Maximising cyber capabilities: US DoD's 2023 cyber strategy takes shape

Soldiers of the US Armed Forces collaborate and monitor multiple screens as they harness the power of cyberspace to execute the DoD's 2023 cyber strategy, maximizing cyber capabilities for national security. Credit: US Department of Defense

As cyber threats continue to evolve and adversaries challenge international norms, the US Department of Defense (DoD) has unveiled its cyber strategy, aimed at operationalising concepts and defence objectives to maximise cyber capabilities. Focusing on integrated deterrence, cyber resilience, and international collaboration, the strategy sets forth a multi-faceted plan to counter malicious cyber actors and ensure enduring advantages in the cyber domain.  

In the face of ever-increasing cyber threats and the changing warfare landscape, the DoD recognises the criticality of fortifying its cyber capabilities. The recently announced classified 2023 DoD Cyber Strategy takes a comprehensive approach to harnessing the power of cyberspace to protect national interests and maintain a global strategic advantage.  

This strategy, which builds upon the 2018 DoD Cyber Strategy and incorporates lessons learned from real-world instances, highlights the importance of integrating cyber operations with conventional conflict deterrence. 

The concept of integrated deterrence is at the core of the 2023 Cyber Strategy. The DoD aims to maximise cyber capabilities to counter adversaries "below the level of armed conflicts," effectively operating in and through cyberspace to protect the nation's interests. To achieve this, the strategy delineates four main lines of effort. 

The first line of effort, "Defend the Nation," focuses on gaining insights into malicious cyber actors to deter and degrade their capabilities. By understanding and countering the activities of adversaries, the DoD seeks to bolster national cyber defences and ensure a safer digital environment. This includes leveraging intelligence and partnering with allied nations and key stakeholders to share information and coordinate responses to cyber threats.

James Marques, aerospace, defence, and security analyst at GlobalData, commented: "The DoD is no stranger to damaging, high-profile cybersecurity breaches. One of the most infamous cases was a fifteen-year-old gaining a backdoor to the Department's computers, accessing passwords, intercepting confidential emails, and even stealing software used to monitor the international space station.

“However, the nature of the cyber threat is pervasive – it may come from small groups or individual highly motivated non-state actors or be organised by foreign security and intelligence agencies. As hacking technology and methods evolve, the threat remains dynamic and demands a proactive detection, prevention, and defence approach. [The Center for Strategic and International Studies] has recorded DoD breaches similar to that in 1999 on at least six separate occasions since then."

In the next move, the DoD will "Prepare to Fight and Win the Nation's Wars" by maintaining the cyber resilience of the Joint Forces. This line of effort emphasises the importance of readiness regarding personnel and technological capabilities to counter cyber threats during a crisis or conflict effectively. Ongoing efforts to recruit, retain, and equip highly skilled cyber operators align with this priority, ensuring that the Joint Forces are well-prepared to defend against adversaries. 

The third line of effort, "Protect the Cyber Domain with Allies and Partners," reflects the DoD's commitment to assisting allied and partner countries in developing their cyber capabilities. By fostering cooperation and collaboration, the DoD aims to establish a robust network of international allies and partners to address global cyber threats collectively. This collaborative approach enhances cyber defences, strengthens diplomatic ties, and promotes stability in the cyber domain. 

The strategy emphasises the need to "Build Enduring Advantages in Cyberspace" by organising, training, and equipping the US DoD's cyber operations forces and service-retained cyber forces. To maintain superiority in the cyber domain, the DoD recognises the importance of investing in personnel and technologies to counter emerging threats effectively. By continuously improving its cyber operations capabilities, the DoD aims to maintain an advantage in cyberspace and deter potential adversaries. 

Parallel to implementing the 2023 Cyber Strategy, the DoD is actively progressing towards implementing a Zero Trust cybersecurity framework. This framework, which moves beyond traditional network security methods, aims to reduce exposure to cyberattacks, enable effective risk management and data sharing, and expedite containment and remediation of adversary activities. Under the leadership of Randy Resnick, director of the Zero Trust Portfolio Management Office, the DoD has been collaborating with commercial cloud providers and leveraging external expertise to achieve the identified capabilities necessary for a robust zero trust architecture. 

David McKeown, the Pentagon's senior information security officer, provided an update on implementing the Zero Trust Strategy and Roadmap, expressing confidence that the DoD will implement the framework by fiscal year 2027.  

To this end, the partnerships with commercial cloud providers have been instrumental in driving progress and establishing solid relationships. The Zero Trust strategy aligns with the broader goals of the 2023 Cyber Strategy, as it enhances the overall cybersecurity posture of the DoD and supports the principles of integrated deterrence and cyber resilience. 

In addition to the DoD's efforts, US Cyber Command, led by General Paul Nakasone, has unveiled its strategic priorities to "Own the Domain”. Nakasone acknowledges the rapidly changing character of warfare and the challenges posed by adversaries who challenge international norms and laws.  

The priorities set by US Cyber Command focus on sharpening the force through readiness, resilience, and mission improvement. This includes talent management, workforce resiliency, and enhancing the command's ability to execute missions effectively. By strengthening the warfighting advantage, collaborating with partners, and utilising the full range of authorities, US Cyber Command aims to build and sustain a decisive advantage for national security. 

The comprehensive approach taken by the DoD and the strategic priorities of US Cyber Command exemplifies the US’ commitment to staying ahead of adversaries in the evolving cyber landscape. Through integrated deterrence, cyber resilience, and international collaboration, the DoD seeks to protect the nation's interests, enhance global security, and maintain its position as a leading force in cyberspace.  

The 2023 Cyber Strategy and the ongoing efforts to implement the Zero Trust framework also demonstrate the DoD's approach to addressing emerging cyber threats and ensuring a safer digital future. 

Marques continued: "Cyber-attacks can cripple crucial infrastructure, both digital and physical – the Stuxnet virus ruined one-fifth of Iran's nuclear centrifuges used to enrich Uranium, while methods such as a D-DOS attack can block organisations from using their digital networks.  

“The frequency of such breaches has increased yearly; eight 'major' attacks were recorded in 2018, but 15 in 2023 alone. The DoD's reliance on its vast network infrastructure and the many physical processes this controls – such as long-range communication and unmanned vehicle operations – makes the stark nature of the threat practically self-evident." 

Continuing, Marques considers that as technology advances and cyberspace becomes an increasingly complex operating environment, the DoD’s commit to cybersecurity is steadfast, as it aims to secure US national interests and safeguard critical infrastructure by harnessing the speed, relevance, and scale of cyberspace. 

However, one of the challenges in establishing effective cybersecurity protocol, according to Marques, is that awareness must “go far beyond” a small team of dedicated security experts.  

Recent Pentagon intelligence leaks show that the bigger an institution is, the harder defence becomes and when everyone from low-level personnel to executive staff interacts with a digital network, it makes for a wider range of “access points” for bad actors.  

“Cyber training should be disseminated across all echelons of the DoD and leveraging emerging technologies such as AI can assist in threat modelling and proactive defence – the US's adversaries will certainly be using such technology, and this demands a response in kind,” Marques concluded.