The Expanding Cyber Threat

Watch the Video

---

Read the Transcript

---

This transcript was generated with the assistance of AI. Please report inconsistencies to comms@afa.org.

Lt. Gen. Kevin Kennedy, USAF (Ret.):

All right, well fantastic. I’m glad you found your way to Delta. I wasn’t sure where Delta was and I kept walking and I kept walking and went in a couple of rooms. So thank you for being that persistent to finding the Cyber Talk here today. So I had the pleasure of talking with what I call three of my pretty good friends I’ve known from very, for quite a long time. General Hensley and I actually were, you know, two decades as we were taught at the weapon school together back in the 90s. But as we go through on this panel, we have Lieutenant General Krypto Hensley. He’s currently the commander of 16th Air Force. We have Ms. Charleen Laughlin, who’s the Deputy Chief of Space Operations for Cyber and Data. And we have Brigadier General Joy Kaczor. She’s the Assistant Deputy Chief of Staff for Warfighter Communications and Cyber Systems. And so today we have the pleasure of talking about the expanding cyber threat. And so for any of you in the audience, when you’re asked to talk about a cyber threat, the first thing you think about is how am I gonna be able to talk about anything that’s usually highly classified? So what I always recommend is you go to the Intel community and they publish a report every year that talks about the cyber threat. And so that’s what I did. And so in March of ’25, we came out with the latest annual threat assessment. Now, as you would expect, it isn’t super deep on details, but it is deep on themes. And so this is kind of lay this out and then we’re gonna talk with the panel and get their sense of where they think we are. So the first one is the PRC, classified as our most active and persistent cyber threat, not only to the US government, but also to our industry partners and our critical infrastructure. The ones we’ve heard about the most are Volt Typhoon and Salt Typhoon. Volt Typhoon been the ones that are looking at pre-positioning and some of our critical infrastructure. And then Salt Typhoon, who recently had a penetration into our telecom industry. What is believed is any major conflict is imminent. We consider aggressive cyber action by the PRC as likely. Now let’s look at Russia. Mainly use the domain for intelligence collection. And then they’ve had past attempts to pre-position access on US critical infrastructure. They also have unique experience attempting to integrate cyber operations and effects into multi-domain operations as we’re seeing play out right now in Eastern Europe and Ukraine. They’ve demonstrated real world disruptive capabilities this past decade, and we expect that to continue in the future as they are demonstrating by relentlessly targeting Ukraine’s networks and destructive and disruptive malware. Then there’s Iran. Growing expertise and willingness to conduct aggressive operations and a developing capability. And finally, North Korea. Those in this audience probably realize North Korea’s primary focus is on making money to finance their programs and their government. However, there’s a possibility for that they will expand that as they potentially target industrial-based companies in the United States to help with their, basically for intellectual property theft, to accelerate their industries. So that’s the big four. We’re not gonna talk too much on criminal actors, but there’s a play, and if any of the panelists want to do that, they have that right. So finally, one, two themes struck me this morning listening to the SECAF and the CSAF. The first one of the SECAF was, are we doing enough? And the chief challenged us, are we going fast enough? And so when you want to frame that within the expanding threat through the cyber domain, I think that’s something that we should keep in the back of our mind. So with that, I’ll pass it across to the panelists. First, I’d like to give you a quick introduction of yourselves, and then what’s your thumb rail of your responsibilities right now with respect to the cyber domain and our capabilities? And then finally, what’s your assessment of the current cyber threat? Is it increasing in scale, scope, intensity, all three, none of the three? And what is the threat to the Department of the Air Force and the Joint Force in 30 seconds? No. All right, with that, Crypto, you’re up.

