Introduction

The United States is one of the pioneers in elaborating a formal and thorough cyber-strategy for ensuring its national interests in cyberspace. Following the formal declaration of cyberspace as one of the five battlefields (with air, sea, land, and space) in 2009, together with the establishment of United States Cyber Command (USCYBERCOM), the U.S. Department of Defense (DoD) published the first DoD Strategy for Operating in Cyberspace in July 2011. This document lays the foundational framework for cyberspace operation of the U.S. It outlines the background, landscape, challenges, stakeholders, and needs that the country has to consider in building up its cyber-capabilities and relationships with various stakeholders. Indeed, the establishment of USCYBERCOM and DoD cyber-strategy both took place in a period of high-profile state-funded cyber-operations. On the one hand, there was the massive distributed denial of service (DDoS) attack between Russia and its former Soviet states, Estonia and Georgia, in 2007 and 2008. On the other hand, Google announced its business withdrawal from the mainland China market as a result of a series of severe cyberattacks against is electronic mail service in 2010.

High officials of the U.S. acknowledge the intensity of cyber-warfare and its impact on American companies. The chief commander of USCYBERCOM and director of the National Security Agency (NSA), Michael Rogers, suggested that the multidimensional challenges in cyberspace would demand a genuine partnership between the private sector, the government, and academia to address them in 2014. More significantly, President Obama has repeatedly emphasized the importance of a secure and reliable Internet in the economic development of the U.S. Four years after the first DoD cyber-strategy publication, Aston Carter, the secretary of defense, unveiled more comprehensive objectives and plans in the 2015 cyber-strategy. Despite the fast-changing nature of cyberspace landscape, challenges and actors are constantly evolving, the DoD has successfully defined its five strategic goals as well as qualitatively identifying emerging issues in cyberspace.

Strategic context of DoD cyber-strategy

Cyberspace is at the intersection of business and unlawful activity development. It has been rapidly evolving since early 2000s. The U.S. economy increasingly relies on a secure and open cyberspace. Financial institutions realize extravagant turnovers through cyberspace every day; information technology companies count on the adoption of their software and products in business to flourish. Approximately 30 percent of the U.S. economy comes from high technology companies specializing in Internet technology, remote control systems, and computer hardware manufacturing. Moreover, all these technologies are major components in public infrastructure nowadays, such as power supply stations air and railway control systems, and telecommunication. They can be managed by coordination centers thousands of miles away. These command centers are dealing with hundreds and thousands of signals and automated decision every second. Considering the operation scale of all these sectors as well as the involved population and business, cybersecurity threats undoubtedly represent a prominent public and national security challenge that the U.S. is wary of.

As suggested in the 2011 DoD cyber-strategy report, “the DoD operates over 15,000 networks and 7 million computing devices across hundreds of installations in dozens of countries around the globe.” The latest 2015 cyber-strategy publication indicates that “the private sector owns and operates over 90 percent of all of the networks and infrastructure of cyberspace.” The highest defense authority in the country has to cope with a highly diversified actors ranging from the public and private sector, international allies to associations to ensure the strategy objectives of the DoD are aligned with these actors.

The technological, business, and national security contexts in the U.S. are diversified and therefore the DoD has to deal with different interest parties. This situation is intensified by the fact that software and network vulnerabilities are identified every hour in every computer system. The capability to manage such risk, nurture a competent workforce, and maintain good terms with allies is a megaproject. The DoD cyber-strategy is the initiative of the U.S. to ensure national security and the business development of American companies.

Five Pillars of DoD cyber-strategy

1. Strengthen cyber-capabilities to conduct cyber-operation

The first priority of the DoD is to develop a capable and effective Cyber Mission Force. This force will keep a persistent training environment in which officers work with other agencies, components and military departments in multiple scenarios. The entire project aims at creating a respected career path to facilitate recruitment. Exchange and training with the private sector is permitted in an attempt to thoroughly train the officers with updated cyber-capabilities. Research and development in cyber-defense technology will further be strengthened. The landscape of cyberspace changes constantly. A well rounded workforce capable of reacting with the appropriate measures in multiple contingencies will be a great asset to the DoD.

