2023 Department of Defense Cyber StrategyThe classified 2023 Department of Defense Cyber Strategy establishes how the Department will operate in and through cyberspace to protect the American people and advance the defense priorities of the United States. It implements the priorities of the 2022 National Security Strategy, 2022 National Defense Strategy (NDS), and 2023 National Cybersecurity Strategy. It builds upon and supersedes the 2018 DoD Cyber Strategy. This unclassified summary is intended to present the overarching priorities of the 2023 DoD Cyber Strategy and should not be considered exhaustive. The scope of this document is limited to the cyber domain; it does not establish policy for the Department's operations in the information environment. The 2023 DoD Cyber Strategy is grounded in real-world experience. Since 2018, the Department has conducted a significant number of cyberspace operations through its policy of defending forward, actively disrupting malicious cyber activity before it can affect the U.S. Homeland. This strategy is further informed by Russia's 2022 war on Ukraine, which has seen a significant use of cyber capabilities during armed conflict. In this saturated cyber battlefield, military operations conducted by states and non-state proxies have collided with the cyber defense efforts of numerous private sector actors. The conflict has demonstrated the character of war in the cyber domain. Its lessons will shape the maturation of our cyber capabilities. U.S. Department of DefenseDoD_5e8dcfdc-5d6a-11df-839d-400e7a64ea2aDoD StakeholdersAs cyber threats grow and intensify, every soldier, sailor, airman, marine, guardian, coast guardsman, DoD civilian, and contractor is responsible for exercising cyber awareness and helping to manage the risk of the Department.DoD Senior LeadersAt the same time, senior leaders of the Department, Military Departments and Services, and the Joint Warfighting community must work together with counterparts across other Federal departments and agencies to build a robust and integrated cyber capability: one that is ready and available to respond rapidly across the spectrum of conflict. _6cbb04ec-3fa7-11ef-b5c8-fb502783ea00To establish how the Department will operate in and through cyberspace to protect the American people and advance the defense priorities of the United States_6cbb079e-3fa7-11ef-b5c8-fb502783ea00DynamismCyberspace has grown far beyond its origins as a U.S. defense research project. Static, text- driven websites and file-sharing protocols have given way to the dynamic, mobile, and ubiquitous environment we know today. The Internet now forms the connective tissue for two thirds of the world's population.MobilityUbiquitySecurityIt is also under attack by those who seek to undermine a secure and open cyberspace and threaten the security of the United States.DefenseThe Department will defend the interests of the United States and protect the shared digital environment. We will defend forward, disrupting and degrading malicious cyber actors, and help ensure the resilience of the homeland with all tools at our disposal. We will use cyberspace to fight and win the Nation's wars, supporting and advancing the objectives of the Joint Force.AllianceWe will bolster the cyber capability and capacity of our Allies and partners and reinforce norms of responsible behavior in cyberspace.PartnershipCapacityThroughout it all, we will build enduring advantages in the cyber domain. CapabilityWith a robust and integrated cyber capability, the Department will be ready to respond rapidly across the spectrum of conflict.DeterenceWe will deter and de-escalate where we can. In all other cases, we will prevail.DefenseDefend the Nation._6cbb09ba-3fa7-11ef-b5c8-fb502783ea001The Department will campaign in and through cyberspace to generate insights about cyber threats. We will defend forward, disrupting and degrading malicious cyber actors' capabilities and supporting ecosystems. The Department will work with its interagency partners to leverage available authorities to enable the defense of U.S. critical infrastructure and counter threats to military readiness. ^^ The first defense priority established in the 2022 NDS is that of defending the Homeland, paced to the growing multi-domain threat posed by the PRC. In cyberspace, the Department will harness outwardfacing capabilities to enable internal defense, identifying and mitigating threats before they can harm the American people. We will enable domestic cyber defense in coordination with interagency partners. Cyber ThreatsGenerate Insights about Cyber Threats_6cbb0a14-3fa7-11ef-b5c8-fb502783ea001.1The Department will continue to persistently engage U.S. adversaries in cyberspace, identifying malicious cyber activity in the early stages of planning and