Lt. Gen. Thomas K. Hensley:

30 seconds, that’s quite the challenge, Trapp. Thanks so much for the opportunity, and it’s an honor and privilege to be able to sit up here on this panel with Char and Joy Kayser, and thank you all for coming out and taking that time out of your very busy schedules to be here. We got a wide range of people in the audience. I saw junior enlisted and second lieutenants all the way up to retired general officers that had my job, so we’ve got quite the spectrum in here. But sort of to address the first part of the question, just a thumbnail sketch of what it is that I’m responsible for. So as the 16th Air Force Commander, AF Cyber, I actually have multiple hats, but one of those hats involves the responsibility for cybersecurity. And from a cybersecurity standpoint, we have the responsibility to operate, assure, secure, and defend the DAFN network, the Department of the Air Force Information Network. Not the Air Force Information, not the, it’s the Department of the Air Force Information Network. And so for most of you out there, you’re, you know, to put it in tangible terms, you know, you’ve got your NIPRNET computers that you use, the CIPRNET computers, the JWICs, and some of you may use SAP and STO networks, and so we have the responsibility to protect those. But we also have the responsibility to protect IT infrastructure, information technology. So the systems and the networks that are responsible for moving data, data that supports weapon systems, data that supports command and control systems. But we also have the responsibility to protect OT networks, operating technology. So those are the systems and the networks that move physical components, substations, water, energy, transportation, things like that. And again, to put it in tangible terms for this audience, from a security standpoint, we’re responsible for securing and defending the F-35 Alice network, the long range kill chain, over the horizon targeting ecosystem, the global logistics ecosystem, nuclear command and control communication, NC3 architecture. We have the responsibility to protect those. And all of that is incredibly important. So why is it important? When you look at the air and Space Force functions, when the nation asks our air and Space Force to do the things that it’s trained to do, it’s air and space superiority, it’s global mobility, it’s global strike, it’s global ISR, global mission operations, command and control, space situational awareness, and access. And when you think about all of those functions that these two services are responsible for, the one thing that they have in common is that they all rely on networks. We have the most powerful military capability, the world has ever seen. And we cannot afford to let that war making capability be compromised. We can’t let our networks be the soft underbelly to those capabilities. So we’ve got to protect those networks. And as we talk about the threat, and I’ll turn the mic over. Absolutely, the premise is the cyber threat increasing. It absolutely is. And when you look at history, in 2007, the Russians conducted a cyber attack against Estonia. That was an IT cyber attack. They went after financial institutions, they went after news networks, they went after government agencies. And that’s because the Estonians decided to move a statue. In 2008, when the Russians executed a military invasion in Georgia, they integrated cyber attack with that military invasion. It’s the same types of attacks, IT networks. But then when you look at 2010, that’s Stuxnet. That’s when a cyber attack struck those nuclear centrifuges in the Tons in Iran. And they messed with the ones and zeros and caused those centrifuges to spin out of control and explode. 2014, you have the Russians executing an OT cyber attack against Ukrainian electrical grids, setting the conditions for little green men to go into Ukraine. And as we’ve seen in 2022, in nearly four years of conflict, we’ve seen the Russians use cyber against IT targets against OT targets. And they’ve done it synchronized with their military operations, sort of a campaign plan, if you will, with Ukraine. Trapp’s already kind of highlighted the Volt Typhoon and Salt Typhoon for that matter. And in large audiences like this, whenever I have an opportunity, I always ask the question, please raise your hand if you’ve heard about Volt Typhoon. That is a phenomenal show of hands. So a year and a half ago, maybe 10% of you would have raised your hand. So there’s awareness and knowledge that’s out there. But Volt Typhoon being a state-sponsored, malicious cyber actor that has had persistent access in our SICR infrastructure, critical information, key resources, water, energy, transportation, persistent access for five years. They haven’t done anything with it. I’ll get back to that. Salt Typhoon, persistent access into our telecommunication networks. So persistent access, they haven’t done anything with it. Why? Because they’re probably setting the conditions to execute destructive cyber attacks should there be a regional conflict in the Pacific over Taiwan. In my words and my words only, nobody else has said this, but if we find ourselves in a conflict with China and they execute destructive cyber attacks against our critical infrastructure in the United States, that is total war in my definition. Not total war in the sense of World War I total war or World War II total war, but total war in the sense of all domain warfare using the cyber domain to execute a counter value attack against the US population in the United States. So yes, the premise that the cyber threat is growing, I believe is true. Thanks.

Lt. Gen. Kevin Kennedy, USAF (Ret.):

All right, excellent. Thanks, Krypto. All right, Char, follow that one.

Charleen Laughlin:

All right, thanks again for the opportunity to be here. 30 seconds, right?

