DoD Releases Strategy for Operating in Cyberspace

Friday, July 15, 2011



The Department of Defense has released a document that provides an outline for military-based cyber operations titled Strategy for Operating in Cyberspace (pdf) that contains five specific strategic initiatives.

A summary of the document is as follows:

"The security and effective operation of U.S. critical infrastructure – including energy, banking and finance, transportation, communication, and the Defense Industrial Base – rely on cyberspace, industrial control systems, and information technology that may be vulnerable to disruption or exploitation."

"In developing its strategy for operating in cyberspace, DoD is focused on a number of central aspects of the cyber threat; these include external threat actors, insider threats, supply chain vulnerabilities, and threats to DoD‘s operational ability. DoD must address vulnerabilities and the concerted efforts of both state and non-state actors to gain unauthorized access to its networks and systems."

"Potential U.S. adversaries may seek to exploit, disrupt, deny, and degrade the networks and systems that DoD depends on for its operations. DoD is particularly concerned with three areas of potential adversarial activity: theft or exploitation of data; disruption or denial of access or service that affects the availability of networks, information, or network-enabled resources; and destructive action including corruption, manipulation, or direct activity that threatens to destroy or degrade networks or connected systems."

"Cyber threats to U.S. national security go well beyond military targets and affect all aspects of society. Hackers and foreign governments are increasingly able to launch sophisticated intrusions into the networks and systems that control critical civilian infrastructure. Given the integrated nature of cyberspace, computer-induced failures of power grids, transportation networks, or financial systems could cause massive physical damage and economic disruption. DoD operations—both at home and abroad—are dependent on this critical infrastructure."

"While the threat to intellectual property is often less visible than the threat to critical infrastructure, it may be the most pervasive cyber threat today. Every year, an amount of intellectual property larger than that contained in the Library of Congress is stolen from networks maintained by U.S. businesses, universities, and government departments and agencies. As military strength ultimately depends on economic vitality, sustained intellectual property losses erode both U.S. military effectiveness and national competitiveness in the global economy."

  • Strategic Initiative 1: Treat cyberspace as an operational domain to organize, train, and equip so that DoD can take full advantage of cyberspace’s potential.
  • Strategic Initiative 2: Employ new defense operating concepts to protect DoD networks and systems.
  • Strategic Initiative 3: Partner with other U.S. government departments and agencies and the private sector to enable a whole-of-government cybersecurity strategy.
  • Strategic Initiative 4: Build robust relationships with U.S. allies and international partners to strengthen collective cybersecurity.
  • Strategic Initiative 5: Leverage the nation’s ingenuity through an exceptional cyber workforce and rapid technological innovation.
Possibly Related Articles:
SCADA Security Strategy Government Military DoD Intellectual Property Headlines Infrastructure Pentagon National Security Cyber Warfare Cyber Defense
Post Rating I Like this!
Vulcan Mindm3ld I am not impressed.
Vulcan Mindm3ld haha! Excellent point about those resignations. I would suspect there were many reasons they resigned but my cynical nature leads me to believe the overwhelming bureaucracy and general stubbornness of some groups to change fueled their blast off.

Perhaps,they felt as if they were just hitting a brick wall too much. They did do a lot of stuff but in my opinion it was mainly just media-worthy change -- like $99 paint job on a hoopty.

Too often I hear: It's too risky to change NOW so, we need to MUCH more planning (by then, the landscape has changed). Or it is TOO expensive to implement that stuff right NOW.

These are just my opinions formed from my tiny, pinhole view into the bigger problem.
Vulcan Mindm3ld hahaha! Nope.. they're already asleep!
Kevin McAleavey Perhaps if they stopped passing the sweet and sour shrimp and walked down the hall and talked to a few geeks?


Defenestration is *not* an option.
Kevin McAleavey Looks like Joe Black really IS in charge of all that.
Kevin McAleavey Agreed! Throughout the 90's, our previous company was on GSA and we had a lot of customers in government. When a new administration rolled around in 2001, we were off it and were never able to get back on even under the current administration.

When we tried to talk to our congressfish here in Albany, we were referred to the small animal administration and still nothing. And we ARE an MWBE. Ah well ... Uncle Sammy's got the situation well in hand. No need for us.
Vulcan Mindm3ld Another concern of mine is the government being taken advantage of again in their pursuit of initiative #5 ("...rapid technological innovation.")

In the past, we've seen millions of dollars being wasted in attempt to gain a technological upper-hand too quickly but from less-than scrupulous people. Leaders were wooed by demoware.

Integrity has ALWAYS been critical but it is more important than EVER to identify those who are do not have it. I am so glad people such as Infosec Island and are shining some light on these charlatans.

Kevin McAleavey Well ... now that the defense contractors are lining up at the trough, I'm sure they'll come up with an antivirus that works toute suite. :)

Alabama: The next internet bubble.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.