development. We will track the organization, capabilities, and intent of malicious cyber actors. We will leverage these insights to bolster the cyber resilience of the Nation and will coordinate with interagency partners to publicize this information as circumstances permit. Malicious Cyber ActorsDisrupt and Degrade Malicious Cyber Actors_6cbb0afa-3fa7-11ef-b5c8-fb502783ea001.2The Department will continue to defend forward by disrupting the activities of malicious cyber actors and degrading their supporting ecosystems. These operations will be primarily conducted by USCYBERCOM, leveraging its authorities and in close coordination with other departments and agencies as well as our global Allies and partners. The Department has executed a number of such cyberspace operations under this policy since 2018, notably in the defense of U.S. elections. Lessons learned from these operations inform our pursuit of new capabilities and shape our approach to risk management. ^^ These operations will support the strategic approach outlined in the 2023 National Cybersecurity Strategy, in which the Department's cyberspace operations may complement concurrent actions by the diplomatic, law enforcement, and intelligence communities, among others. Together, these actions will support a whole-of-Government effort to reduce the perceived and actual utility of malicious cyber activity and render cybercrime unprofitable. Critical InfrastructureEnable Defense of US. Critical Infrastructure_6cbb0b4a-3fa7-11ef-b5c8-fb502783ea001.3National GuardThe Department will fully leverage the National Guard with its unique separate statuses as both a Federal and state-level entity to facilitate partnerships between the Federal Government and state, local, territorial, and tribal governments to support and augment cyber defense responses.Federal GovernmentWe will continue to improve and expand coordination across the Federal Government and clearly communicate our priorities to interagency partners. U.S. adversaries regularly use malicious cyber activity to target our critical infrastructure. In crisis, they will seek to hinder U.S. military mobilization, sow chaos, and harm the American people. The Department will support whole-of-Government efforts to raise U.S. cybersecurity standards in order to increase resilience and make it more difficult for adversaries to disrupt these essential services. ^^ Consistent with the 2023 National Cybersecurity Strategy, the Department will leverage all legally available contractual mechanisms, resources, and operational arrangements to improve the cybersecurity of U.S. critical infrastructure systems. We will expand public-private partnerships to ensure that DoD resources, expertise, and intelligence are made available to support key private sector initiatives. We will also draw upon the private sector's technical expertise and analytic capabilities to identify foreign-based malicious cyber activity and mitigate vulnerabilities on a global scale. Defense Industrial BaseProtect the Defense Industrial Base_6cbb0d70-3fa7-11ef-b5c8-fb502783ea001.4The DIB develops, manufactures, and maintains sensitive technologies vital to the defense of the Nation. Safeguarding the technical information used for the design and manufacture of these technologies is critical. Malicious cyber actors routinely target the DIB. Their malicious cyber activity imposes a high opportunity cost, drawing resources and attention from these companies' core missions. These attacks also complicate the Department's acquisition processes, raising costs for the Government and U.S. taxpayers. ^^ To ensure DIB cybersecurity, the Department will continue to convene government and industry officials and leverage public-private partnerships. We will invest in rapid information-sharing and analysis and will develop a comprehensive approach for the identification, protection, detection, response, and recovery of critical DIB elements, thereby ensuring the reliability and integrity of critical weapons systems and production nodes. ^^ Beyond information-sharing efforts, the Department will also align DIB contract incentives with DoD cybersecurity requirements. Toward this end, the Department will continue implementation of the Cybersecurity Maturity Model Certification Program, which requires companies to certify compliance with information security standards in order to receive certain priority contracts. We will complement this program with other efforts to increase active defense measures and improve data protection across the DIB, such as provision of no-cost cybersecurity services to qualifying companies. These services protect against the most common adversary exploitation vectors and reflect the Department's continued partnership with small-to-medium-sized companies. WarsPrepare to Fight and