Lt. Gen. Kevin Kennedy, USAF (Ret.):

Right, 30 seconds. Not a Crypto 30 seconds.

Lt. Gen. Thomas K. Hensley:

Was that for real?

Lt. Gen. Kevin Kennedy, USAF (Ret.):

No, that wasn’t. One and a half minutes would have been great though.

Charleen Laughlin:

You ready? Are we ready?

Lt. Gen. Thomas K. Hensley:

We’re ready.

Charleen Laughlin:

All right. Thanks again for the opportunity to be here. This is my first AFA and it’s just been such a warm, incredible welcome. And I’m really excited to have this conversation. I’m the Deputy Chief of Space Operations for Cyber and Data for the United States Space Force. And in that role, I’m responsible for cyberspace operations, the security and digital transformation of the space enterprise, and also the development of the cyber workforce, all to enable our ability as a Space Force to operate in, from, and to space and to protect our nation’s interests. So anything that threatens that, cyber or not, is really important to me, right? Now you asked the question, what do I think about the cyber threat? I think absolutely. Not only is the cyber threat expanding, it’s actually accelerating in all three of those dimensions, intensity, scale, and scope. Our adversaries are integrating cyber into broad campaigns across the spectrum of conflict. They’re targeting our military infrastructure, our critical infrastructure, operational technology, supply chains, and they’re waiting to see, they’re watching to see how we’re going to respond, right? That was another element of, that I took from the keynotes this morning, is our adversaries are watching us. And so, they’re also increasingly targeting our data, which is of particular importance to the Space Force, because we can’t do anything in space without an awareness of what’s going on in the domain. And we also need that data so that we can understand how to act.

Lt. Gen. Kevin Kennedy, USAF (Ret.):

All right, excellent, thanks, Char. Joy, you’re up.

Brig. Gen. Joy Kaczor:

Sir, thanks. Thanks as well to you for inviting me on this panel. Appreciate to be up here with these esteemed leaders and colleagues. We work very closely together on getting after this threat. I am the Assistant Deputy Chief of Staff for Warfighter Communications and Cyber Systems, our new half A6, led by Major General Edmondson. So I’m honored to be her number two, if you will, and really start to get after understanding what the warfighter requirements are. How do we make sure that we are providing that guidance, that oversight to organize, train, and equip the force so they can get after the mission? And it’s not just the warfighter comms and cyber effects Airmen. You know, all the partners that we’ve talked to today, it’s really about integrating those capabilities. And how do we recognize where there are multiple mission requirements that we need to ensure are interoperable and integrated? So from the air staff, we need to make sure we’re also resourcing, advocating for that resourcing. So that’s very much our role. And I would say to the part of your question, sir, quite frankly, we’re in a fight in this battle space right now. I’m sure, you know, besides seeing it in all the intel, has anybody here been personally attacked in some way, like had your credentials stolen, had data stolen, credit card, anybody experienced that more than once probably? Okay, so we’re all in that fight every day. And I think even more so, it’s important to understand that and recognize what that means to our people, our users that are using the technology. So I also recognize we have to be a very close partner with Space Force ’cause you are dependent on the US Air Force for a lot of your capabilities. So excited about that partnership and to talk about how we help secure your mission systems as well.

Lt. Gen. Kevin Kennedy, USAF (Ret.):

Okay. All right, that’s a fantastic start. So now we’re gonna kind of step through how we do our mission in the air and Space Force. And so the first one is generating combat power. So the question, and Char, I’ll start with you, is how does the Air Force or in your seat, the Space Force, you know, see the threat to our ability to generate combat power? And then what are we doing to assure our abilities in, through, and from the cyber domain?

Charleen Laughlin:

Yeah, thanks for that question. So the reality today is that combat power is digital at its core. All of our operations rely on digital systems, riding on digital infrastructure, and we really need that data in order for us to understand how we should act. And so the cyber threat targets the very foundations of our readiness as a department. It targets our mission systems, our logistics, communications, critical infrastructure. And to counter that threat requires us to move beyond just defending space systems and networks. This has to be about how we achieve mission assurance and operations and cyber resilience and acquisitions. So on the Space Force side, we generate combat-ready forces through our Space Force generation, our SpA4Gen model. There are some great things that we are pushing out of SpA4Gen right now. We are training Guardians who understand the cyber threat. They understand our cyber terrain. We’re augmenting our fielded systems with sensors and tools so that those aforementioned Guardians can conduct defensive cyberspace warfare and ensure resilient systems are there to support the combined and joint force. And then like General Kayser mentioned, because the Guardians are for the most part employed in place, we partner very closely with the Air Force to make sure that our foundational enterprise IT is secure to allow us to continue to operate.

