Very much and welcome back from lunch. If those who are in the exhibit hall, if you could begin to move back, we would greatly appreciate it. I want to give a special thanks to Northrup Grumman. So Jennifer Walsmith and chris valentino, i know, are here. If you could raise your hands . Jennifer is here and chris from Northrup Grumman, i want to give a special thanks to them for this lunch sponsorship. I also want to applause applause thank them for their seven years of sponsorship and support which has been greatly, really a key reason for us being able to host this forum with the government, military and to be able to do this now for the tenth year. So thank you very much. I want to just also point, give to your anticipation, please, on your seats are fliers that describe the next years event, september 8th and 9th at the Marriott Wardman park. So that will be september 8th and 9th, 2020. We also have Corporate Executives that are interested, we have a series of quarterly Leadership Council meetings. Were in the third year of that. If you look at the flipside, youll see the corporate members include cisco, aws, booz allen hamilton, raytheon, hp, northrup, google cloud. If youre interested in that, please let us know. Id also like to recognize and express our appreciation for the Advisory Board members. Ill list those once again as theyve been very helpful. So Brett Scarborough from raytheon, dan from google cloud, general greg twohill from sex terra federal group, brad from booz allen, will ash from cisco, mark kerr and sean love from northrup gullman. So if we could all give them a round of applause, please. So just a applause couple logistical announcements. Im trying to keep us right on time. If youre a member of that, isc squared, you can get credit by going to Registration Desk and giving them your member number, please, and they can send you a certificate they can give you a print certificate or they can send you a digital certificate. If youre an osaka member, i gather you have to go to the portal to register for continuing education. So were flighted to part delighted to partner with those two continuing you would organizations to offer continuing education credit for those of you who would like it. So this is a very full and exciting afternoon. Im very excited about. Well have a number of, a keynote from general crall who will be introduced shortly. We then will have a number of panels, and well conclude with keynotes from the from israel and from the National Cybersecurity center in the u. K, and more. So weve got a full day ahead, and well then have a number of awards at the end of the day, and im very honored that well be giving a Lifetime Achievement award im announcing this now to general mike hayden, who will also give final remarks to our audience. And im honored by that. So with that said, id like to now introduce greg potter. Hes the Corporate Lead executive for Northrup Grumman at fort meade in aberdeen, and hell be introducing the luncheon keynote speaker. Greg . Thank you very much. Thanks, tom. Thanks to billington for putting on such a great conference. Its my honor and pleasure this afternoon to be able to introduce the keynote speaker for this afternoon. Major general dennis crall is Deputy Principal cyber adviser and senior military advisor. He was appointed to that role in february 2018. Major general crall is a career aviation command control officer who has commanded squadron and group level. Hes got deep cyber and Information Operations, operations background where he was the chief of the joint Cyberspace Operations center at Central Command as well as the deputy chief of their information Operations Center at Central Command. Lastly, he was the branch chief for strategic plans for Information Operations at u. S. Special operations command. If you would, please give a warm welcome to Major General dennis crall. applause well, ive been introduced with music and its my pleasure to have just a few minutes to chat with you this afternoon, and id like to split my time here to get done framing a conversation and then being available to take your questions. So i want you to, im your afternoon caffeine. Youve just had lunch, ive got enough excitement for both of us, for all of us here. What id like for you to do is to take the conversation up a notch, and were going to talk about warfighting for my quick portion of it. And were going to think strategically. And the slide thats in front of you is, my staff is embarrassed about my slide. I built the slide myself, and it probably shows. Thats about as many words as i want to cover in a framing document, and i want us to think the way the department thinks and breaks down our warfighting mission in this very critical domain. And im going to use the language that comes from our National Defense strategy and the Cyber Strategy that flowed from that in 2018. And this is language that our former secretary of defense used very clearly about lethality, partnership and reform. And its a great lens by which to look at signer and a few other quick items well talk about. But i need you to remember something when we have this conversation. Theres a couple caveats. Every one of these framing ideas doesnt exist unto itself. This is all about outcomes. Gotta make sure that we pause and think about what it is were doing, why were doing it, and if it lends itself to the ultimate mission, the reason were doing it. Which means theres got to be pause points in execution the make sure that were still on track. Technology changes, we all know, at a rapid state. Its easy to Chase Technology and not the mission. Its easy to stay focused on antiquity and not adopt modernization. So theres got to be some level of balance. And we do this within a government system of funding which drives a lot of this which at times is a bit episodic. And so the challenge is balancing really those three tendencies but not to forget this is all about outcomes. And driving to an end state. What makes this difference in