Win the Nation's Wars._6cbb0dca-3fa7-11ef-b5c8-fb502783ea002The Department will campaign in and through cyberspace to advance Joint Force objectives. We will ensure the cybersecurity of the Department of Defense Information Network (DODIN) and conduct defensive cyberspace operations in order to protect it. The Department will enhance the cyber resilience of the Joint Force and ensure its ability to fight in and through contested and congested cyberspace. We will utilize the unique characteristics of cyberspace to meet the Joint Force's requirements and generate asymmetric advantages. ^^ The Department will use cyberspace operations to enable and empower the Joint Force. These efforts will unfold in multiple ways: through persistent campaigning below the level of armed conflict, through cyber defense and the fostering of cyber resilience, and through support of campaign and contingency planning. ObjectivesAdvance Joint Force Objectives_6cbb0e2e-3fa7-11ef-b5c8-fb502783ea002.1The Department will campaign in and through cyberspace to reinforce deterrence objectives while achieving informational and military advantages. Our adversaries will be made to doubt the efficacy of their military capabilities as well as the belief that they can conduct unattributed coercive actions against the United States. As the Department campaigns in cyberspace for this purpose, we will develop offensive and defensive options to support the Joint Force so that it is ready to respond rapidly across the spectrum of conflict.DODINDefend the DODIN_6cbb0e88-3fa7-11ef-b5c8-fb502783ea002.2The Department will be resilient against malicious cyber activity and ready to operate in congested and contested cyberspace. This effort will be grounded in our defense of the DODIN. ^^ The Department will address vulnerabilities in the DODIN and correct issues of insufficient risk management and monitoring. To frustrate future malicious cyber activity, we will implement Zero Trust architectures and their associated cybersecurity technologies, as well as modernize our cryptographic algorithms across weapons systems, data links, and networks. ^^ Furthermore, the Department will increase unity of effort between defensive cyberspace and DODIN operations by integrating the visibility, capabilities, and operations of relevant mission elements. We will align intelligence, acquisition and sustainment, and other functions to ensure that the DODIN can rapidly adapt to counter evolving cyber threats. Cyber ResilienceBuild Cyber Resilience in the Joint Force_6cbb0ed8-3fa7-11ef-b5c8-fb502783ea002.3The Department will enhance the cyber resilience of the Joint Force and ensure its ability to fight in and through contested and congested cyberspace. We will prioritize those cyber capabilities that support the Joint Force's military mission assurance and commit to training the force to operate amid network and warfighting platform degradation. Plans & OperationsSupport Joint Force Plans and Operations_6cbb0f32-3fa7-11ef-b5c8-fb502783ea002.4The Department will continue to integrate cyberspace operations in its campaign and contingency planning as part of integrated deterrence. We will further refine this approach, developing options that utilize the unique characteristics of cyberspace to meet the Joint Force's requirements and generate asymmetric advantages. This will include the pursuit of cross-domain effects during large-scale combat operations.Cyber DomainProtect the Cyber Domain with Allies and Partners._6cbb0f96-3fa7-11ef-b5c8-fb502783ea003AlliesPartnersOur global Allies and partners represent a foundational strategic advantage for the United States. We will build the capacity and capability of U.S. Allies and partners in cyberspace and expand avenues of potential cyber cooperation. We will continue hunt forward operations and other bilateral technical collaboration, working with Allies and partners to illuminate malicious cyber activity on their networks. We will reinforce responsible state behavior by encouraging adherence to international law and internationally recognized cyberspace norms. ^^ The Department will maximize its effectiveness in cyberspace by combining its efforts with those of Allies and partners. This approach relies upon building the cyber capability and capacity of Allies and partners. It requires a mix of internal institutional reforms and external partner engagement. Capacity & CapabilityBuild Cyber Capacity and Develop Capability in Allies and Partners_6cbb0ff0-3fa7-11ef-b5c8-fb502783ea003.1The Nation's constellation of diplomatic and defense relationships represents a foundational strategic advantage. In cyberspace, the capabilities of Allies and partners combine with those of the United States to enable timely information sharing and interoperability as well as contribute to