Lt. Gen. Kevin Kennedy, USAF (Ret.):

All right, perfect. General Kaczor, from your seat on the air staff.

Brig. Gen. Joy Kaczor:

Yes sir, so I would say as a young communications officer, I was taught no comms, no bombs. Anybody else heard that? That’s still true, that has not changed. And so when I heard the chief talking today about the importance of C2, everything I’ve heard the leaders already talk about, it is about understanding those communications requirements and really in today’s day and age, it’s about the data. What data does our operator need? What data does the mission require? Where is it at? How do I get it to whoever needs it at the time they need it? Timing and tempo is really critical, but then you gotta make sure that data is secure. Can we trust it? So I would say as we’ve been working on what are we as an A6, almost two months old now, last week we had a little bit of an offsite. And I think we came up with a vision, so ma’am if it’s not, I apologize, but we’re gonna go with it, ’cause I think we decided our vision was connect, enable, and win. Connect, enable, and win. And I think I’m supposed to hold up the bolt in between each of those, right? And that’s what we need to do. We need to connect Airmen to the data they need when they need it. We need to ensure again that it’s reliable. What is the path to do that? What’s the pace plan? Are we thinking through all of those things so that we can generate the combat power? So the chief of staff mentioned, I don’t know if a lot of you heard it, talking about a lot of operational stuff. And what did he say? Couldn’t have done the operation without the logistics. Right, do aircraft need fuel? Yeah. Do we rely on power for everything, including the comm? So to the points that my leaders on stage have already mentioned, we know those systems are under attack or can come easily under attack. They are vulnerable. Do we understand that so we know what the dependency is so we can secure it, or we know when something’s not right so now we could actually generate combat power ’cause we’re not gonna get aircraft off the ground if we can’t get them fuel. And so basic fundamental things, which means we need to change how we think about the fight. We need to think about all those interdependencies that aren’t maybe the sexy stuff, right? Love the aircraft, right? Airmen, got it. But what are all the things that are required to now get airborne, to get retargeting data, to know where you need to rendezvous to refuel, get you an updated ATO? What are those dependencies? And I don’t know about you guys, but I see the ones and zeros, right? All the data that’s required, some cases from disparate systems. And so I think that is really critical that we map that out, that we understand what the data is, how are we gonna secure it? How do we feed, right, this thing we call F2T2EA, right? That’s all part of this requirement to create effects and to win. So my idea is that how are we building Airmen, not just common cyber Airmen that understand this, but how are we then connecting to understand what your mission requirements are? Char, what are your mission requirements and how do we need to secure that? And can we secure everything? Where do we need to secure it? So it’s a complex problem, but it starts with some basic understanding of what are those mission requirements and then prioritize how we’re gonna, not just secure and defend them, but keep them operational at time of need.

Lt. Gen. Kevin Kennedy, USAF (Ret.):

All right, and General Hensley, at the operational tactical level, do you see it differently, same?

Lt. Gen. Thomas K. Hensley:

I see it absolutely the same. I’ll probably just say it in different ways, but like generating combat power, where do we generate that combat power from? We generate it from our bases, right? And so, but whenever we talk about base defense, it’s always in terms of kinetics. It’s always in terms of how do we defend against small UASs? How do we defend against missile strikes? Those are absolutely reasons that are really important that we need to figure out, but we also need to start talking about in terms of cybersecurity, cyber defense. For all the reasons that my colleagues here on the stage talked about, we have to have resilient, reliable comms to do all of the functions that we have. And from a 16th Air Force standpoint, how we’re getting after it is, we’ve got cybersecurity service providers, CSSPs, and we’ve got cyber protection teams. And so, CSSPs, they’re underneath the 688 Cyber Wing, the CPTs, they’re underneath the 67th Cyber Wing. And previously, we had always looked at those as like different mission sets, but in reality, they have a common mission, and that’s to secure and defend our networks. And so, as we look at our CSSPs, what do they do? They provide the persistent monitoring 24/7, seven days a week, 365 days out of the year. They monitor the networks, both the desktop networks that you use, the weapon systems, the C2 platforms. If they find an anomaly or they get some intel reporting that the bad guy’s out there trying to do something, they’ll do incident response, but it’s the persistent monitoring. The CPT teams, they’re more of a point defense focused, and with a deeper dive, with exquisite tools that they use to root the adversary out, to kick ’em out, to mitigate, and to harden that network. And so, we’re coming up with a DCO campaign plan that better synchronizes the nexus between our persistent monitoring and our point defense. And so, that’s a key piece, but that strategy’s also gonna have to rely on a sensor strategy and a data strategy to make use of that. But also, looking at the base defense itself, right? We can do all that we can to defend those bases, but realize that those bases rely on public utilities. So, if those public utilities are attacked, we’ll have a week, maybe two weeks of generator power to keep missions going, but then that’s it, we’re out of slits. So, how do we protect the public utilities that are feeding the bases so that we can continue to fight? And so, we are working through what’s called CRADAs, Cooperative Research and Development Agreements, with the public utility companies at a variety of strategic locations and bases. And so, there’s different types of CRADAs. There’s an intel sharing CRADA, where we can inform them of adversary activity in their networks. There’s a CRADA where we can share best practices and TTPs on what works as far as eradicating adversaries that are in the networks. There are some CRADAs where we can get an agreement where we can put our sensors on their systems and we can do the persistent monitoring. That one gets a little bit trickier because you have Department of Homeland Security responsibilities and authorities. But the great thing is, if we got some guard folks that are out there, guard has authorities to be able to do that kind of work. And so, they are key in that nexus point there. And then finally, as we continue to look at how we help harden our bases, we’re reaching out to academia. Any Aggies out there? Whoop, that’s right. So, Texas A&M, University of Texas El Paso, UTSA, the Air Force Academy. Guess what, they have cyber programs, they have PhDs, they have students that are trying to become PhDs, they have SCIFs, they can get access to clearances. And so, the partnership and the relationship that we’re trying to develop there is getting the universities to do research and development, to do tool development, to do foreign material exploitation. We do the acquisition part, they do the exploitation part. And so, all those things we’re doing to try to get after improving the security of those bases so that we can generate power. Thanks.

Lt. Gen. Kevin Kennedy, USAF (Ret.):

All right, fantastic. Okay, now let’s talk about force employment, creating battlefield effects. Joy, I’m gonna come to you first with this question. So, when we think about what the adversary is expanding threat through the cyber domain, what does that mean for us as a Space Force and an Air Force to create battlefield effects both in the cyber domain, the physical domains, and in the informational domain?

Brig. Gen. Joy Kaczor:

So, I think it is really gonna take a change in how we look at the mission. Again, I started talking about this previously. We need to understand holistically what’s required to execute the mission. And I like to say map the data trail because, again, it’s about the data. As much as we maybe don’t look at it that way ’cause it’s not sexy, you heard the chief talk about Operation Midnight Hammer. They could not have executed that without data from multiple systems at multiple classification levels. Oh, by the way, being able to partner with other partners and allies. Okay, so what is our role then? What do we need to do then? Whether you’re a communications Airman, a cyber operations Airman, a pilot, whatever your role is, you need to understand that. And I’d say from the Air Staff perspective, that’s what we’re trying to capture. How do we make sure now that we have systems that are interoperable and integrated so we could actually get data from one place to where it needs to get to, or to the Airman that it needs to get to? So, it is gonna take a change of mindset of how we look at this and actually recognize that we can’t continue to white card communication requirements in an exercise. Because not only does it change what we do as communications Airmen, as cyber defenders, it also is gonna change how we plan for that mission. How we execute the mission. The TTPs that are gonna be employed. And so if we don’t actually start integrating into exercises and understanding those requirements, and quite frankly, the requirements of exactly, we’ve talked, we’ve hit it a couple times, of those, no kidding, industrial control systems, things that we actually don’t even control, if we don’t understand those dependencies, both here and abroad, I think we are not setting up to win. So part of what we’re trying to do on the Air Staff is really understand that and work with our teammates in A57, A3T, on the Air Staff, and talk about how do we integrate an understanding of the communications environments, the vulnerabilities, the dependencies, and actually play that out in an exercise. And even if it’s to do something, like we’ve done before, we have Bamboo Eagle, we have Heavy Rain out in USAFI, our 5th Combat Comm, any, any Combat Comm? Oh, they’re not in here, interesting. Note taken.

