The Department of Defense sent its new classified cyber strategy to Congress this week, the Pentagon said Friday.
The highly anticipated strategy is the first since 2018 and follows the release of the National Cybersecurity Strategy in March.
The DOD also publicly released an unclassified “fact sheet” on Friday, and said an unclassified “summary” will be provided in the “coming months.”
Of note, the fact sheet explains that the updated strategy is based upon real-world operations. Prior to 2018, the Pentagon had only conducted a limited number of cyber ops due to a variety of factors such as stringent authorities and a high-risk calculous.
The 2018 National Defense Authorization Act combined with changes to executive policy streamlined authorities and made it easier for the DOD to approve and conduct operations.
As a result, the 2018 strategy first articulated the concept of “defend forward,” which involves operating on networks outside the United States in order to confront threats before they ever reach domestic networks. This concept sought to take advantage of these new streamlined authorities and get ahead of the barrage of activity facing the nation.
“Since 2018, the Department has conducted a number of significant cyberspace operations through its policy of defending forward, actively disrupting malicious cyber activity before it can affect the U.S. Homeland. This strategy is further informed by Russia’s 2022 invasion of Ukraine, which has demonstrated how cyber capabilities may be used in large-scale conventional conflict,” the fact sheet states.
Officials have previously discussed how the Russia-Ukraine conflict has taught the department to think differently about cyber.
The fact sheet notes four complementary lines of effort the strategy seeks to employ.
First, defending the nation by campaigning in cyberspace to generate insights about malicious activity as well as continuing to defend forward to disrupt adversaries’ capabilities.
Second, investing in cyber capabilities to fight and win in conflict by ensuring the Department of Defense Information Network is robust, and support cyber resilience among the joint force. The Pentagon also notes it will use cyber ops to gain asymmetric advantages for the joint force.
Next, the strategy seeks to protect the cyber domain with allies and partners by building their capacity. This involves “hunt forward operations,” the fact sheet says, which involve physically sending defensively oriented cyber protection teams from U.S. Cyber Command’s Cyber National Mission Force (CNMF) to foreign countries to hunt for threats on their networks at the invitation of host nations. Officials say they are mutually beneficial because they help bolster the security of partner nations and provide Cybercom — and by extension, the United States — advance notice of adversary tactics, allowing the U.S. to harden systems at home against these observed threats.
Last, the fact sheet explains that DOD will build enduring advantages by optimizing the organizing, training and equipping of cyber forces. The department is currently facing issues of readiness shortfalls among its cyber mission force, while building an acquisition capability for Cybercom thanks to enhanced authorities from Congress — all while there are outside voices pushing more loudly for an independent cyber service.