our collective security. However, this interdependence also introduces risk as some cyber actors target the networks of Allies and partners with the ultimate objective of compromising U.S. systems. To address this, the Department will prioritize efforts to increase the effectiveness of Allies and partners in cyberspace. Doing so will protect the shared and open Internet. It will also strengthen the security of the United States. ^^ In some cases, the Department will work toward this goal by augmenting partner capacity, expanding partners' access to cybersecurity infrastructure and maturing their cyber workforce though combined training events and exercises. In other cases, we will develop partner capability, enabling a function that a partner needs but does not yet have, including particular knowledge and capabilities. The Department will enhance our relationship with our most cyber- capable Allies and partners at the strategic, operational, and tactical levels. We will expand the total number of partners with whom we engage and integrate these efforts with the wider security cooperation enterprise. CooperationExpand Avenues of Cyber Cooperation_6cbb105e-3fa7-11ef-b5c8-fb502783ea003.2The Department will address institutional barriers that inhibit cooperation in cyberspace and better leverage security cooperation tools to advance DoD's defense priorities. We will emphasize the timely sharing of information that Allies and partners may use to increase the effectiveness of combined cyberspace operations and enhance collective cybersecurity efforts. We will share our best practices regarding vulnerability mitigation, workforce development, and operational planning while seeking to learn from the best practices of our Allies and partners. ^^ Through both DoD's security cooperation authorities and collaboration with other Federal departments and agencies that can provide opportunities to engage private sector partners, we will respond to requests from global Allies and partners seeking cybersecurity assistance from U.S. experts. Operations & Technical CollaborationContinue Hunt Forward Operations and Bilateral Technical Collaboration_6cbb10cc-3fa7-11ef-b5c8-fb502783ea003.3Since 2018, the Department has regularly worked with our Allies and partners to help identify vulnerabilities on their government-operated networks. These operations and assessments, conducted by USCYBERCOM, have aided U.S. cybersecurity preparedness, contributed to the warfighting capability of the Joint Force, and established or enhanced strong information-sharing relationships with a number of nations, including Ukraine. They have also bolstered the cyber resilience of Allies and partners by exposing hostile TTPs and malware. ^^ We will continue to conduct these operations in the years ahead, illuminating adversary actions in cyberspace and frustrating the designs of malicious cyber actors. Our efforts will bolster collective cybersecurity and improve relationships with Allies and partners. NormsReinforce Norms of Responsible Behavior in Cyberspace_6cbb1144-3fa7-11ef-b5c8-fb502783ea003.4The Department will reinforce norms of responsible behavior in cyberspace. By strengthening this shared normative framework, we will intensify the international scrutiny faced by malicious cyber actors and help constrain the activity of U.S. adversaries in cyberspace. ^^ In pursuit of this goal, we will support the efforts of the Department of State to foster global consensus on cyberspace norms. We will stand ready to expose and contest behavior inconsistent with such norms and international law, coordinating across the U.S. Government and with our global Allies and partners.CyberspaceBuild Enduring Advantages in Cyberspace._6cbb11b2-3fa7-11ef-b5c8-fb502783ea004The Department will pursue institutional reforms to build advantages that will persist for decades to come. We will optimize the organizing, training, and equipping of the Cyberspace Operations Forces and Service-retained cyber forces. We will ensure the availability of timely and actionable intelligence in support of cyberspace operations and explore the intersection of emerging technologies and cyber capabilities. We will foster a culture of cybersecurity and cyber awareness, investing in the education, training, and knowledge development of personnel across the defense enterprise. ^^ The Department cannot advance its defense priorities without a ready, capable, and informed Joint Force -- one prepared to operate as fluently in cyberspace as any other joint warfighting domain. To achieve this end, we will build enduring advantages that support and enable the full range of cyber activities. WorkforceInvest in the Cyber Workforce_6cbb1220-3fa7-11ef-b5c8-fb502783ea004.1Our most important cyber capability is people: those with the