Lt. Gen. Thomas K. Hensley:

They’re just shy.

Brig. Gen. Joy Kaczor:

All right.

Lt. Gen. Thomas K. Hensley:

They’re here.

Brig. Gen. Joy Kaczor:

Right, their exercise that they do every year actually gets at this. So how do we leverage then what we learn from that exercise and make that starting points in a more global exercise for our Air Force and if we have an entire department one? Because, oh, are we dependent on space? I think one of the commercials said they’re just computers in another orbit. So understanding all that. And I charge our Airmen to think about that. And so what I leave on that topic is one of our Airmen while in War College, ’cause what you do in War College is you study and you think, so nice to have time to do that, actually wrote about this and wrote about the importance of understanding and playing this out on exercises ’cause otherwise we will not set ourselves up to win. And what he realized in looking and doing his research, and this is Lieutenant Colonel Mitch Brown, if anybody knows him, big brain, and he said, “Victory,” I’m paraphrasing here, “Victory in the future battle “will be less about the weapons, “the quantity and the quality of the weapons we have, “and more about those who are able “to effectively see to their forces.” And what do you need for C2? Right, think about all that. So I leave you with that thought.

Lt. Gen. Kevin Kennedy, USAF (Ret.):

All right. All right, General Hensley, you’re up.

Lt. Gen. Thomas K. Hensley:

I had to follow that one. So I think we’ve established that the cyber threat that’s out there, in the past we had geography. Geography gave us a certain amount of defense. We had the Pacific Ocean, we had the Atlantic Ocean, but with cyber warfare and cyber capabilities, cyber is not constrained by geography. When you talk about global strike, cyber is part of global strike. And so that’s something that we absolutely need to bear in mind. And if you sat in on the Intel discussion about China, they teased out the notion that China has studied us for the past 30 some odd years. While we were doing different missions, for good reasons, they were studying us. Ever since the Iraq Desert Storm conflict, they’ve been studying us. And they know what our reliances are. And so from, they know our reliances on C4 ISRT, and they’re looking at ways to counter that. And how does that affect us? That’s the things that we’re trying to develop with our long-range kill chain, our over-the-horizon targeting ecosystem. What can they do to disrupt, pick a bad D word, deny, degrade, deceive, disrupt, destroy our C4 ISRT capabilities? They know that we rely on force generation and power projection capabilities. And so what are those global logistics networks that we use to do the force generation and power projection? From the space, they absolutely know our reliance on space capabilities. And so what are the vulnerabilities that they can take advantage of with the satellite control networks? And probably the big one, you know, in any conflict that you enter with the United States, nobody wants to talk about it. It’s called nuclear war, but we have escalation dominance if it comes to a conflict. So what are the vulnerabilities in our nuclear command control communication ecosystem that they can find and they can take advantage of to help maybe level the playing field? So those are all the things that we’re thinking about on how to cover down. And to my colleagues’ points, we gotta make sure that those critical comms are resilient and secure. And so I’ve talked about the DCO campaign plan earlier, but there’s some things that we’re trying to do across the enterprise that includes the six, that includes SAFC and it includes, you know, the senior cyber advisor and ACC. There’s a lot of people that’s working on this, but it’s the zero trust architecture. It’s the next generation gateway. It’s the integrated defense cyber system. And the integrated defense cyber system entails a series of sensors at all of our bases. You’ve got tier one sensors that protect the base all the way down to tier three sensors, the smaller sensors that protect weapon systems, that protect C2 platforms. But when you talk about adding all those sensors, that’s when you really need to have a good sensor strategy. Do we know our terrain well enough to put the sensors in the right location? We’re not gonna be able to sensor everything. We’re not gonna be able to mass our way out of this with human beings. So we’ve gotta put the sensors in the right locations to protect the key nodes. And then you need a data strategy. So with all these bases, with having all these levels of sensors, that’s gonna be an, you know, exponential amount of data that needs to be processed. So how are we doing the content triage, the metadata analysis, so that the human beings can do what it is that they do best and analyze the data to respond and harden those networks. And so those are some of the things that we’re working on to ensure that we’ve got the network secure.

