Pentagon unveils its new cyberstrategy. Well, some of it, anyway

The Pentagon on Thursday unveiled its first ever “Strategy for Operating in Cyberspace,” officially – some say belatedly – staking out its turf in the digital realm of networks and computers, an arena that analysts say has been militarized for years.The document outlining the strategy emphasized its defensive – albeit proactive – posture, indicating only by omission the presumed offensive capabilities of a nation seen by many cyberwar experts as the world’s preeminent cyber superpower.Some analysts were quick to criticize the unclassified document as shedding little light on the full and true nature of the Pentagon’s new cyberstrategy.Recent leaks of some elements of the policy document led to its early characterization as focusing on circumstances under which the United States would retaliate with bombs, if it came under serious cyber attack.

But this slender 13-page document stresses measures to enhance US cyberdefenses, with nary a mention of offensive cyber weapon deployment, development, or cyberwar strategy other than the broad mandate to make “cyber” a full-fledged “operational domain.”“Far from ‘militarizing’ cyberspace, our strategy of securing networks to deny the benefit of an attack will help dissuade military actors from using cyberspace for hostile purposes,” Deputy Defense Secretary William Lynn said Thursday at the National Defense University in a speech characterizing the new strategy. “Indeed, establishing robust cyberdefenses no more militarizes cyberspace than having a navy militarizes the ocean.”

“Peace through preventive defense is at the heart of our DoD cyberstrategy and the administration’s overall approach to cyberspace,” he said, referring apparently to sensors and other network systems by which the Pentagon hopes to thwart infiltrating hackers – or at least give them less than they had hoped to gain.Amid headlines touting the latest “cyberbattle” and breathless coverage of hackers defacing websites or criminals scooping up credit card and personal information, Mr. Lynn asserted that little of what is characterized in the media as cyberwar or cyberbattles comes close to meriting military attention, much less military action.

“While identifying criminal activity in cyberspace is of concern, this is not the Defense Department’s primary concern,” he said. “Rather, our concern is specific to activities that threaten our mission to protect the security of the nation.”Lynn’s speech – and the new document – outline “five pillars” that characterize the Defense Department’s cyberstrategy, including:• Operational Domain: The Defense Department will treat cyberspace as an “operational domain,” just as it does land, air, sea, and space. What that means is that the military will operate within and defend its networks as well as organize, train and equip US forces for cyber missions. – Csmonitor