2. Mitigate the risk of the DoD information network and data

The DoD networks are vast and unlikely to be managed to the fullest. Nevertheless, the DoD expects to build a single security architecture that will serve as a unified defense mechanism. Such a project must also be built with enhanced cyber-situational awareness, advanced encryption methods, and anomaly detection capabilities, to name a few. The Joint Force Headquarters with the USCYBERCOM will coordinate resources to defend and mitigate risk against the DoD information networks.

Besides continuous assessment, evaluation and improvement in network vulnerabilities and effectiveness are of high priorities in the cyber-strategy. The DoD chief information office is charged with leading projects concerning vulnerability patch management and risk identification process. More significantly, the insider threat is mentioned because fidelity is one of the hardest criteria to be assessed. Therefore, regular training, assessment, and reporting and tracking suspicious behavior are necessary in maintaining high workforce integrity. In addition, cooperation with civil authorities is encouraged and expected to expand. The DoD will strengthen the procurement and acquisition cybersecurity standards. Contractors of the DoD must report any data theft or network intrusion event to make sure the threat is managed. Cybercrime, intellectual property loss, and network breaches can cause severe damage to the U.S. The doctrine of the DoD, whole-of-government, therefore, provides a guidance in aligning all these actors to report to the same mechanism and standards.

3. Defend the U.S. homeland and key interests from cyberattack

Preemptive measures are stressed in the DoD cyber-strategy. Intelligence and warning capabilities for anticipating threats are of the utmost importance in deterring adversaries and mobilizing resources in case of response. The DoD plans to utilize relevant DoD components to develop exercises to get prepared for attacks. Emergency and contingency plans are to be developed via regular multi-level exercises throughout all of the defense agencies. Automated simulations of potential destruction and loss are crucial to evaluate the country’s resistance in case of a cyberattack with significant consequences. Critical infrastructure must be further defined and identified and thus protected.

4. Control conflict escalation via building cyber-options

The DoD emphasizes deterrence as a key function in discouraging potential adversaries. Since the response of the U.S. can be severe and intense, it can decrease the likelihood of a cyberattack against the U.S. infrastructure. In fact, the DoD cyber-strategy recalls the 2011 U.S. International Strategy for Cyberspace and several statements of high U.S. authorities that the U.S. will definitely respond with all of its capabilities. The DoD attempts to integrate cyber requirements into combatant command plans, which outline details regarding target and response.

5. Improve international security and stability through multilateral alliances

The DoD cyber-strategy aims at building and maintaining robust partnerships with the private sector, international allies, and other security agencies of the U.S. The stakeholders in cyberspace are multilateral and located in various regions of the world. In the U.S. homeland, the DoD attempts regular partner capacity building with the U.S. Homeland Security, Department of State, FBI, and CIA. Interagency cooperation is a crucial goal to ensure the exchange of information and response mechanism is coherent with the DoD cyber-strategy.

Externally, the DoD cyber-strategy focuses on enhancing the network of international partnership with the U.S. allies in the Middle East, Northeast Asia and Asia-Pacific, as well as key NATO states. Most importantly, the DoD names China as a high-value partner in order to de-escalate bilateral competitions in cyberspace. Increased transparency in military doctrine, practices, and behavior in cyberspace is a strategic ambition that the DoD expects.

DoD Cyber-Strategy Evolution between 2011 and 2015

The cyber-strategy of DoD in 2011 begins with a generalist tone suggesting that cyberspace has expanded rapidly between 2000 and 2010. It states that “cyberspace is a defining feature of modern life.” After four years of experience, the 2015 cyber-strategy adopts, however, an authoritative tone that strategic industries, such as power supply and satellites, are highly dependent on computer networks. More important, the U.S. military executes its missions in cyberspace. The frontier between the cyber and physical worlds has become vague. This transition of writing style is meaningful in understanding the weight of cyberspace at the highest defense authority of the U.S.