our different in our a approach is the right emphasis and weight to what we call per sunt engagement. The items that ill talk about especially underthat wouldty lethality really lend itself to think about is this something were doing episodically . Is this something that i can stay in steady state, or is this a series of fits and starts . Which means you break continuity, lose momentum and dont have the ability for proper exploitation of success. These are all principles that we talk about in every other domain that we somehow shy away from in this one. And its just as applicable. In order to seize that advantage and to maintain that advantage throughout the operations. The other piece is we talk a lot about operations in a contested environment. And ill be honest, im not sure that we are as practiced as we need to be to be successful given the threats we believe were going to face. So im fully aware that there are those who believe we have painted our adversaries 10 feet tall and may be giving them more prowess or acumen than they deserve. But ill also tell you that there are time because we really believe that we can fight through certain things that are not well rehearsed that we may be in for a rude awakening if were not practiced and postured to succeed. So think about information contest would look like. Thin eyes. So the word that really surfaces to me the most under this category is standards. Weve talked a lot about standardsetting. We already understand what the requirements do to the acquisition cycle. Im not talking about that. This is the idea of making sure that we have common standards that we drive to and that we have an apparatus in place e to inspect what we expect, that we have adherence to those standards. Better were pretty organization as a and so when we talk about these principles, they are not esoteric, they dont sit there to be admired, they are there to be practiced, vetted, rehearsed, challenged, improved, implemented with confidence, that is where we need to be. So lets talk about these things of without early first, three sub areas under lethality that are important that i look at defining, the first one would be the idea of authorities, we have to have the right authorities to operate in the space, it doesnt matter what kind of activity we are talking about, whether we are operating i tea centric role, whether we are talking about defence or offensive operations, they are required the authorities to about peace, this persistent engagement means that authorities need to be deep enough to characterize the battlefield as, well not simply execute. We have to anticipate in that authority so that these things will be inculcated and not sprinkled on afterwards but their fourth thoughts, built in, planned for an tested as i mentioned earlier, i will be honest with you we have had a lot of help, i mean that in a good way from the administration and from congress in this area, they have loaded us up with authorities that we have not had before, its important that we utilize them and that we line up a couple other items that go along with them, so authorities would be one idea of that to try out that you have to think, about but two others have to be lined up and current with, that the other one is process, you have to have a process in place that takes advantage of the authorities that were given, if the process isnt repeatable, if it is admired and craggy here this a india of constant uphill battles in fights, im not into meeting that we should not share information on and other interested parties, but the point is that the process has to lends itself to a successful entitling outcome, not for a process to exist onto itself, anyone who was worked on the pentagon, personally and seeing the pentagon process up front knows exactly what im talking about, secretary mattis used to have a phrase back when i worked for him as general mattis, wouldnt good people mean bad process, that process wins, that process can take the most energetic, forceful, excited individual and crush them through a series of bureaucratic alaska does not lead to an outcome, so these are areas taking advantage of the authorities and give me your minds, looking at these processes within the building it outside of the building to execute operations in a timely manner, and the last piece of this is on the idea of capabilities, we have to make sure that we have the trained workforce and the equipment to perform the mission at hand, we have taken a hard look at this workforce, and in some cases i think we have taken for granted that the workforce will be available, the amount of training that is required, the recruitment, the competition of that we are under to retain individuals given that there is a lot of welsh of life the people can go, to look at looking at models align themselves to attracting and retaining the best and brightest for our mission is critical to what we do, also the capabilities and the terms of our tools, that we have, to employ these are critical as well, we have to make sure that we employee cutting edge technology, we have to make sure that we start looking at ways we can take advantage and that we do so in a timely manner and that were not looking at old technology, there is a quadrant, physical quadrant that i keep my mind for that i try to avoid, this may not work but at least we have to avoid the idea that we are paying the premium, so we have to be on board and know what to do, so if you think about lining up in, the process isnt capabilities, the next piece is the idea of partnership, we have a couple of areas that challenges them, he dug we need to make sure when we have capabilities of through practice and capabilities and relationships, as they get better we are better, it is less service for us to look at, on the challenging side with partnership if we struggle with information ship, how do we stay not just on the battlefield by the way, but as we have joined partners who sit rain next to us and information sharing gets