Back from lunch. Those who are in the exhibit hall if you could begin to move back, we would greatly appreciate it. I want to get a special thanks to Northrop Grumman. Jennifer walsh smith and Chris Valentino i know are here. If you could raise your hands. Jennifer is here and is valentino from Northrop Grumman, i want to give a special thanks to them for this lunch sponsorship. [applause] i also want to thank them for their seven years of sponsorship and support, which is been greatly, really a key reason for us to be able to host this forum are free for the government, military, and to be able to do this now for the tenth year. So thank you very much. I want to just also give to your attention, please, on your seats are flyers that describe the next years event, september 8 and 9th at the Marriott Wardman park. That would be september 8 and 9th, 2020. We also have for Corporate Executives that are interested, we have a series of quarterly Leadership Council meetings. We are in the third year of that. Look at the flip side you will see the corporate members include cisco, aws, booz allen hamilton, raytheon, hp, northrup, google cloud. If youre interested in that please let us know. I would also like to recognize and express our appreciation for the Advisory Board members. Ill this is once again as they had been very helpful. So Brett Scarborough from raytheon. Dan from google cloud. General great to hill from the federal group, brad from hamilton booz allen, will ash from cisco. Matt barry from ap federal, dave from amazon web services, and charlotte from Northrop Grumman. If we could all give them a round of applause, please. [applause] just a couple logistical announcements. If youre a member, you can get credit i going to the Registration Desk and giving them your member number and they can send you a print certificate or they can give you a print certificate or they can send you a digital certificate. If your an osaka member i gather you have to to the osaka portal to register for a continuing education. Were delighted to partner with those continue education organizations to offer continuing education credit for those of you who would like it. This is a very full and exciting afternoon. Im very excited about, we will have a number of keynote from general crall who will be introduced shortly. We then love a number of panels and will conclude with keynotes from chris krebs from dhs and from martin from the National Cybersecurity center in the uk. We have a full day ahead, and we will then have a number of awards at the end of the day and i am very honored that well we giving a Lifetime Achievement award now to general mike kayden who also give final remarks to our audience, and im honored i that. With that said, id like to not introduce gregg potter, a Corporate Lead executive for Northrop Grumman at fort meade and aberdeen and he we introducing the luncheon keynote speaker. Thanks very much. Thank you, tom, thanks to billington for putting on such a great conference. Its my honor pleasure this afternoon to be able to introduce the keynote speaker for this afternoon. Major general dennis crall is a Senior Advisor for cyber policy. He was appointed to the role in 2018. Hes a a career aviation commad control officer who has commanded squadrons at group level. Hes got deep cyber and operations Information Operations background where he was the chief of the joint operation or joint Cyberspace Operations center at Central Command as well as the deputy chief of the Information Operation center at Central Command. Lastly, he was the branch chief for strategic plans for Information Operations at u. S. Special operations command. If you would, please give a warm welcome to Major General dennis crall. [applause]. To get done streaming a conversation andbeing available to take your questions. Im, im your afternoon caffeine. We just had lunch, ive got enough excitement for all of us here. What i like for you to do is take the conversation up a notch and were going to talk about war fighting for my quick portion of it and were going to think strategically and the slide thats in front of you is my staff is embarrassed about my slide. I dont my slide itself so it probably shows. Thats as many words as i want to cover in a framing document and i want us to think the way the Department Takes and breakdown our work fighting mission in this critical domain. Im going to use the language of it comes from our National Defense strategy and the Cyber Strategy that flows from that in 2018. This is language that are former secretary of defense used clearly about lethality, partnership and reform and its a great blend by which to look through cyber and a few other items we will talk about. But i need you to remember something when we have this conversation, theres a couple caveats. Every one of these framing ideas doesnt exist unto itself. This is all about outcomes. We got to make sure that we pause and think about what it is were doing, why were doing it and it lends itself to the ultimate mission, the reason were doing it which means theres got to be policy and execution to make sure were still on track. Technology changes at a rapid pace. Its easy to Chase Technology and not the mission. Its easy to stay focused on antiquity and not a not modernization but theres got to be some level of balance and we do this within a government system of funding which drives a lot of this but at times is a bit episodic. So the challenge is balancing those three tendencies but not to forget this is all about outcomes. And driving to anend state. What makes this different in our approach that were looking at this year and previous years is the right emphasis and weight to what we call persistentengagement. The items that our talk about especially under lethality really lend itself to think about is this something we are doing episodically . Is this something i can stay in steadystate or is this a series of it and starts which means you break continuity, lose momentum and dont have the ability to proper exploitation of success. These are all principles we talk about in every other domain, yet we somehow shy away from them in this one and its just as applicable. In order to see that advantage and to maintain that advantage throughout operations. The other piece is we talk a lot about operations in a contested environment. And ill be honest, im not sure that we are as practiced as we need to be to be successful given the threats we believe were going to face. Im fully aware there are those who believe we have made our adversaries 10 feet tall and giving them more prowess than they deserve but i also tell you there are times because we really believe we can fight through certain things are not well rehearsed that we may be in for a rude awakening if we are not practiced and postured to succeed. So think about what information contest would look like. Deadlines, redlines, very low bandwidth. The ability to prioritize information in need of speed, what are the minimum elements a commander needs to fight. Those have not been defined, its a difficult to figure out how youre going to employ that on a battlefield when you realize that its at that time under this crucible of challenge that youre not going to have a boss point, the fog of war creeps in and everythingbecomes more difficult. These have to be practiced. And you have to understand what it means to your perfectly rehearsed plan when you do that in garrison, what it means to meet that plan on a battlefield. A famous boxer once said about his competition that every man has a planuntil i punch him in the face. You think about that and we all plan and we think about what is going to be like and then we need the crucible of contest. We got to be ready for what that looks like. So when we talk about these principles that are not esoteric, they are not things that sit out there to be admired but theyre there to be practiced, embedded, rehearsed, challenged, improved and implemented with confidence. Thats where we need to be. So lets talk aboutthese things under lethality first. Three subareas that are important the way i look at defining them. Thefirst would be the idea of authority. Weve got have the right authority to operate in space and it doesnt matter what kind of activity were talking about. Whether were operating networks, talking more of an it centric role, whether were talking about defense or offensiveoperations, their required the requisite authorities in order to move pace. This persistent engagement means authorities need to be deep enough to characterize thebattlefield as well, not just execute. Weve got to anticipate in that authority realm that these things will be as planned, not sprinkled on afterwards but there are four thoughts built in, planned for andtested as ive mentioned earlier. Ill be honest, weve had a lot of help and i mean that in a good way from the administration and congress. They have loaded us up with authorities we havent had before. Its important that we utilize them in line up a couple other items that go along with them so authority would be one idea that you have to think about what to others have to be lined up in currents with that area the other one is process. Weve got have a process in place that takes advantage of the authorities that we are given. The process isnt repeatable, if its mired in quagmire, this idea of constant uphill battles and fights , and im not intimating we should not share information or have d confliction with others and other interested parties but the point is the process has to lend itself to a successful and timely outcome. Not for a process that exists unto itself. Anyone whos worked in the pentagon personally and seen the pentagon process upfront knows exactly what imtalking about. Terry mattis used to have a phrase back when i worked for him as general mattis that when good people meetbad process, bad process wins. Bad process and take the most energetic, forceful, excited individual and crush them through a series of bureaucratic morass. That doesnt lead to an outcome so these are areas taking advantage of the authorities we are given and working on numerous, looking at this process within the building and outside of the building to execute operations in a timely manner and the last piece of the threelegged stool is on the idea of capability. We got to make sure that we have the trained workforce and be the equipment to perform the mission at hand. Weve taken really a hard look at this workforce and in some cases i think weve taken maybe for granted that the workforce will be available. The amount of training thats required, the recruitment, the competition that we wonder to retain individuals given their a lot of walks of life that people can go do but looking at models that lend itself to attracting and retaining the best and brightest for our mission is critical towhat we do. Also, the capabilities and the terms of our tools that we have two employ these are critical as well. We got to make sure that we employ cuttingedge technology. We got to make sure when we start looking at the ways we can take advantage that we do so in a timely manner and that were not looking at Old Technology delivered twoways. Theres a quandary i have that i keep on my board that i try to avoid and thats the phrase of this may not work but at least its suspenseful, we want to avoid the idea that were paying premiums for outdated technologies. Weve got to be more responsive and use whats available so if you think about lining up the authorities, the process and the capabilities, how critical that is to the lethality rubric that i got in front of you. The next piece is the idea of partnership. We have a couple areas that challenge us as