The US Department of Defense (DoD) has released an unclassified summary of its 2023 Cyber Strategy, which focuses on offensive and defensive efforts in the cyber domain. One key aspect of the strategy is to enhance the cyber capabilities of allies and partners and strengthen collective resilience against cyberattacks. This involves improving cybersecurity infrastructure, providing training events and exercises to develop the cyber workforce, and assisting partners in developing their capabilities. Another important goal is to defend the nation and its critical infrastructure by disrupting and degrading threat actors’ capabilities. The DoD also emphasizes the need for long-term impact and plans to optimize the organization, training, and equipping of cyberspace operations forces. Additionally, the DoD has launched the ‘Hack the Pentagon’ website to facilitate bug bounty programs and recruit security researchers.
| Signal | Change | 10y horizon | Driving force |
|---|---|---|---|
| US DoD outlines plans for offensive and defensive cyber efforts | Increased focus on cyber capabilities and resilience | Increased cybersecurity infrastructure and workforce training | Protection against cyber threats and adversaries |
| DoD aims to boost cyber capabilities of allies and partners | Strengthening partnerships and collective resilience | Increased capacity and access to cybersecurity infrastructure | Collaboration and shared defense against cyberattacks |
| DoD aims to defend nation and critical infrastructure | Defense, disruption, and degradation of threat actors | Enhanced security measures and infrastructure protection | Protection of national security and combat capability |
| DoD focuses on organizing, training, and equipping cyber forces | Optimization of cyber forces and intelligence support | Improved effectiveness and integration of cyber operations | Enhancing capabilities and readiness for cyber warfare |
| DoD launches ‘Hack the Pentagon’ website for bug bounty programs | Encouraging collaboration with security researchers | Increased cybersecurity and improved vulnerability management | Harnessing external expertise and incentivizing security research |
| DoD runs multiple bug bounty projects, including Hack the Pentagon | Embracing bug bounty programs for vulnerability discovery | Enhanced security testing and vulnerability management practices | Encouraging community involvement and proactive defense |
| US government rolls out national cyber workforce and education strategy | Focus on developing skilled cyber workforce | Increased investment in cyber education and training programs | Addressing the skills gap and strengthening national cybersecurity |
| White House unveils cybersecurity labeling program for smart devices | Improved security standards for IoT devices | Enhanced security and privacy protections for smart devices | Promoting consumer awareness and product security |