Build a more lethal force.

Troops have to increasingly worry about cyberattacks while still achieving their missions, so the DOD needs to make processes more flexible. Here’s how: 

 

  • Capabilities are going to be more diverse and adaptable.

  • Automation and large-scale data analytics will help identify cyberattacks and make sure our systems are still effective.

  • More commercial technology will be integrated into current systems for maximum effectiveness in the ever-changing cybersphere.

Compete and deter in cyberspace.

This means preventing harmful cyber activities before they happen by:

 

  • Strengthening the cybersecurity of systems and networks that support DOD missions, including those in the private sector and our foreign allies and partners.

  • Streamlining public-private information-sharing.

  • Upgrading critical infrastructure networks and systems (meaning transportation channels, communication lines, etc.) to reduce the risk of major cyberattacks on them.

  • Setting and enforcing standards for cybersecurity, resilience and reporting.

  • Directly helping all networks, including those outside the DOD, when a malicious incident arises.

Strengthen alliances and attract new partnerships.

We can’t do this mission alone, so the DOD must expand its cyber-cooperation by:

 

  • Building dependable partnerships with private-sector entities who are vital to helping support military operations.

  • Sharing information with other federal agencies, our own agencies, and foreign partners and allies who have advanced cyber capabilities. This will increase effectiveness.

  • Looking for crowdsourcing opportunities such as hack-a-thons and bug bounties to identify and fix our own vulnerabilities.

  • Upholding cyberspace behavioral norms during peacetime.

Reform the department.

Personnel must increase their cyber awareness. The DOD is making strides in this by:

 

  • Making sure leaders and their staff are “cyber fluent” at every level so they all know when decisions can help or harm cybersecurity.

  • Holding DOD personnel and third-party contractors more accountable for slip-ups.

  • Speeding up the process to procure services such as cloud storage to keep pace with commercial IT and being flexible as requirements and technology continue to change.