in the U.S. Indo-Pacific Command theater. The Defense Logistics Agency has taken actions to reposition fuel within the theater, where it can better support USINDOPACOM fuel requirements. This notification was in accordance with the FY23 NDAA, which required the Secretary of Defense to notify congressional defense committees prior to the department beginning the defueling process.

With notifications complete, Joint Task Force-Red Hill is now scheduled to begin defueling the storage tanks on October 16. This achievement reflects the department's ongoing commitment to defuel and ultimately close the Red Hill Bulk Fuel Storage Facility while upholding our responsibility to ensure the readiness of our armed forces.

In other INDOPACOM news, acting Undersecretary of Defense for Policy Ms. Sasha Baker will depart today for meetings and engagements in Hawaii, the Republic of Korea, and Singapore. During her trip, she'll meet with leaders from INDOPACOM and the Defense POW/MIA Accounting Agency, she'll co-chair the fourth meeting of the Extended Deterrence Strategy and Consultation Group with our Korean allies, and she'll co-chair the Strategic Security Policy Dialogue with her Singaporean counterpart.

Secretary Baker's engagements will serve to reinforce the DOD's broader efforts to work with regional allies and partners to promote and ensure a safe, secure, and stable Indo-Pacific region. I'd encourage you to visit Defense.gov for updates on Secretary Baker's travel this week.

Also taking place in the Pacific, Exercise Cartwheel '23 started today in Fiji. This is an annual multilateral exercise co-sponsored by the U.S. Army Pacific and the Republic of Fiji military forces. Approximately 150 personnel from the U.S. Army will participate in Nausori Highlands Training Area -- or excuse me, at Nausori Highlands Training Area.

Exercise Cartwheel includes maneuver exercises, humanitarian assistance and disaster response, and stability and support operations activities alongside the Republic of Fiji military forces and multinational partners from across the Oceania region. This exercise will strengthen alliances and partnership while generating readiness for crisis and conflict response, in support of a free and open Indo-Pacific.

And finally, Secretary Austin and Deputy Secretary Hicks met with the Defense Policy Board today on a closed, classified session. Both leaders briefed the board members on the current landscape of global security challenges and opportunities, sharing insights gleaned from their most recent travel to the Indo-Pacific region.

The leaders thanked the board members for dedicating their time and expertise to provide independent and informed advice, opinions, and recommendations on matters concerning defense policy. And an unclassified readout from this month's policies board will be published on Defense.gov.

And with that, I'm happy to take your questions. We'll go first to AP, Lita Baldor.

Q: Hi, Pat. Thank you. I was wondering if the department has any new assessment on the Russia-North Korea meeting that is, you know, about to take place, was taking place? And if there is any new assessment on whether there's been any aid exchanged at all between the two countries? Thank you.

GEN. RYDER: Yeah, thanks very much, Lita. I don't have any specific updates to provide, other than, again, obviously we a meeting is to take place. Our understanding is that this will focus on arms negotiations. And again, we would call on North Korea to meet its previous stated public commitments not to supply weapons to Russia, which will only end up prolonging the unnecessary war in Ukraine. Thank you.

Go on to the room here. Lara?

Q: Thank you. Just wondering if you could tell us whether the U.S. plans to send additional cluster munitions to Ukraine?

GEN. RYDER: Thanks, Lara. I -- so in terms of security assistance for Ukraine, I don't have anything to announce today. Of course, when and if we do, we certainly will let you know. Thank you.

Oren?

Q: Just a quick follow-up on North Korea. Do you expect Kim Jong-un to -- specifically to meet Vladimir Putin or is that unclear, whether that meeting will ...

(CROSS-TALK)

GEN. RYDER: Yeah, really, you know, I'd have to refer you to the DPRK and the Russians for the details of the meeting. I'm just not going to have a readout to provide.

Sir?

Q: There have been reports and speculation that a Chinese nuclear-powered submarine may have crashed in the Taiwan Strait, killing everyone onboard. Could the DOD comment on such reports?

GEN. RYDER: I don't have any information on that. Thank you.

Q: Thank you.

GEN. RYDER: Go to the phone here. Jeff Schogol, Task & Purpose?

Q: Thank you. If Senator Tuberville doesn't lift his hold by October 1st, the Vice Chairman of the Chiefs of Staff will serve as acting Chairman and Vice Chairman. Can you talk about what are some of the real world consequences of having one person fill that role in an acting capacity?

GEN. RYDER: Yeah, thanks, Jeff. So, you know, there's many implications that you've heard us talk about. I mean, depending on the position, there could be certain authorities that can only be exercised by a Senate-confirmed leader. And of course don't forget that the Department of Defense is a organization that operates literally 24/7 around the globe.