well. On the good side we know that partners, many of our partners at unique authorities and capabilities we dont have and we want to make sure that we take advantage of those. We want to make sure that we build their prowess and capabilities up through our practice relationships and as they get better, we are better. Its less service for us to look at on the challenging side with partnerships, we still struggle with information share. How do we exchangeinformation in a timely manner not just on the battlefield , as we have joint Coalition Partnerships and information sharing it difficult, we need better Cross Domain Solutions and thats on the radar to solve this year. How do we move information at the speed of warfare and take it one extension further to our Defense Industrial base. How do we help safeguard our nations most critical secrets, the time there through development and implementation through a supply chain and eventually for the introduction in our worklighting apparatus. Saw partnering from the idea of missing execution and then on the side of ensuring that we are able to share information with a common level ofprotection is critical for us. All of these varying efforts that are ongoing in the building today and served again that framework that i just described. The last piece, and its one of the most critical because it involves a level of trust. Trust with the taxpayer, trust with their governments and keeping the trust and not breaking faith with our workforce and war fighters. We need reform. Some of this reform is going pace which is respectable and others may be at pace that needs to be picked up and made better. So what do we mean by before . This is the idea of scarce resources being applied in the most consistent, meaningful and thoughtful ways gone are the days where everyone doing whats right in their own eyes so the word that serves to me the most under this category is tendered. We talked a lot about standardsetting. We already understand what requirements are due to the acquisition cycle and im not talking about that. This is the idea of making sure we have common standards that we drive to and that we have an apparatus in place to inspect what we expect. That we have adherence to those standards. Nothing is more frustrating than publishing a standard and not following them and not even knowing youre not following them but the idea of following through with the expectation that we have a level of adherence and commitment to those means that were a better war fighting organization as a result. This reform has to be all the way through the lowest level when we look at our workforce all the way up to the most extreme and strategic ways for actions and activities. Weve got to look across the department to make sure we dont have unnecessary redundancies. There was a time in the information environment when it was new. When we used terms like Information Operations, military Information Support operations, those types of things that we went to congress and we asked for money. On kind of this newfrontier for us , its always been practiced but this it was upscale and embraced by the department and there was a time whenthat money flowed to freely. And we couldnt always count for how it was spent. We couldnt always look at measures ofeffectiveness. We had measures of performance but we couldnt provide the so what the money we were giving and what was really a permissive friendly giving environment turned into a very challenging environment to demonstrate a level of sufficiency and rebuild trust. Ill tell you i think we are probably not too far off in the realms within cyber if were not careful. People want to help us, our leadership wants to help empower us in this area but we have to be very good stewards on how that money is spent. Weve got to have something to show for it. Its got to be datadriven, its got to show the level of effectiveness or how we commit to these treasures. So every single day, we wake up in the principal Cyber Advisors office. Our relationship with chief Information Officer couldnt be closer to the relationships that we have with our services components, chiefs, etc. Couldnt be closer and we think in these returns. Because the National Defense strategy tells us to think this way and our Cyber Strategy demands we think this way and the possible review which reveals the gaps are framed in that rubric of lethality, partnership and reform. Strategic thoughts, a way to share a broad picture in less than 10 minutes with you. And i stand ready to take what i imagine will be the challenging questions where i can answer, i look forward to answering. [applause] i dont know what the rules are here but youre right in front of mewith a hand up. [inaudible] [inaudible] a great question. For those who couldnt hear, this was about how the od response to calls from the Defense Industrial base for a challenge they may have for cyber security. And one ofthe statements that were made, we certainly wouldnt call the crowd, i would agree with that. They could, they may be unsatisfied with the answer they would get since that particular mission set literally falls outside of our primary work rule. It doesnt fall outside of the air of responsibility for thedepartment. The answer will not be perhaps as detailed as you may like there are challenges , some seminal challenges to how we share information, what information we can share and who owns the burden of responsibility. Owns the liability if information is shared or solutions are provided and those compromises will take place. These are not easy questions to answer. I dont pretend they have been solved at our level i promise you this year a received more attention than i personally have witnessed and there are really probably some difficult choices in the road ahead for the department to make. I dont know what the balance is person