trump administration's first "dod cyber strategy" (translation attached)

Posted by tetley at 2020-02-27


The prosperity, freedom and security of the United States depend on open and reliable access to information. The Internet empowers us and enriches our lives by providing more new knowledge, new businesses and new services. Computer and network technologies enable joint forces to gain information superiority, long-range strike and global command and control, and consolidate the advantages of U.S. military operations.

The arrival of the digital era also brings challenges to the Ministry of defense and the country. At the same time, the characteristics of Internet openness, cross-border and decentralization that we are striving for have also resulted in a large number of loopholes. Those who do not want to deal with the United States and its allies in armed conflict are using cyber operations to steal our technology, disrupt our government and business, challenge our democratic process and threaten our critical infrastructure.

We are engaged in long-term strategic competition with China and Russia. These countries have greatly expanded competition by continuously launching long-term strategic risk actions against the United States and its allies in cyberspace. China is constantly stealing sensitive information from the public and private sectors to erode the military advantage and economic vitality of the United States. Russia, on the other hand, uses Internet information to influence our people and challenge our democratic process. Countries such as North Korea and Iran also use malicious Internet activities to harm us citizens and threaten US interests. At the global level, the scope and speed of malicious network operations are increasing, and the severe dependence of almost all important civil and military facilities in the United States on the Internet will be an urgent risk.

The Department of defense must take action against the daily competition of cyberspace to maintain the military advantage of the United States and protect the interests of the United States. Our focus will be on those countries that pose a strategic threat to the prosperity and security of the United States, particularly China and Russia. In response to crises and conflicts, we will conduct cyberspace operations to gather intelligence and prepare for military cyber capabilities. We will implement "forward defense" to thwart and combat malicious network behaviors at the source, including those under the standards of armed conflict. We will strengthen the security and recovery capabilities of networks and systems that contribute to the current and future military advantage of the United States. We will work with multi sector, industry and international partners to promote our common interests.

During the war, the U.S. cyber forces will cooperate with air, sea and space forces to fight against the enemy's weaknesses and offset the opponent's advantages. The adversary military forces rely on the same network technology as the joint forces, and the Department of defense will use this dependence to gain military advantages, including innovative concepts such as the use of offensive network capabilities and the use of network operations in all areas of conflict.

The 2018 DOD cyber strategy represents the Department's perspective of addressing cyber security threats, which will replace the 2015 DOD cyber strategy and implement the priorities of "national security strategy" and "national defense strategy".  

The United States can no longer "stand by" and our values, economic competitiveness and military superiority are increasingly threatened every day. We must firmly defend our interests in cyberspace in cyberspace at the level of armed conflict and ensure that we are ready to support the joint forces in a crisis in cyberspace.

Strategic competition in Cyberspace

U.S. strategic adversaries are launching cyber operations to weaken U.S. military superiority, threaten our critical infrastructure, and undermine our economic prosperity. The Department of defense must take measures to respond, including pressuring, disrupting, and demoting cyber actions that threaten U.S. interests, enhancing cyber security and resilience of potential adversaries, and enhancing cross sectoral and coalition cooperation.

First, we must make sure that American military forces can wage and win wars in any field, including cyberspace. This is the basic requirement of the national security of the United States and the key to ensure that we can resist cyber attacks against the United States and its allies. DOD must protect its own networks, equipment and information from malicious network operations, and be prepared to defend those networks and systems controlled by non DOD defense critical infrastructure (DCI) and defense industrial infrastructure (DIB). We will "defend forward" these infrastructures.

Second, the Department of defense seeks to preempt malicious cyber operations against critical U.S. infrastructure. Our main role in national defense is to implement "forward defense" and try to stop the threat before it reaches its goal. The Department of defense will work with other federal departments and agencies to provide threat indicators and alerts for malicious network activities to the public and private sectors.

Third, the Department of defense will work with U.S. allies and partners to strengthen network capabilities, expand joint cyberspace operations, increase two-way information sharing, and enhance bilateral interests.

