Feature
Maximising cyber capabilities: US DoD's 2023 cyber strategy takes shape
The US Department of Defense has outlined its comprehensive approach to fortify cyberspace defence and enhance its global strategic advantage. Harry McNeil reports.
Soldiers of the US Armed Forces collaborate and monitor multiple screens as they harness the power of cyberspace to execute the DoD's 2023 cyber strategy, maximizing cyber capabilities for national security. Credit: US Department of Defense
As cyber threats continue to evolve and adversaries challenge international norms, the US Department of Defense (DoD) has unveiled its cyber strategy, aimed at operationalising concepts and defence objectives to maximise cyber capabilities. Focusing on integrated deterrence, cyber resilience, and international collaboration, the strategy sets forth a multi-faceted plan to counter malicious cyber actors and ensure enduring advantages in the cyber domain.
In the face of ever-increasing cyber threats and the changing warfare landscape, the DoD recognises the criticality of fortifying its cyber capabilities. The recently announced classified 2023 DoD Cyber Strategy takes a comprehensive approach to harnessing the power of cyberspace to protect national interests and maintain a global strategic advantage.
This strategy, which builds upon the 2018 DoD Cyber Strategy and incorporates lessons learned from real-world instances, highlights the importance of integrating cyber operations with conventional conflict deterrence.
The concept of integrated deterrence is at the core of the 2023 Cyber Strategy. The DoD aims to maximise cyber capabilities to counter adversaries "below the level of armed conflicts," effectively operating in and through cyberspace to protect the nation's interests. To achieve this, the strategy delineates four main lines of effort.
Defence readiness and global cooperation
The first line of effort, "Defend the Nation," focuses on gaining insights into malicious cyber actors to deter and degrade their capabilities. By understanding and countering the activities of adversaries, the DoD seeks to bolster national cyber defences and ensure a safer digital environment. This includes leveraging intelligence and partnering with allied nations and key stakeholders to share information and coordinate responses to cyber threats.
The DoD's first line of effort focuses on gaining insights into malicious cyber actors, bolstering national cyber defenses, and coordinating responses with allied nations and stakeholders.
James Marques, aerospace, defence, and security analyst at GlobalData, commented: "The DoD is no stranger to damaging, high-profile cybersecurity breaches. One of the most infamous cases was a fifteen-year-old gaining a backdoor to the Department's computers, accessing passwords, intercepting confidential emails, and even stealing software used to monitor the international space station.
“However, the nature of the cyber threat is pervasive – it may come from small groups or individual highly motivated non-state actors or be organised by foreign security and intelligence agencies. As hacking technology and methods evolve, the threat remains dynamic and demands a proactive detection, prevention, and defence approach. [The Center for Strategic and International Studies] has recorded DoD breaches similar to that in 1999 on at least six separate occasions since then."
US national guardsmen train for cyber war. Credit: Georgia Army National Guard photo by Staff Sgt. Tracy J. Smith/Georgia National Guard /Flickr(Creative Commons).
In the next move, the DoD will "Prepare to Fight and Win the Nation's Wars" by maintaining the cyber resilience of the Joint Forces. This line of effort emphasises the importance of readiness regarding personnel and technological capabilities to counter cyber threats during a crisis or conflict effectively. Ongoing efforts to recruit, retain, and equip highly skilled cyber operators align with this priority, ensuring that the Joint Forces are well-prepared to defend against adversaries.
The third line of effort, "Protect the Cyber Domain with Allies and Partners," reflects the DoD's commitment to assisting allied and partner countries in developing their cyber capabilities. By fostering cooperation and collaboration, the DoD aims to establish a robust network of international allies and partners to address global cyber threats collectively. This collaborative approach enhances cyber defences, strengthens diplomatic ties, and promotes stability in the cyber domain.
Building cyber superiority
The strategy emphasises the need to "Build Enduring Advantages in Cyberspace" by organising, training, and equipping the US DoD's cyber operations forces and service-retained cyber forces. To maintain superiority in the cyber domain, the DoD recognises the importance of investing in personnel and technologies to counter emerging threats effectively. By continuously improving its cyber operations capabilities, the DoD aims to maintain an advantage in cyberspace and deter potential adversaries.