The DoD has significantly developed its cyber-strategy over the few years. The 2011 DoD strategy for Operating in Cyberspace document is a document of 19 pages, whereas the 2015 version contains 42 pages. A substantial number of actors, issues, and infrastructures are explicitly elaborated and named in the 2015 publication. For example, the hack against Sony Entertainment, which took place in November 2014, is mentioned in the DoD cyber-strategy with reference to state involvement as a result of the release of a satirical movie mocking at the political leader of North Korea. Besides, the report also names China and Russia as nations with “advanced cyber-capabilities”. The DoD cyber-strategy concentrates a paragraph on the economic loss of U.S. companies because of Chinese government supported cyber-espionage. The international warrant issued by the U.S. Department of Justice against five Chinese soldiers for cyber-espionage in May 2014 is specified as a response delivered by the U.S. vis-à-vis offensive foreign cyber-operation. Furthermore, non-state actors, notably the Islamic State of Iraq and the Levant (ISIL), take advantage of the convenience of cyberspace to implement propaganda and recruitment schemes all over the world.

The 2011 DoD cyber-strategy provides certain development directional views towards the approaches of improving cybersecurity hygiene, risk mitigation, workforce training, and nouveau defense architecture. In the 2015 cyber-strategy report, the DoD further adopts these doctrines and puts forward precise objectives. Instead of slightly mentioning “people” as the first and foremost frontline in defending DoD, the new cyber-strategy aims at transforming the Cyber Mission Force (CMF), established in 2012 with approximately 6,200 military, civilian and contractor support personnel from across the military departments and defense components. The CMF division will be organized into 133 teams. Moreover, several initiatives deepening the 2011 cyber-strategy doctrines, such as U.S. Transportation Command (USTRANSCOM) and Assurance Program, are drafted to protect industrial control system.

CISSP Instant Pricing – InfoSec

Last but not least, compared to the 2011 cyber-strategy, the DoD expresses more interests in realizing public-private partnership in the 2015 version. In the 2011 cyber-strategy, the DoD is inclined to be the leading actor to unify different government agencies regarding cybersecurity project execution. Furthermore, seeking partnership with the private sector is an equally crucial perspective, while international partnerships are mentioned secondarily. The shift is evident in the 2015 report. The private sector is repeatedly suggested as a strategic consideration that DoD has to ensure its dedicated engagement with emerging private actors, share information, and provide sufficient support in case of emergency. Indeed, as stated in the beginning of the 2015 cyber-strategy, the private sector runs 90 percent of all networks in cyberspace. With the rapidly developing cyberspace landscape, it is therefore a decent evolution with the issues that DoD has to cope with.

Conclusion

The 2015 DoD cyber-strategy concludes with the statement, “this strategy presents an aggressive, specific plan for achieving change.” The 2011 DoD cyber-strategy can be seen as the first milestone in founding DoD’s global cyber-strategy. The DoD has successfully made progress in making more explicit and identifying more issues, initiatives, and objectives in its plan. The cyber-strategy of the DoD provides a comprehensive outline for the development of cyber-capabilities of the U.S. In a way, such a strategy provides more transparency for the private sector, other agencies, and international partners to have a grasp on how to coordinate projects with DoD. More important, this DoD cyber-strategy emphasizes cyber-workforce building and training, which contributes to switching cybersecurity issues from a purely technical perspective to a human-oriented one. As elaborated in the state and non-state actor cases of the 2015 cyber-strategy, the background and problems of foreign cyber-activities sometimes require profound understanding and analysis of cultural and human behavior in relation to the existing network infrastructure and resources. The DoD acknowledges the increasingly sophisticated cyberspace landscape and successfully adapts its policy-making to current affairs.

Be Safe

Section Guide

Ki Nang
Yip

View more articles from Ki Nang

Earn your CISSP the first time with InfoSec Institute and pass your exam, GUARANTEED!

Section Guide

Ki Nang
Yip

View more articles from Ki Nang
[i]
[i]
[i]
[i]
[i]
[i]
[i]
[i]
[i]
[i]
[i]
[i]
[i]
[i]
[i]
[i]