There have been numerous reports about cyber attacks directed against the United States and possibly against countries such as Iran. The Department of Defense has now released the public version of their strategy for dealing with threats in cyberspace. They outline 5 “strategic initiatives” that are at the heart of their approach. According to the report these are:
Strategic Initiative 1: Treat cyberspace as an operational domain to organize, train, and equip so that DoD can take full advantage of cyberspace’s potential
Strategic Initiative 2: Employ new defense operating concepts to protect DoD networks and systems
Strategic Initiative 3: Partner with other U.S. government departments and agencies and the private sector to enable a whole-of-government cybersecurity strategy
Strategic Initiative 4: Build robust relationships with U.S. allies and international partners to strengthen collective cybersecurity
Strategic Initiative 5: Leverage the nation’s ingenuity through an exceptional cyber workforce and rapid technological innovation
Perhaps I’m naive, but I’m assuming they were already doing this. Based on what they’ve publicly said, it appears that there is no strategy at all. Only bureaucratic double-speak. Am I missing something here? I know, I know, you don’t want to spell it all out publicly, but at least the broad outlines of how you are going to deal with threats and enemies?