Parallel to implementing the 2023 Cyber Strategy, the DoD is actively progressing towards implementing a Zero Trust cybersecurity framework. This framework, which moves beyond traditional network security methods, aims to reduce exposure to cyberattacks, enable effective risk management and data sharing, and expedite containment and remediation of adversary activities. Under the leadership of Randy Resnick, director of the Zero Trust Portfolio Management Office, the DoD has been collaborating with commercial cloud providers and leveraging external expertise to achieve the identified capabilities necessary for a robust zero trust architecture.
The DoD's focus on building enduring advantages in cyberspace and implementing the Zero Trust framework underscores its commitment to maintaining superiority in the cyber domain and reducing exposure to cyber threats.
Nick Brown, Hadean
David McKeown, the Pentagon's senior information security officer, provided an update on implementing the Zero Trust Strategy and Roadmap, expressing confidence that the DoD will implement the framework by fiscal year 2027.
To this end, the partnerships with commercial cloud providers have been instrumental in driving progress and establishing solid relationships. The Zero Trust strategy aligns with the broader goals of the 2023 Cyber Strategy, as it enhances the overall cybersecurity posture of the DoD and supports the principles of integrated deterrence and cyber resilience.
In addition to the DoD's efforts, US Cyber Command, led by General Paul Nakasone, has unveiled its strategic priorities to "Own the Domain”. Nakasone acknowledges the rapidly changing character of warfare and the challenges posed by adversaries who challenge international norms and laws.
The priorities set by US Cyber Command focus on sharpening the force through readiness, resilience, and mission improvement. This includes talent management, workforce resiliency, and enhancing the command's ability to execute missions effectively. By strengthening the warfighting advantage, collaborating with partners, and utilising the full range of authorities, US Cyber Command aims to build and sustain a decisive advantage for national security.
Protecting national interests
The comprehensive approach taken by the DoD and the strategic priorities of US Cyber Command exemplifies the US’ commitment to staying ahead of adversaries in the evolving cyber landscape. Through integrated deterrence, cyber resilience, and international collaboration, the DoD seeks to protect the nation's interests, enhance global security, and maintain its position as a leading force in cyberspace.
The 2023 Cyber Strategy and the ongoing efforts to implement the Zero Trust framework also demonstrate the DoD's approach to addressing emerging cyber threats and ensuring a safer digital future.
The DoD's commitment to cybersecurity remains unwavering, aiming to secure national interests and safeguard critical infrastructure by harnessing the speed, relevance, and scale of cyberspace.
Marques continued: "Cyber-attacks can cripple crucial infrastructure, both digital and physical – the Stuxnet virus ruined one-fifth of Iran's nuclear centrifuges used to enrich Uranium, while methods such as a D-DOS attack can block organisations from using their digital networks.
“The frequency of such breaches has increased yearly; eight 'major' attacks were recorded in 2018, but 15 in 2023 alone. The DoD's reliance on its vast network infrastructure and the many physical processes this controls – such as long-range communication and unmanned vehicle operations – makes the stark nature of the threat practically self-evident."
Continuing, Marques considers that as technology advances and cyberspace becomes an increasingly complex operating environment, the DoD’s commit to cybersecurity is steadfast, as it aims to secure US national interests and safeguard critical infrastructure by harnessing the speed, relevance, and scale of cyberspace.
An American soldier harnessing the power of technology as the US Department of Defense's 2023 cyber strategy unfolds, showcasing the military's commitment to maximizing cyber capabilities. Credit: US Department of Defense
However, one of the challenges in establishing effective cybersecurity protocol, according to Marques, is that awareness must “go far beyond” a small team of dedicated security experts.
Recent Pentagon intelligence leaks show that the bigger an institution is, the harder defence becomes and when everyone from low-level personnel to executive staff interacts with a digital network, it makes for a wider range of “access points” for bad actors.
“Cyber training should be disseminated across all echelons of the DoD and leveraging emerging technologies such as AI can assist in threat modelling and proactive defence – the US's adversaries will certainly be using such technology, and this demands a response in kind,” Marques concluded.