So there's both operational reasons and personnel sustainment reasons why we have deputies and vices, vice commanders, to ensure that we can effectively cover down on the multiple foxholes that we're covering at any one time.

For example, the Vice Chairman has several roles and responsibilities in his own right, including leading the Joint Requirements Oversight Council, representing the military in National Security Council deputies meetings, co-chairing the Deputies Management Group, participating in the Joint Chiefs of Staff Tank, as well as many other issues focused on oversight and coordination of interdepartmental groups. So if you add the duties of the Chairman of the Joint Chiefs, that's a lot for one person to cover from extended period of time.

So again, this is something that we're going to stay focused on. Over the course of this summer, the Secretary and his legislative team have engaged with Senate leadership and senators on both sides of the aisle, to include senators McConnell and Schumer. In addition, the department continues to engage Senator Tuberville's office and recently had a meeting with his staff on this topic.

Now that the August recess is over, Secretary Austin continues to lean hard into this and plans to conduct additional calls with senators this week, and we'll continue to speak out and urge Senator Tuberville to lift his holds that are putting our readiness and our national security at risk. Thank you.

All right, come back in the room. Yes, sir?

Q: Thank you, General. General, I have two questions. The first one regarding to the Libya flood, does the officials there ask the DOD for any kind of help? And does -- the DOD willing to assist Libya in this flooding that's -- you know, too many people have been dying.

GEN. RYDER: Yeah, certainly a terrible situation in Libya. We have not been asked for any support from Libya. Of course, we'll continue to monitor the situation there.

Q: ... my second question -- yesterday, we heard from the State Department that Secretary Blinken will host his Chinese counterpart before the end of this year maybe. So could we, like, expect same thing happen here in DOD between Secretary Austin and his Chinese counterpart? And how do you describe the relations, military-to-military, between DOD and the Chinese? And does the communications channels still exist between two armies? Thank you.

GEN. RYDER: Yeah, sure. So as it pertains to a potential meeting, I don't have anything to announce. As you know, we have, and continue to keep, the offer on the table in terms of communicating between Secretary Austin and his counterpart. And for all the reasons that we've talked about, to try to ensure that we prevent any type of miscalculation, and militaries the size of ours have a responsibility to ensure those open lines of communication. But as it relates to doing that, of course, we will continue to make those efforts. From our perspective, there's nothing preventing that from happening.

Now, to answer your other question, is there open channels of communication? Yes, at multiple levels. However, of course, we think that it's important to maintain communication at all levels, to include the highest levels of our militaries. Thank you very much.

Let me go to Mike.

Q: Yes, sir. Thanks, Pat. Despite -- let's stick with the Senator Tuberville issue for a second. Despite your football analogies and the chastisement from his fellow Republicans like Representative McCaul from Texas, Senator Tuberville doesn't look like he's going to budge as -- I mean, he said that, like, today, I think. My question is this: So what's more important to the secretary, getting these generals and admirals confirmed, or the -- or subsidizing elective abortions for the troops?

GEN. RYDER: Yeah, so we're not subsidizing abortions, just to be clear on that. What we're doing is we're providing equitable reproductive healthcare for all of our service members. The department does not pay for abor- -- abortions. We don't pay for in vitro. What this is doing -- it's facilitating access which a servicemember would have had previously, since it was -- they could live in a state through -- that they could receive those services, that they pay for their on their own. But again, if you are now assigned to a state where those types of services are not available, we're not going to pay for those services, but what we will do is we will, just like we would if you were stationed overseas, get you to a place where you can then pay for those services. And again, this goes back to ensuring that there is equitable healthcare for these federal servicemembers across the board. So does that answer your question?

Q: No. I mean, then, what's more important -- I mean, however we -- however you describe it...

GEN. RYDER: What's most important, yeah.

Q: What's more important...

GEN. RYDER: What's most important for the secretary of defense?

Q: (inaudible).

GEN. RYDER: The senator?

Q: The secretary.

GEN. RYDER: Well, what's most important to the secretary of defense of the United States of America is ensuring that the United States military can protect and defend this nation, and that means having service members that receive the training, the equipment, the healthcare and all the services that are required in maintaining an operationally-ready force. And what we don't want is a force of haves and have-nots where some people are going to have access and some people are not by virtue of where the military assign them. Period.

All right, let's see. We'll go to any other questions here. We'll go back out to the phone. All right, let's go to Georgina, Inside Defense.

Did we lose the phone?

OK. Any other questions here in the room? All right, thanks very much, everybody. Appreciate it.

Public link

Please use the above public link if you want to share this noodl on another website.