different, we need better across demand solution and that is on the radar to solve this year how do we move information at the speed of warfare and then take you want to essentially further, how do we help safeguard our needs shins those critical secrets at the time they are throughout up through development and implementation through a supply chain and then through production and war fighting apparatus, so partnering from an execution and planning and then on the side of ensuring that we are able to share information with a common level of protection is critical for us, all of these heavy varying efforts that are ongoing in the building today and so serve again that framework that i just described, the last piece and ill tell you its one of the most critical because it involves a little of trust, trust with the taxpayer and transfer their government and keeping that trusted not breaking faith with our work force, we need reform, so on this reform is going out apiece it is pretty respectable and others may be and apiece it needs to be picked up and made better, so what we mean by reform, this is the idea of scarce resources being applied and the most consistent, meaningful, and thoughtful ways, gone are the days where everyone who is doing whats right in their own eyes, so what really services to me, is standards, we have talked a lot about standards, you already understand of what requirements are needed and im not talking about this, this is the idea of making sure that we have communist endurance that we drive to, that we have an apparatus in place to inspect on what we expect, that we have adhere to those standards, nothing is more frustrating than publishing a set of standards are not following them and not even knowing the you are not following, but the idea of following through with the expectation that you have the level adherents and compliance and commitment of those means that we are a better war fighting organization as a result, of this reform has to be deep, all the way to the lowest level those are looking at the workforce all the way up to the strategic ways that we go towards actions and activities, on we have to look across the department to make sure that we dont have a necessary redundancies, you know there was a time and the information and environment where it was new. When we use terms like Information Operations, montreal preparations, those types of, things that we went to congress and we asked for money, on kind of this new frontier, its always been practice but this was embraced by the parliament and there was a time when that money flow to freely and we couldnt always account for how it was spent and we couldnt effectiveness, we had a lot of measures of performance but not to provide the so what of money we were given and what was a permissive friendly giving environment turned into a very challenging environment to demonstrate a level of sufficiency and rebuild trust. I will tell you i think were probably not too far off in some of the realms within cyber if we are not careful. People want to help us, our leadership wants to help empower us in this area but we have to be very good stewards on how the money is spent. You have to have something to show for, datadriven, really show the level of effectiveness for how we commit these measures. So every single day, we wake up in the Cyber Advisors office and the relationship with the chief Information Officer to be pushed with the relationships with our services, components, et cetera could not be closer and we think in these three terms, because the National Defense strategy tells us to think this way in our Cyber Strategy demand we think this way in the reveal are framed of partnership and reform. Strategic thoughts . A way to share a broad picture in less than ten minutes with you, i stand ready to take what will be your challenging questions that i can answer and i look forward to answering. Thank you. applause i dont know what the rules are, youre right in front of me with your hand up. inaudible thats a great question, for those who cannot hear, this is about how the dd a d response to cybersecurity. And one of the statements, i would agree with that mpca could maybe unsatisfied with the answer they would get since that pulls outside of our primary work goals but not outside of the responsibility. I will say this, the answer will not be as detailed as you would like, there are challenges, seminal challenges to how we share information and who owns the burden to responsibly in the liability if information is shared and solutions provided. These are not easy questions to answer, i dont pretend they have been solved at our level. I promise you this year they received more attention than i personally witnessed and there are really difficult choices in the road ahead for the department to make. I dont know what the balance is personally and where the leadership will side but if you think about this, how much should the department do, and how much of the solutions are on the part of those who own for example, data. I will say this, no matter what the answer lies there is one thing that is very clear, we as a unit have to do better at securing our data. There is no argument there. There are things and solutions in place from basic hygiene to Good Practice to the movement of information and safeguarding it through 0 information there were two course. In a flat surface to comfort heating the process or image highland that is unnecessary. So probably not the detailed answer you would expect because that is still yet to be solved in the department. Another question over here. Other questions . If you could take a mike we will come down for you. The previous question could be something to do with 171, is out falling under your domain . Not my domain but it certainly is an area we are involved in and that has secretarial interest so yes, it does, enforcing the standard and contract, we have ans provides a lot of the information, theres been a lot of reform in contracting language. S