2015 DOD Cyber Strategy

Note: This was published as a critical questions piece on the CSIS website at this link

The U.S. Department of Defense (DOD) released a new strategy on April 23, 2015, to rewire the Pentagon for cyber operations. The 33-page document includes five key strategic goals, ranging from workforce and human capital development to full integration of cyber capabilities into military operations and deterrence.

Q1: What makes the 2015 DOD Cyber Strategy different from the 2011 cyber strategy?

A1: The 2015 DOD Cyber Strategy is a more comprehensive and detailed articulation of the 2011 strategy, of DOD’s role in defending the United States against cyber attacks, and of how DOD will integrate cyber capabilities into military operations.

The new strategy serves as guidance for the development and deployment of DOD’s Cyber Mission Force structure, which will include 6,200 cyber operators divided into three missions: (1) defense of the department’s own computer networks; (2) protection of the U.S. homeland and U.S. vital interests against significant cyber attacks; and (3) provision of full-spectrum cyber capabilities for military operations.

DOD wanted to be more transparent about U.S. military doctrine, policy, roles, and missions in cyberspace, both to better inform the public debate and expand declaratory policy for cyber conflict. In contrast, the 2011 DOD Strategy for Operating in Cyberspace made little reference to the Pentagon’s operational or offensive cyber capabilities, although U.S. officials have spoken about the issue, and there are leaked classified documents that outlined U.S. policy and planning for offensive cyber operations.

Improved attribution capabilities is another key element. The new cyber strategy emphasizes the importance of attribution for deterrence and discusses the need to continued collaboration with intelligence agencies and private companies to attribute cyber attacks.

There is also a new emphasis on international alliances and partnerships to defend against and deter cyber attacks, and the strategy specifically names the Middle East, the Asia Pacific, and key NATO allies as areas where it will focus such efforts.

Q2: What types of cyber technologies will DOD invest in building?

A2: Currently, the development of cyber capabilities across the military is relatively uncoordinated, with each military service branch building its own cyber platforms and tools. The result is redundant systems not well aligned with mission needs and requirements. The new cyber strategy outlines an initiative to develop a unified platform for cyber operations that will integrate disparate cyber platforms and capabilities. This will require significant investments in building interoperable and scalable architectures and tools that can be deployed in a range of different operational environments.

Integrating cyber capabilities into military planning and operations will also require improvements in command and control technologies for cyber operations, as well as network modeling and simulation tools and predictive analytics to test, evaluate, and improve cyber plans before execution. Technologies to improve early detection of cyber threats, network resilience, and data recovery are other areas where DOD will focus development efforts.

Q3: How will DOD build new cyber capabilities?

A3: The Pentagon is hoping to accelerate research and development of cyber capabilities, including basic and applied research to develop leap-ahead cyber technologies. In his speech at Stanford University where the new cyber strategy was unveiled, Secretary of Defense Ashton Carter announced forthcoming exchange programs designed to attract talented researchers from industry and academia to work on cyber-related research and development at DOD.