DISA director urges cyber professionals to embrace warfighting mindset at HammerCon 2025


By Marco A. Villasana Jr., DISA Public Affairs

July 1, 2025
 
Photo of Lt. Gen. Stanton on stage looking towards the right at moderator Chris Cleary, who is facing Stanton and away from the camera. Behind Stanton and Cleary is the national ensign, the flags of the military services.
DISA Director and DCDC Commander Army Lt. Gen. Paul T. Stanton responds to moderator Chris Cleary during a fireside chat at HammerCon 2025. (DISA photo by David Marin)
 
 
Defense Information Systems Agency Director and Department of Defense Cyber Defense Command Commander Army Lt. Gen. Paul T. Stanton addressed a diverse audience of cyber professionals at HammerCon 2025, emphasizing the critical need to view cybersecurity through a warfighting lens.
During a fireside chat, Stanton shared his insights on the evolution of cyber operations and insisted on a coordinated, proactive approach to defending the Department of Defense Information Network.

He began by explaining that cyber as a profession is a combination of technical competency and the application of values. “You have your technical capabilities and then you apply, allocate and execute them through values.” He lauded the assembled professionals, including junior enlisted service members, senior officers, civilians and industry experts, for their dedication to a common mission.

Stanton, who transitioned to the cyber field mid-career after serving as an infantry officer, including leading Soldiers in combat during the initial invasion of Iraq, highlighted the foundational nature of his early experiences. “It helped shape how I think, think like a maneuverist, think like gaining and maintaining contact with the enemy.”

A key theme of his remarks was shifting from reactive incident response to a proactive mindset that imposes costs on adversaries. “Don't randomly chase incidents. Don't chase events. Think in context. Think about what the enemy is attempting to accomplish. Think about what missions are relevant to us. Think about where our missions and the enemy's intent and capabilities overlap, and in the center of that Venn diagram, build your engagement area, and then beat the enemy.”

Photo of Lt. Gen. Stanton on stage with moderator Chris Cleary, near the lower right corner, facing to the left. The audience is in the lower left corner foreground facing away from the camera. Behind Stanton and Cleary is the national ensign, the flags of the services and the state flag of Maryland.
Stanton shares insights during a fireside chat. (DISA photo by David Marin)
 
 
Stanton indicated that successful cyber warfare hinges on access to timely and accurate data. “Getting the right data to the right place at the right time to make a better and faster decision than the enemy is central to how we fight.” He urged leaders at all levels to consider their data needs in the context of warfighting, drawing an analogy to the fuel for tanks in armor warfare. “You don't plan an armor mission without thinking about where your refuel point is. You simply don't, because a tank without fuel is useless.”
He then cautioned the audience of how data transmission can expose warfighters to enemy electronic warfare capabilities. “It is critically important in today's day and age that we think about what data we need at what point in the battle, and then making sure it's available when it's needed. If you're continuously pushing data, you're not going to survive long.”

Stanton declared that the network used to move data is a weapon system that requires rigorous training and a certain level of understanding. He referred to DISA's zero-trust architecture, Thunderdome, as a combination of weapon systems, saying, “if we're not trained and ready to use it, it's not effective. Anybody ever actually try to configure a zero-trust environment? It's complex. If you don't understand the tools that are inherent to it, then you're not going to configure it right. If you don't configure it right, then you've wrapped yourself in a false blanket of confidence that you have security.”

Readiness remains a top priority for Stanton. He recommended integrating cyber awareness into all aspects of military training. He cited an example of the Army partnering with the Maneuver Center of Excellence to introduce electronic warfare capabilities into infantry training, disrupting communications and forcing Soldiers to adapt.

He stressed the importance of applying warfighting principles to cyber defense, prioritizing missions, identifying enemy intent, and focusing resources on defending what matters most.

“Attempting to defend everything effectively defends nothing, because you spread yourself too thin,” said Stanton.
Stanton encouraged a campaigning approach to cyber defense, advocating for coordinated action against technological vulnerabilities and threat actors. “We need to campaign when we have a technological weakness in the DODIN. The execution against the enemy that's attacking that vulnerability needs to be coordinated.”

Looking ahead, he underlined the need to modernize the architecture to be truly data-centric and to develop a workforce with the skills to operate successfully in this environment.

He challenged cyber professionals to communicate their domain to the broader warfighting community. “If you don't get gas, you don't move. If you don't have data, then you can't call for fire,” he said, advocating for simple, relatable terms.

Stanton concluded by reiterating the professionalism and dedication of the cyber workforce. He emphasized the significance of technical competence aligned with strong values, inviting those dedicated to this mission to join the agency: “I am recruiting.”