talent, creativity, and sense of mission necessary to defend the Nation in cyberspace. The Department will prioritize reforms to our cyber workforce and improve the retention and utilization of our cyber operators. In so doing, we will assess diverse alternatives for sizing, structuring, organizing and training the Cyberspace Operations Forces and their relationship to Service-retained cyber forces. ^^ The Department will proactively identify cyber talent with experience in the DIB, commercial information technology sector, academia, Intelligence Community, and military. We will ensure that incentive programs are adequately resourced and target specific desired skills for hiring and retention. Where we cannot hire desired skills directly, we will leverage rotational programs and enhance collaboration with the private sector to ensure the Department's access to relevant talent. ^^ The Department will also empower the Services to implement effective talent management and career progression for the cyber workforce. We will encourage the development of expertise via options including extended tour commitments or repeat tour requirements, rotations within mission areas, and career progression models that reward development of such skills. The Department will also explore greater use of reserve components as a way to share talent with the private sector, like those adopted in National Guard cyber units. IntelligencePrioritize Intelligence Support for Cyber Operations_6cbb1284-3fa7-11ef-b5c8-fb502783ea004.2The Department will prioritize necessary reforms to meet the intelligence needs of the cyberspace operations community. We will address cyber requirements through continued improvements to the business practices, human capital management, and organization of the Defense Intelligence Enterprise. We will reduce barriers to information sharing and ensure broader access to technical data consistent with applicable law, policies and procedures. The Department will generally address gaps, ambiguities, and policy issues to enable intelligence activities in support of cyberspace operations. CapabilitiesDevelop and Implement New Cyber Capabilities_6cbb1356-3fa7-11ef-b5c8-fb502783ea004.3The Department will oversee the development and application of new technologies to expand our cyber capabilities. We will prioritize technologies that can confound malicious cyber actors and prevent them from achieving their objectives in and through cyberspace. These include Zero Trust architectures and their associated cybersecurity technologies, advanced endpoint monitoring capabilities, tailored data collection strategies, enhanced cyber forensics, automated data analytics, and systems that enable network automation, network restoration, and network deception. ^^ The Department will engage with its science and technology community, which has produced numerous technologies that support cyberspace operations. We will take steps to align the technology development process with the strategy and objectives of the wider cyber enterprise and ensure that these activities are informed by relevant intelligence. ^^ Finally, the Department will study the applications of autonomous and artificial intelligence- driven cyber capabilities. We will develop principles for the responsible adoption of such technologies in alignment with the 2022 DoD Responsible Artificial Intelligence Strategy and Implementation Pathway.AwarenessFoster Cyber Awareness_6cbb13ba-3fa7-11ef-b5c8-fb502783ea004.4Cyberspace operations may be the responsibility of a relatively small number of cyber professionals, but cyber risk is a challenge shared across the defense enterprise. This is evidenced by malicious cyber actors' efforts to compromise the networks and infrastructure upon which the Joint Force relies. This is also evidenced by the malicious cyber actors' targeting of individual members of the Joint Force for the purposes of stealing sensitive personal information, threatening individual security and military readiness. ^^ The Department will take action to foster a culture of cybersecurity and cyber awareness. We will establish an expectation that senior military and civilian leaders possess a baseline fluency in cybersecurity issues. The Department will develop, fund, and implement technical curricula across different levels of professional military and civilian education, emphasizing General Officer and Senior Executive Service leadership courses. More broadly, we will ensure that service members of all ranks are appropriately informed about cyber issues, incorporating cyber education requirements into the curricula of commissioning sources and enlisted training programs. 2023-09-302024-07-11https://media.defense.gov/2023/Sep/12/2003299076/-1/-1/1/2023_DOD_Cyber_Strategy_Summary.PDFOwenAmburOwen.Ambur@verizon.net