CITI Hearing: Fiscal Year 2026 Review of the Department of Defense’s Cyber Posture (May 2025)

Summary

This meeting of the Department of Defense Cyber Warfare Enterprise featured testimony from Ms. Laurie Buckhout and Lieutenant General William Hartman, focusing on the current state of cyber defense, ongoing threats, and the challenges of managing the cyber workforce and operational strategies.[ 00:21:51-00:21:53 ]

[ 00:33:29-00:33:42 ]

Themes

Leadership and Organizational Challenges

Concerns were raised regarding the recent unexplained dismissal of General Joe Hawk, the former head of US Cyber Command and NSA, which was described as not serving national security interests and drawing bipartisan opposition from Congress.[ 00:22:50 ]

There is also strong congressional opposition to any potential separation of the dual-hat relationship between Cyber Command and the NSA, a construct seen as vital for national security.[ 00:23:18 ] Discussions also touched on the revamp of the Cyber Comm 2.0 effort, with a preference for a SOCOM-like model for organizational structure, aimed at improving efficiency in force presentation and training.[ 00:34:39 ]

Cyber Threat Landscape

The United States is considered to be "at war" in the cyber domain, facing deliberate attacks from nation-states like the People's Republic of China (PRC) and Russia, as well as Iran and North Korea.[ 00:22:15 ]

These attacks, exemplified by Volt and Salt Typhoon, target critical infrastructure such as transportation, energy, and telecommunications.[ 00:22:18 ] Transnational criminal organizations (TCOs) also pose a significant threat through ransomware attacks.

Workforce, Readiness, and Talent Management

Achieving and sustaining a high level of readiness across the cyber warfare enterprise is a key priority, especially given that foundational readiness standards were only recently met after more than a decade. Talent management, including recruitment, retention, and development of highly skilled individuals, remains the top priority for Cyber Command, with an emphasis on building "mastery" in the force. The impact of a hiring freeze is a concern, potentially affecting the ability to fill critical roles and bring in necessary talent.[ 00:42:09 ]

Additionally, there is a recognized need to improve mental health support for cyber operators, who often experience deployment-like conditions stateside.[ 01:13:59 ] [ 01:14:31 ]

Operational Strategy and Rules of Engagement

There is an ongoing re-evaluation of rules of engagement to better counter adversaries in cyberspace, acknowledging the rapid pace of technological change and adversary actions.[ 00:34:59 ]

[ 00:36:04 ] The Department of Defense is working to ensure cyber capabilities are well-integrated to support other combatant commanders and national defense, with a new 2025 cyber strategy in development.

Disinformation and Influence Operations

While disinformation is recognized as a significant threat and a "major line of attack," especially through platforms like TikTok, Twitter, and Facebook, countering it is not explicitly within the current mission set of Cyber Command or the policy office. The focus for Cyber Command remains on foreign adversaries linked to foreign governments who attempt to execute operations targeting the United States.[ 01:10:46 ]

Tone of the Meeting

The tone of the meeting was primarily serious and concerned, reflecting the critical nature of cyber warfare and the ongoing threats.[ 00:22:29 ]

There was a strong bipartisan consensus on the gravity of the cyber threats and the importance of a robust cyber defense. However, there was also clear frustration and criticism directed at the administration regarding leadership decisions, particularly the unexplained dismissal of General Hawk, and the impact of the hiring freeze on vital cyber personnel.[ 00:22:39 ] [ 00:58:43 ] Witnesses maintained professionalism, often deferring specific operational details to a closed session when publicly discussing sensitive matters.