“Good afternoon.  Today the Terrorism, Unconventional Threats and Capabilities Subcommittee will hear testimony regarding Holistic Approaches to Cybersecurity Enabling Network Centric Operations.  This is an area of our national defense that is not fully understood, especially with regards to the costs of a cyber attack, and I appreciate our panel sharing their expertise with us today.
 
 “As our forces move closer to the vision of network-centric operations, it’s absolutely crucial that we make proper investments in cybersecurity.  Net-centric warfare depends not only on the operation of network connections and infrastructure, but on being able to trust the information being shared across the networks in question.  That means we have to not only protect highly vulnerable physical choke-points of global network infrastructure, but also take into account factors such as the potential security vulnerabilities posed by outsourcing of coding functions to overseas contractors, as well as the ‘human factor’ – weak passwords, vulnerability to social engineering, and the like.
 
 “We also have to understand the nature of the battlefield.  Unlike traditional physical battlefields, cyberspace is not neatly divided into friendly space and hostile space.  Our operations share space with our interagency partners, allies, hostile states, criminal entities, terrorist communities, and hackers with too much time on their hands.  Unlike traditional weapons of mass destruction, we have very limited abilities to prevent the proliferation of damaging weapons in this sphere of operation; once a tool is invented and made available online, it is available to anyone.
 
 “As with other areas that touch on DoD’s technology policies, we need to take a hard look at our personnel recruitment incentives as well as our acquisition policies.  We need the best and the brightest working for us, and that means our incentive packages have to be competitive with the private sector. 

 “We also need the best technology as quickly as possible, and that will mean reexamining our acquisition policies.  Know-how and technological capabilities are the only ways to stay ahead of the curve when anyone with connection to the Internet can potentially disrupt our operations.
 
 “This subcommittee is committed to making sure our policies support a robust information defense while balancing legitimate privacy concerns.  In addition, we’d be interested to hear from our panel on areas of existing law that might have been written for a pre-Information Age era and that should be revisited to ensure we are not constrained by laws that did not anticipate the emergence of net-centric operations.
 
 “Again, I want to thank our panel and Ranking Member Thornberry, as always, for his bipartisan work on this subcommittee.”