Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Department of Defense Releases New Cyber Strategy

The U.S. Department of Defense this week released its 2018 cyber strategy, which outlines how the organization plans on implementing the country’s national security and defense strategies in cyberspace.

The U.S. Department of Defense this week released its 2018 cyber strategy, which outlines how the organization plans on implementing the country’s national security and defense strategies in cyberspace.

The new cyber strategy, which supersedes the 2015 strategy, focuses on the competition with China and Russia, but it also mentions other actors, such as North Korea and Iran. The DoD says China has been “eroding U.S. military overmatch and the Nation’s economic vitality” by stealing information, while Russia has used cyber operations to influence elections.

“The Department must take action in cyberspace during day-to-day competition to preserve U.S. military advantages and to defend U.S. interests. Our focus will be on the States that can pose strategic threats to U.S. prosperity and security, particularly China and Russia,” the Pentagon wrote in a summary of the new cyber strategy.

“We will conduct cyberspace operations to collect intelligence and prepare military cyber capabilities to be used in the event of crisis or conflict. We will defend forward to disrupt or halt malicious cyber activity at its source, including activity that falls below the level of armed conflict. We will strengthen the security and resilience of networks and systems that contribute to current and future U.S. military advantages,” it added.

The DoD wants cyber forces to be prepared to assist air, land, sea and space forces during wartime to gain military advantage over its adversaries, which the Pentagon says are also increasingly reliant on computers.

One of the Department’s goals is to ensure that the U.S. can “fight and win wars” in cyberspace while being able to defend its own systems. Another objective is to prevent, defeat and deter malicious cyber activities aimed at critical infrastructure. Finally, the Pentagon wants to work with allies and partners to strengthen its cyber capabilities, expand cyber operations, and enhance information sharing.

As for its strategic approach, the DoD wants to “build a more lethal force, compete and deter in cyberspace, expand alliances and partnerships, reform the Department, and cultivate talent.”

The creation of “more lethal force” includes accelerating the development of cyber capabilities for warfighting and counterattacks, leveraging automation and data analysis to improve effectiveness, employing off-the-shelf capabilities in addition to its own, and moving from what it calls a “zero defect” culture to one that fosters agility and innovation.

The Pentagon hopes to deter adversaries by securing its own systems and critical infrastructure, but if that fails it wants to be ready to “employ the full range of military capabilities in response.”

The DoD has recently conducted its first ever cyber posture review, as directed by the National Defense Authorization Act. The results of the review are classified, but a factsheet made public by the organization reveals that the DoD must “continue investments in people, capabilities, and processes to meet fully the objectives set forth in the Strategy.”

Related: Department of Defense Unveils New Cyber Strategy

Related: China Believes Its Cyber Capabilities Lag Behind US

Related: DoD Launches ‘Hack the Marine Corps’ Bug Bounty Program

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Cyberwarfare

Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.