Outside Perspectives on the Department of Defense Cyber Strategy: Hearing Before the Committee on Armed Services, Subcommittee on Emerging Threats and Capabilities, U.S. House of Representatives, One Hundred Fourteenth Congress, First Session, September 29, 2015 [open pdf - 721KB]
This is a testimony compilation of the September 29, 2015 hearing "Outside Perspectives on the Department of Defense Cyber Strategy" held before the House Committee on Armed Services. From the testimony of Mr. Richard Bejtlich: "As a private sector defense strategist and as a former military officer, I assess the new DoD cyber strategy as a transition document. Previous strategies emphasized DoD's role as protecting DoD networks from attack. The current document restates this role, and adds a new albeit limited mission: 'defend the US homeland and vital interests from disruptive or destructive cyber attacks of significant consequence.' Stepping outside the Beltway mentality, it might be natural to ask 'what about OPM?' or even 'what about Sony?' For these reasons I believe DoD's strategy is a step in the right direction, but one that needs to be augmented by additional measures. […] It is true that some national and criminal hacking teams are improving their operational security as a means to frustrate attribution work. However, the explosion in social media across the developed and developing world means the people behind the hacking continue to show more of their actions and personalities in public forums. Just last week two security companies combined forces to use social media and other online sources to expose a member of a military hacking unit in Kunming, China. I assess that improved information sharing will also drive forward the attribution capabilities of public and private teams." Statements, letters, and materials submitted for the record include those of the following: Richard Bejtlich, Dominick Delfino, Lara Schmidt, and Ian Wallace.
House Committee on Armed Services: http://armedservices.house.gov/