DOD cyberspace objectives include:

1. Ensure that the joint force can achieve its objectives in a competitive cyberspace environment.

2. Enhance the capabilities of joint forces in cyberspace operations and enhance the military advantage of the United States.

3. Protect critical infrastructure in the United States from malicious network activities.

4. Protect DOD information and equipment and non DOD networks from malicious network activities.

5. Expand the network operation cooperation between the Ministry of defense and other departments, industries and international partners.

Protecting civilian assets and ensuring US military superiority

DOD must be prepared to protect the Internet and equipment that are not DOD owned defense critical infrastructure (DCI) and defense industrial infrastructure (DIB). Our primary goal in protecting DCI is to ensure that critical infrastructure continues to function and support DOD objectives in a competitive network environment. Our focus in working with DIB entities is to protect sensitive DOD information, and the leakage of such sensitive information will seriously weaken the military advantage of the joint forces. As a business partner of DIB and DCI, DOD will develop and implement cybersecurity, resiliency and reporting standards; be prepared to provide direct assistance when required and authorized, including on non DOD networks before, during and after the event.

Strategic approach

Our strategic approach is based on the goal of building a more lethal military force, competing and deterring in cyberspace, expanding alliances and partnerships, reforming the Department of defense, and fostering talent.

(1) Building more deadly military power through cyberspace

Speed up the development of network capabilities: the Ministry of defense will speed up the capacity-building of network operations and malicious network operations. Our focus will be on deploying scalable, adaptable and diverse capabilities to provide greater flexibility to the JFC. The joint force will be able to use cyberspace in all kinds of conflicts, from daily operations to wartime, to advance the interests of the United States.

Innovation for Agility: DOD must innovate to keep up with rapidly evolving threats and technologies in cyberspace. We will prudently accept and manage operational and planning risks, moving from a "zero defect" culture to one that promotes agility and innovation, because success in this area requires the Department of defense to innovate faster than our strategic competitors.

Improve efficiency with automation and data analysis: DOD will actively use network enterprise solutions and conduct large-scale data analysis to identify malicious network activities across different network systems. DOD will use these advances to improve our defense posture and ensure that our network capabilities will continue to be effective against competitors with cutting-edge technology.

Use commercially available network capabilities: DOD is good at creating network capabilities for specific operational issues. In addition to these capabilities, we will use more commercially available network capabilities to optimize DOD capabilities.

(2) Competition and deterrence in Cyberspace

Containment of malicious network activities: the United States seeks to use all means of state power to prevent malicious network activities that threaten the national interests of the United States, our allies or partners from developing countries. The Department of defense will give priority to protecting sensitive information of the Department and preventing malicious network activities that use force against the United States, allies or partners. If deterrence fails, the joint forces stand ready to respond with all military force.

In the daily competition, there is a continuous competition for malicious network activities: the Ministry of defense will intercept and stop malicious network activities through "forward defense", strengthen the security of systems and networks supporting the mission of the Ministry of defense, and fight against network activities that threaten the military advantage of the United States. This includes working with the private sector, as well as our foreign allies and partners, against cyber activities that could threaten joint force missions and sensitive DOD information.

Improve the anti risk capability of key infrastructure in the United States: the Department of defense will work with other agencies and the private sector to reduce malicious network activities targeting key infrastructure in the United States. We will simplify the public-private information sharing mechanism and strengthen the flexibility and network security of key infrastructure networks and systems.

(3) Strengthen allies and attract new partners

Building a trusted partnership with the private sector: the private sector owns and operates most of the infrastructure in the United States and is at the forefront of competition in cyberspace countries. In coordination with other federal departments and agencies, the Department of defense will build trust with the private sector, develop planning and cooperative training, and support cybersecurity activities with each other.