Lt. Gen. Kevin Kennedy, USAF (Ret.):

All right, and Char, what’s your thoughts on force employment?

Charleen Laughlin:

Yeah, so, you know, you asked the question about employing force, delivering all domain effects, and my head just went straight to CJADC2, Combined Joint All Domain Command and Control. Prior to coming to the Space Force, I was actually on the joint staff for about five years, where I helped lead CJADC2 for the department. And there I saw that our adversaries, they’re targeting our C2, they’re targeting our data, you know, the information environment, they’re seeking to fracture our kill chains, and impact and undermine the joint forces ability to deliver synchronized effects. Space, again, is critical to that, in support of all of the domains. And so one of the steps that we’re taking on the Space Force side to ensure our ability, to ensure that there is never a day without space, is focusing really heavily on enhancing the resiliency of our data platform, the unified data library. We’re also looking to leverage additional data sources across industry with allies and partners and others within the department, to ensure that we have robust data available, so that we can deliver those effects across the joint force.

Lt. Gen. Kevin Kennedy, USAF (Ret.):

Okay, perfect. All right, we’re going to go to the speed round. All right, are we ready? Here we go. So this is what I call is, hey guys, do you wanna make some news?

Lt. Gen. Thomas K. Hensley:

No.

Lt. Gen. Kevin Kennedy, USAF (Ret.):

So we’re gonna go over to General Kaczor first. So General Kaczor, we’ve seen some discussions about CSIS talking about a cyber force. If you were going to give some advice to the panel that is exploring this as an option, what would be something that you would ask them to consider looking to?

Brig. Gen. Joy Kaczor:

So I’d start with, what problem are we trying to solve? Do we understand what we want to do and what we need to do it in terms of authorities? So starting with that question, ’cause I’ve always been taught form follows function. So let’s start with what it is we’re trying to do and what authorities we need and then determine how we get about doing that.

Lt. Gen. Kevin Kennedy, USAF (Ret.):

All right, perfect. She didn’t make any news. All right. Char, I’ll come to you with this one. All right, what technology or innovation has the greatest chance of disrupting our use of the cyber domain and why?

Charleen Laughlin:

Great question. So we talk a lot in the department about responsible AI, responsible AI implementation as we’re looking at how we integrate this technology into the force. I think the greatest disruptor would be our adversaries irresponsibly using AI, right? Using AI, weaponizing it in order to automate misinformation, to automate exploits and really to take advantage of us in ways that on our side, as we’re moving out responsibly integrating this technology, we’re just not able to keep up with.

Lt. Gen. Kevin Kennedy, USAF (Ret.):

Okay, perfect, thank you. Okay, General Hensley. This is the, a lot of times when you wanna know what folks care about, you look at what they spend their money on. If you had another dollar or let’s say a million dollars, let’s make it real, in the Air Force budget, where would you put it?

Lt. Gen. Thomas K. Hensley:

I would, so the $1 million is, okay, end of life, end of service. The tech debt that we have within our air and space forces, it’s just, it’s an issue. And what does that mean? End of life, end of service. So if you have software that is end of life, end of service, that means there are no software upgrades, there’s no patches, there’s nothing to come out that’s going to mitigate the known vulnerabilities that you have. And so if there are no patches or upgrades or modifications to known vulnerabilities, guess what? You have a wide open hole in your security gate that the adversary can take advantage of. And from a hardware standpoint, if it’s out of date, there’s no upgrades, there’s no replacements that are coming forth, then it’s just not gonna run at a speed that is optimum for warfighting in the future with a China potential conflict that we could experience. So I kinda hesitate when I say $1 million to end of life, end of service, because the bill on that, and this is unclassified, it was $9 billion a couple of years ago. And so what’s $1 million gonna do when the bill is $9 billion? It’s better than nothing, right? And so let’s get after the things that we can fix and upgrade from that standpoint. And if it’s not the end of life, end of service, then we’ve gotta invest in our cybersecurity service providers, the men and women that are doing the resources to monitor our networks on a 24/7, seven days a week, 365 days out of the year, because we’re coming out with more and more capabilities that is more computerized, that’s more networked, and there’s more terrain that needs to be protected, and so we need to make sure that they’re resourced.

