(DOD) CYBER STRATEGY APRIL 2015
The purpose of the new Department of Defense Cyber Strategy, the Department’s second, is to guide the development of DoD's cyber forces and strengthen its cyber defense and cyber deterrence posture. It focuses on building cyber capabilities and organizations for DoD’s three cyber missions: defend DoD networks, systems, and information; defend the United States and its interests against cyberattacks of significant consequence; and provide integrated cyber capabilities to support military operations and contingency plans. The strategy sets five strategic goals and establishes specific objectives for DoD to achieve over the next five years and beyond.
What drove DoD to develop a new cyber strategy? Three major drivers required that DoD develop a new cyber strategy. First is the increasing severity and sophistication of the cyber threat to U.S. interests, to include DoD networks, information, and systems. The Department of Defense has the largest network in the world and DoD must take aggressive steps to defend its networks, secure its data, and mitigate risks to DoD missions. Second, in 2012 President Obama directed DoD to organize and plan to defend the nation against cyberattacks of significant consequence, in concert with other U.S. government agencies. This new mission required new strategic thinking. Finally, in response to the threat, in 2012 DoD began to build a Cyber Mission Force (CMF) to carry out DoD’s cyber missions. The CMF will include nearly 6,200 military, civilian, and contractor support personnel from across the military departments and defense components. The strategy provides clear guidance for the CMF’s development.
Building bridges to the private sector and beyond. To build the force of the future, DoD must attract the best talent, the best ideas, and the best technology to public service. To do so, DoD must build strong bridges to the private sector as well as the research institutions that make the United States such an innovative nation. The private sector and America’s research institutions design and build the networks of cyberspace, provide cybersecurity services, and research and develop advanced capabilities. The Department of Defense has had a strong partnership with the private sector and these research institutions historically, and DoD will strengthen those historic ties to discover and validate new ideas for cybersecurity for DoD and for the country as a whole.
Deterrence is a key part of DoD’s new cyber strategy. This strategy describes the Department of Defense contributions to a broader national set of capabilities to deter adversaries from conducting cyberattacks. The Department of Defense assumes that the deterrence of cyberattacks on U.S. interests will be achieved through the totality of U.S. actions, including declaratory policy, substantial indications and warning capabilities, defensive posture, effective response procedures, and the overall resiliency of U.S. networks and systems. DoD has a number of specific roles to play in this equation; this strategy describes how DoD will fulfill its deterrence responsibilities effectively.
STRATEGIC GOALS AND KEY IMPLEMENTATION OBJECTIVES:
All three of DoD’s cyber missions require close collaboration with foreign allies and partners. In its international cyber engagement, DoD seeks to build partnership capacity in cybersecurity and cyber defense. • Partner capacity building will focus on priority regions, to include the Middle East, Asia-Pacific, and Europe. DoD will remain adaptive and flexible to build new alliances and partnerships as required.