Threat Management

Pentagon Vows to Protect Nation with “Defend Forward” Strategy to Rattle Cyber Actors

An aerial view of the Pentagon.

The Department of Defense (DoD) has released an unclassified summary of its classified 2023 Cyber Strategy.

The classified version of the 2023 Department of Defense Cyber Strategy establishes how the Department will operate “in and through cyberspace to protect the American people and advance the defense priorities of the United States.”

The 2023 DOD Cyber Strategy, which the agency submitted to Congress in May, articulates how the DoD is “operationalizing the priorities” of the 2022 National Security Strategy, 2022 National Defense Strategy, and the 2023 National Cybersecurity Strategy. It builds upon the 2018 DoD Cyber Strategy.

The unclassified version is a summary that presents the DoD’s cyber strategy, highlighting the agency’s actions to defend its cyber networks and infrastructure to support non-DOD agencies and protect the defense industrial base.

The strategy was shaped in part by the Pentagon’s study of Russia’s war with Ukraine, in which cyber capabilities have been used during armed conflict. “The conflict has demonstrated the character of war in the cyber domain. Its lessons will shape the maturation of our cyber capabilities,” the document said.

"Distinct from previous iterations, the strategy commits to increasing our collective cyber resilience by building the cyber capability of allies and partners." Deputy Assistant Secretary for Cyber Policy Mieke Eoyang said. "It also reflects the department’s approach to defending the homeland through the cyber domain as well as prioritizing the integration of cyber capabilities into our traditional warfighting capabilities."

How the DoD Addresses Cyber Threats

The strategy is the fourth iteration for the Department, and the first to be informed by years of significant cyberspace operations, the DoD said.

To address current and future cyber threats, the DoD said it will pursue four "lines of effort:"

  • Defend the Nation. The Department will campaign in and through cyberspace to generate
    insights about cyber threats. It will defend forward, disrupting and degrading malicious cyber
    actors' capabilities and supporting ecosystems. The Department will work with its interagency
    partners to leverage available authorities to enable the defense of U.S. critical infrastructure and
    counter threats to military readiness.
  • Prepare to Fight and Win the Nation's Wars. The Department will campaign in and through
    cyberspace to advance Joint Force objectives. It will ensure the cybersecurity of the
    Department of Defense Information Network (DODIN) and conduct defensive cyberspace
    operations in order to protect it. The Department will enhance the cyber resilience of the Joint
    Force and ensure its ability to fight in and through contested and congested cyberspace. It
    will utilize the unique characteristics of cyberspace to meet the Joint Force's requirements and
    generate asymmetric advantages.
  • Protect the Cyber Domain with Allies and Partners. Global allies and partners represent
    a foundational strategic advantage for the United States. They will build the capacity and
    capability of U.S. Allies and partners in cyberspace and expand avenues of potential cyber
    cooperation. They will continue hunt forward operations and other bilateral technical
    collaboration, working with Allies and partners to illuminate malicious cyber activity on their
    networks. they will reinforce responsible state behavior by encouraging adherence to
    international law and internationally recognized cyberspace norms.
  • Build Enduring Advantages in Cyberspace. The Department will pursue institutional
    reforms to build advantages that will persist for decades to come. It will optimize the
    organizing, training, and equipping of the Cyberspace Operations Forces and Service-retained
    cyber forces. It will ensure the availability of timely and actionable intelligence in support of
    cyberspace operations and explore the intersection of emerging technologies and cyber
    capabilities. It will foster a culture of cybersecurity and cyber awareness, investing in the
    education, training, and knowledge development of personnel across the defense enterprise.

“As cyber threats grow and intensify, every soldier, sailor, airman, marine, guardian, coast guardsman, DoD civilian, and contractor is responsible for exercising cyber awareness and helping to manage the risk of the Department,” the document reads. “At the same time, senior leaders of the Department, Military Departments and Services, and the Joint Warfighting community must work together with counterparts across other Federal departments and agencies to build a robust and integrated cyber capability: one that is ready and available to respond rapidly across the spectrum of conflict.”

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.