Lt. Gen. Kevin Kennedy, USAF (Ret.):

All right, so we got time for one more question to the panel. So in closing, Ms. Laughlin, we’ll come to you first, is what would you charge all Guardians and all Airmen to do so they can ensure that they can leverage the cyber domain to fight and win?

Charleen Laughlin:

Yeah, so the cyber domain is no longer just for cyber and IT professionals, right? We all touch the domain daily in the data we use, the systems we operate, and the decisions that we make, so I would just offer three quick points. That way we can give 30 seconds over to Krypto as well. One, understand the mission impact of cyber hygiene. Every patch, every click that you make matters, and understand what the operational impact of a cyber breach would be on your system, and think through how you would respond if that ever happened to you. That way you’re just not caught flat-footed, because like General Kaczor said, it is going to happen more and more frequently. Two, continue to learn, whether it’s zero trust, data, artificial intelligence, coding, all of that is just going to be so important as the pace of technology continues to change, and we’re integrating more and more capabilities into the force. And then finally, the last thing I would offer is just stay aware. If something doesn’t make sense to you, ask a question about it. If you see a risk or an anomaly, flag it, because awareness really is, I know we make fun of the cyber awareness challenge, but awareness really is a readiness issue, and the more you know, the better you can do your job.

Lt. Gen. Kevin Kennedy, USAF (Ret.):

All right, General Kaczor.

Brig. Gen. Joy Kaczor:

Same question. I know, I need all the things. That’s why I don’t like microphones. I tell my Airmen, be the bolt, but it’s not just our common cyber Airmen. It gets to everything Ms. Laughlin said, understanding that, understanding the mission, understanding what’s required to get after the mission, and what I tell you is we often think of insider threats as someone bad doing, intentionally doing something bad. It’s not. It is the clicking on the things. It’s plugging things where you’re not supposed to. It’s not being aware. So, no kidding, be the bolt. What’s required for your mission? I don’t care what your AFSC is. I don’t care if you wear a uniform or not wear a uniform. What do you need for your mission? Map that out, understand your pace plan, and be ready to execute, because something as simple, let’s not even say war. Anyone dealt with a hurricane? What happens when comms are out? Chaos. Are you prepared for that chaos? And so, I think all Airmen need to be aware. So, I just say ditto to what Ms. Laughlin said.

Lt. Gen. Kevin Kennedy, USAF (Ret.):

All right, excellent. General Hensley, you have the last word.

Lt. Gen. Thomas K. Hensley:

Ditto.

Lt. Gen. Kevin Kennedy, USAF (Ret.):

All right, now you get a Krypto 30 seconds.

Lt. Gen. Thomas K. Hensley:

Ditto. No, seriously, I mean, so cyber hygiene, I mean, that’s everybody’s responsibility, so we have to do that. One of the things that we’re constantly preaching is what is your coup plan? What is your pace plan? As much as we want to try to harden our networks, there’s vulnerabilities that are gonna happen. And so, it’s not if, it’s when comms go down, but how quickly can we bring them back up, and in the meantime, what is your alternate plan? What is your contingency plan? What is your emergency plan? And the last thing I’ll say is I totally agree with Char that continue to be a learning person in these types of environments, and I’ll just share with you that, you know, I’m an Intel guy, and so I’m running a cyber organization, and I wanted to learn how to be a hacker. So I picked up a book on hacking. I got to page 20, and I picked up another book. So, I mean, that’s some conclave business. You’re not gonna learn how to become a hacker by just picking up a book and read it, but thank you so much for the opportunity. This is a wonderful time. Appreciate it.

Lt. Gen. Kevin Kennedy, USAF (Ret.):

Excellent. All right, so as we look at the expanding cyber threat, I think we can all agree with these three leaders on the stage, leading the Department of the Air Force, that we’re in a good place. So please join me in a round of applause.