The Department of Defense (DoD) has released an unclassified summary of its classified 2023 Cyber Strategy.
The classified version of the 2023 Department of Defense Cyber Strategy establishes how the Department will operate “in and through cyberspace to protect the American people and advance the defense priorities of the United States.”
The 2023 DOD Cyber Strategy, which the agency submitted to Congress in May, articulates how the DoD is “operationalizing the priorities” of the 2022 National Security Strategy, 2022 National Defense Strategy, and the 2023 National Cybersecurity Strategy. It builds upon the 2018 DoD Cyber Strategy.
The unclassified version is a summary that presents the DoD’s cyber strategy, highlighting the agency’s actions to defend its cyber networks and infrastructure to support non-DOD agencies and protect the defense industrial base.
The strategy was shaped in part by the Pentagon’s study of Russia’s war with Ukraine, in which cyber capabilities have been used during armed conflict. “The conflict has demonstrated the character of war in the cyber domain. Its lessons will shape the maturation of our cyber capabilities,” the document said.
"Distinct from previous iterations, the strategy commits to increasing our collective cyber resilience by building the cyber capability of allies and partners." Deputy Assistant Secretary for Cyber Policy Mieke Eoyang said. "It also reflects the department’s approach to defending the homeland through the cyber domain as well as prioritizing the integration of cyber capabilities into our traditional warfighting capabilities."
How the DoD Addresses Cyber Threats
The strategy is the fourth iteration for the Department, and the first to be informed by years of significant cyberspace operations, the DoD said.
To address current and future cyber threats, the DoD said it will pursue four "lines of effort:"
- Defend the Nation. The Department will campaign in and through cyberspace to generate
insights about cyber threats. It will defend forward, disrupting and degrading malicious cyber
actors' capabilities and supporting ecosystems. The Department will work with its interagency
partners to leverage available authorities to enable the defense of U.S. critical infrastructure and
counter threats to military readiness.
- Prepare to Fight and Win the Nation's Wars. The Department will campaign in and through
cyberspace to advance Joint Force objectives. It will ensure the cybersecurity of the
Department of Defense Information Network (DODIN) and conduct defensive cyberspace
operations in order to protect it. The Department will enhance the cyber resilience of the Joint
Force and ensure its ability to fight in and through contested and congested cyberspace. It
will utilize the unique characteristics of cyberspace to meet the Joint Force's requirements and
generate asymmetric advantages.
- Protect the Cyber Domain with Allies and Partners. Global allies and partners represent
a foundational strategic advantage for the United States. They will build the capacity and
capability of U.S. Allies and partners in cyberspace and expand avenues of potential cyber
cooperation. They will continue hunt forward operations and other bilateral technical
collaboration, working with Allies and partners to illuminate malicious cyber activity on their
networks. they will reinforce responsible state behavior by encouraging adherence to
international law and internationally recognized cyberspace norms.
- Build Enduring Advantages in Cyberspace. The Department will pursue institutional
reforms to build advantages that will persist for decades to come. It will optimize the
organizing, training, and equipping of the Cyberspace Operations Forces and Service-retained
cyber forces. It will ensure the availability of timely and actionable intelligence in support of
cyberspace operations and explore the intersection of emerging technologies and cyber
capabilities. It will foster a culture of cybersecurity and cyber awareness, investing in the
education, training, and knowledge development of personnel across the defense enterprise.
“As cyber threats grow and intensify, every soldier, sailor, airman, marine, guardian, coast guardsman, DoD civilian, and contractor is responsible for exercising cyber awareness and helping to manage the risk of the Department,” the document reads. “At the same time, senior leaders of the Department, Military Departments and Services, and the Joint Warfighting community must work together with counterparts across other Federal departments and agencies to build a robust and integrated cyber capability: one that is ready and available to respond rapidly across the spectrum of conflict.”