The defense sector confronts the growing convergence of cyber and kinetic domains

As military weapon systems become increasingly software-defined, data-dependent, and network-connected, defense officials face a major dilemma: how to address a rapidly expanding attack surface — and simultaneously leverage new capabilities — arising from the merger of physical and digital systems.

For the Department of War (DOW) and defense industry partners, this “cyber-kinetic convergence” heightens the risk of lethal network disruptions. The unseen ability of adversaries to exploit unhardened digital vulnerabilities enables them to compromise core command-and-control loops, delay early-warning alerts, or paralyze tactical communications long before a physical shot is fired. Those threats also extend to U.S.-operated networks and critical infrastructure.

To sustain global deterrence, defense leaders are deliberately shifting to a new view of cybersecurity: It’s not just a digital defense and compliance concern; rather, it’s become a crucial baseline for national combat power.

“We are at a pivotal moment where we’re now seeing that cyber is actually most effective when it’s integrated with other kinetic and non-kinetic effects,” asserted Katherine Sutton, Assistant Secretary for Cyber Policy and Principal Cyber Advisor to the Secretary of War, during the recent GDIT Battlespace of the Future summit, hosted by Scoop News Group.

Sutton indicated that cyber capabilities deliver their maximum operational value only when fully integrated into physical and digital combat operations to systematically degrade an opponent’s information dominance.

As state-sponsored adversaries target everything from orbital defense networks to terrestrial logistical nodes, the individual military branches must build dynamic security architectures that safeguard the entire operational fabric. That’s especially true now that satellites, ground stations, and mission planning networks are completely embedded within the frontline operational kill chain, said Charlene Laughlin, Deputy Chief of Space Operations for Cyber and Data for the U.S. Space Force.

In this hyper-connected environment, a well-executed digital attack can produce severe kinetic consequences without an enemy ever pulling a trigger, Laughlin warned.

In that light, commanders must universally recognize that “cyber risk is mission risk.” To counter this vulnerability, the military services need to start thinking about cyber as combat power and focus conversations on how “we generate it, defend it, and then, how we make sure that the mission can execute even under attack,” she said.

Hardening critical systems with AI

For the U.S. Army, the vulnerabilities of this converged landscape extend not only on the battlefield but also deep into the domestic installations that enable rapid power projection.

Brandon Pugh, the U.S. Army’s Principal Cyber Advisor, warned that a cyber-physical attack capable of disabling power, water, or gas utilities at any of the service’s 288 global military bases poses severe national security risks by disrupting the Army’s ability to mobilize personnel and equipment during a crisis.

To begin addressing this risk, the Army recently led the inaugural Defense Critical Infrastructure Summit at Fort Bragg, N.C., bringing together interagency principals and defense industry vendors to tackle bureaucratic barriers and systematically harden military bases.

While this new focus is helping to highlight vulnerabilities, Sutton cautioned that as the military adopts advanced algorithmic tools, it simultaneously introduces fresh vulnerabilities for adversaries to exploit. She emphasized that defense planners can no longer afford to treat software security as an afterthought.

The defense industry’s role

This emerging threat landscape demands a fundamentally fresh perspective from systems integrators and technology providers. Automated software agents represent a distinct class of asset that functions entirely differently from human operators or traditional machines, warned Dr. John Sahlin, Vice President of Cyber Solutions at GDIT.

Because adversaries can manipulate these autonomous tools in novel ways, industry vendors must take greater responsibility for assessing standard defense baselines and advocating for a broader zero-trust cybersecurity posture that includes “zero agent trust” to secure automated environments, he asserted.

Ultimately, deploying highly complex, combined cyber-kinetic platforms requires an equally sophisticated workforce and updated military doctrine to operate them, especially under degraded conditions. The defense leaders agreed that technical innovation is only effective if the average service member can confidently utilize the systems provided to them in theater.

To that end, defense and industry officials must partner closely to deliver resilient, accessible solutions that are intuitive for every sailor, airman, marine, soldier, and guardian. Moreover, those solutions must function effectively at the tactical edge without relying on computer specialists. 

By combining highly resilient, software-defined cyber and kinetic systems with continuous workforce training and modernized operational doctrine, the defense community stands a much better chance of ensuring that technical innovation translates directly into an enduring warfighting advantage.

This article was produced by Scoop News Group for DefenseScoop and sponsored by GDIT.