New defense cyber policies are in the works
DOD's two-year-old cyberspace strategy is due for an update, general says.
DOD's cyber strategy from 2011 is due for an update.
The Defense Department is working on a new plan for operating in cyberspace, policy that would update the official strategy first released two years ago this month.
Army Maj. Gen. John Davis said that while significant progress has been made in the military's cyber domain so far, there remains work to be done and that two years in real time could equal 20 years in cyberspace's boundless landscape.
"Senior leaders in the department and beyond the department understand that cyber is a problem [and] cyber is important," Davis said at an industry event in Baltimore on June 28. "They've made cyber a priority, and there is a sense of urgency."
In July 2011, then-Deputy Defense Secretary William Lynn rolled out the defense strategy for operating in cyberspace, which encompasses five strategic pillars. They included the establishment of cyberspace as an operational domain and plans to ready forces to go with it; the introduction and employment of new operational concepts on DOD networks; cross-agency partnerships, including with the Homeland Security Department; the build-up of cyber defenses, coordinated with allies and international partners; and the capitalization of U.S. resources, including technology, workforce and rapid innovation.
Davis highlighted progress over the past two years, including the launch of service cyber components operating under U.S. Cyber Command, joint cyber centers at the combatant commands, military orders for cyber operations, an interim command and control framework, cyber force structure and training exercises.
As a result, Davis said, the U.S. military has been able to refine its role in cyberspace, as well as the partnerships that support it. That role is shared with agencies like DHS and Justice Department, he added, as well as the private sector and global collaborators.
"We have three main cyber missions, and three kinds of cyber forces will operate around the clock to conduct those missions," Davis said.
He noted that national forces will act to counter cyber attacks on the U.S., while a second, larger group of combat mission forces will help execute military operations and integrate digital capabilities into the DOD arsenal. The largest set of cyber operators will operate and defend critical Pentagon networks.
"We will deter, disrupt and deny adversary cyberspace operations that threaten vital U.S. interests when approved by the president and directed by the secretary of defense," he said. "If a crippling cyber attack is launched against our nation, the Department of Defense must be ready for an order from the commander in chief to act."