Implementing international partnerships: many of America's allies and partners have advanced networking capabilities that complement our own. DOD will strive to strengthen the capabilities of these allies and partners, and improve DoD's ability to utilize partner skills and resources. Information sharing with allies and partners will improve the effectiveness of joint cyberspace operations and enhance our collective cybersecurity posture.

Strengthen the code of conduct of cyberspace responsible countries: the Ministry of national defense will strengthen the voluntary and non binding construction of norms of cyberspace responsible countries in peacetime. The United States agrees with the work of the United Nations group of Governmental Experts on Information Security (ungge) in developing a framework for responsible state conduct in cyberspace, such as banning the destruction of critical civilian infrastructure in peacetime. DOD will work with other departments and international partners to promote the international commitment of cyberspace actors and develop and implement cyber confidence measures (CBM). When network activities threaten the interests of the United States, we will fight against them and prepare to work with partners to defend the interests of the United States.

(4) Reform the Department of Defense

Integrate network awareness into DoD's organizational culture: DOD will adjust its organizational culture so that individuals at all levels have an understanding of cyberspace and can integrate this knowledge into daily activities. Leaders and employees need to fully understand the impact of their decisions on cybersecurity and be able to identify opportunities to leverage cyberspace for strategic, operational, and tactical advantages.

Strengthen network security accountability: reduce the "attack surface" of departments, and improve the network security awareness and accountability of all departments. We will hold DOD personnel and the private sector, partners accountable for their cybersecurity practices and choices.

Looking for affordable, flexible and durable solutions: DOD will reduce the time it takes to acquire software and hardware to keep up with the rapid development of technology. We will identify opportunities to purchase scalable services, such as cloud storage and scalable computing capabilities, to ensure that our systems are in sync with business information technology and scale as necessary to meet changing needs. We will also leverage commercial ready to use products or technologies (COTS) where feasible to reduce our reliance on expensive custom software.

Expand the crowdsourcing mode of vulnerability identification: the Ministry of defense will continue to implement the "programming marathon" and "vulnerability reward program" to more effectively identify and mitigate vulnerabilities and promote innovation.

(5) Personnel training

Maintain a ready network workforce: DOD workforce is a critical network asset. We will invest in building future talent, identifying and recruiting top talent, and retaining our current network workforce. We will provide sufficient opportunities for the professional development and professional development of network personnel, including opportunities inside and outside the Department. We will create processes to maintain the visibility of the entire military and civilian network workforce and optimize personnel rotation across military departments and commands, including maximizing the use of backup talent. DOD will also ensure that its network requirements are met by an optimal mix of military, civilian and contract personnel.

Strengthening national network talents: the Ministry of defense plays an important role in strengthening the national network talents reserve, which aims to further improve the adaptability of the private and public sectors in response to network threats. To this end, we will work with other federal departments and agencies to promote science, technology, engineering, mathematics and foreign language (stem-l) disciplines at the primary and secondary education level in the United States. DOD will also work with industry and academia to establish standards for training, education, and awareness to promote the growth of U.S. online talent.

Take software and hardware expertise as one of the core competencies of the Department of Defense: in order to make it attractive to skilled personnel, the Department will establish a career development track for computer science related professionals (including hardware engineers, software developers and data analysts), provide meaningful challenges, expand salary incentives, etc.

Build a network top talent management plan: the Department of defense will build a network talent management plan to provide its network talents with centralized resources and opportunities to develop key skills in their career. The Department will use competitive processes, including individual and team competitions, to select the most capable DOD military and civilian network experts, and then empower them to address the Department's most difficult challenges.

The advent of the Internet era has brought new opportunities and challenges to the Ministry of defense and the country. Open and reliable access to information is an important interest of the United States, and our allies and competitors should understand that we will resolutely defend that interest. In 2018, the DOD network strategy will guide the DOD to build more lethal forces, expand alliances and partnerships, reform departments, cultivate talents, actively confront and deter competitors, implement forward defense, shape daily competition, and prepare for war. In summary, these activities will enable the Department of defense to compete, deter and win in cyberspace.