Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Department of Defense Releases New Cyber Strategy

The U.S. Department of Defense this week released its 2018 cyber strategy, which outlines how the organization plans on implementing the country’s national security and defense strategies in cyberspace.

The U.S. Department of Defense this week released its 2018 cyber strategy, which outlines how the organization plans on implementing the country’s national security and defense strategies in cyberspace.

The new cyber strategy, which supersedes the 2015 strategy, focuses on the competition with China and Russia, but it also mentions other actors, such as North Korea and Iran. The DoD says China has been “eroding U.S. military overmatch and the Nation’s economic vitality” by stealing information, while Russia has used cyber operations to influence elections.

“The Department must take action in cyberspace during day-to-day competition to preserve U.S. military advantages and to defend U.S. interests. Our focus will be on the States that can pose strategic threats to U.S. prosperity and security, particularly China and Russia,” the Pentagon wrote in a summary of the new cyber strategy.

“We will conduct cyberspace operations to collect intelligence and prepare military cyber capabilities to be used in the event of crisis or conflict. We will defend forward to disrupt or halt malicious cyber activity at its source, including activity that falls below the level of armed conflict. We will strengthen the security and resilience of networks and systems that contribute to current and future U.S. military advantages,” it added.

The DoD wants cyber forces to be prepared to assist air, land, sea and space forces during wartime to gain military advantage over its adversaries, which the Pentagon says are also increasingly reliant on computers.

One of the Department’s goals is to ensure that the U.S. can “fight and win wars” in cyberspace while being able to defend its own systems. Another objective is to prevent, defeat and deter malicious cyber activities aimed at critical infrastructure. Finally, the Pentagon wants to work with allies and partners to strengthen its cyber capabilities, expand cyber operations, and enhance information sharing.

As for its strategic approach, the DoD wants to “build a more lethal force, compete and deter in cyberspace, expand alliances and partnerships, reform the Department, and cultivate talent.”

The creation of “more lethal force” includes accelerating the development of cyber capabilities for warfighting and counterattacks, leveraging automation and data analysis to improve effectiveness, employing off-the-shelf capabilities in addition to its own, and moving from what it calls a “zero defect” culture to one that fosters agility and innovation.

Advertisement. Scroll to continue reading.

The Pentagon hopes to deter adversaries by securing its own systems and critical infrastructure, but if that fails it wants to be ready to “employ the full range of military capabilities in response.”

The DoD has recently conducted its first ever cyber posture review, as directed by the National Defense Authorization Act. The results of the review are classified, but a factsheet made public by the organization reveals that the DoD must “continue investments in people, capabilities, and processes to meet fully the objectives set forth in the Strategy.”

Related: Department of Defense Unveils New Cyber Strategy

Related: China Believes Its Cyber Capabilities Lag Behind US

Related: DoD Launches ‘Hack the Marine Corps’ Bug Bounty Program

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.