Achieve and Maintain Cyberspace Superiority: Command Vision for US Cyber Command
US Cyber Command (USCYBERCOM)
Our purpose is to achieve cyberspace superiority by seizing and maintaining the tactical and operational initiative in cyberspace, culminating in strategic advantage over adversaries. Our efforts will increase our freedom of maneuver, create friction for adversaries, and cause them to shift resources to defense. We will erode their belief that hostile activities in cyberspace against the United States and its allies are advantageous. We will meet the 2018 National Defense Strategy’s mandate to hold adversaries accountable for cyber-attacks
Plan submitted by:
Imperatives ~ The following imperatives support this guidance. Our imperatives are mutually supporting, with success in one enhancing success in the others. They dictate what we must do in order to retain the initiative in cyberspace. Attaining and sustaining these imperatives creates uncertainty for our adversaries and makes them hesitate to confront the United States. We must identify obstacles to achieving our goals, develop and implement plans to overcome those obstacles, and establish meaningful metrics to gauge our progress.
Achieve and maintain superiority in the cyberspace domain to influence adversary behavior, deliver strategic and operational advantages for the Joint Force, and defend and advance our national interests.
To achieve cyberspace superiority by seizing and maintaining the tactical and operational initiative in cyberspace, culminating in strategic advantage over adversaries.
The second risk is diplomatic. We recognize that adversaries already condemn US efforts to defend our interests and allies as aggressive, and we expect they will similarly seek to portray our strategy as “militarizing” the cyberspace domain. The Command makes no apologies for defending US interests as directed by the President through the Secretary of Defense in a domain already militarized by our adversaries.
The USCYBERCOM Chief of Staff will oversee the assessment function, and all campaign plan assessments are to be reported to the USCYBERCOM Commander.
We are risk aware, not risk averse. | Risk Mitigation ~ The approach described in this document entails two primary risks.
The FCP-CO is a living document requiring regular updates to reflect changes in priorities, doctrine, capabilities, and the operating environment.
The first concerns the employment of a high-demand, low-density maneuver force. The prioritization of highly capable states and violent extremists means the Command will devote comparatively fewer resources and less attention to other cyber actors. The Command will seek to mitigate this risk indirectly by increasing resiliency in DOD systems against all threats in order to render most malicious activity inconsequential, and directly by sharing intelligence and operational leads with partners in law enforcement, homeland security (at the federal and state levels), and the Intelligence Community.
We champion integrated, scalable solutions.
Each Service cyber component, Joint Force headquarters, and staff directorate should embrace this guidance, communicate it to the workforce, work to implement it, and ensure all personnel understand their role and functions—all the while providing direct feedback on the effectiveness of its execution.
We empower our workforce.
Mitigation of these primary risks will occur in parallel with the Command’s assumption of unified combatant command status and, if directed, its conditions-based approach to termination of the current dual-hat command relationship with the NSA.
WE SUSTAIN STRATEGIC ADVANTAGE BY INCREASING RESILIENCY, DEFENDING FORWARD, AND CONTINUOUSLY ENGAGING OUR ADVERSARIES.
We are one cyber enterprise.
THE FOLLOWING PRINCIPLES GUIDE US CYBER COMMAND
We will also explain to oversight entities and the public the nature of threats in cyberspace, the threatening conduct of our adversaries, the limitations of passive defenses, and our scrupulous regard for civil liberties and privacy.
The FCP-CO Assessment is the process for assessing implementation, and for discovering, validating, and approving changes to drive continuous improvement.
To the maximum extent possible, we will operate in concert with allies and coalition partners.
Implementation ~ This guidance informs our operations, structure, and resource requirements. The Functional Campaign Plan for Cyberspace operations (FCP-CO) constitutes the implementation plan for this guidance.
We compete by employing a long-term, campaign mindset.
The key to success is execution, and everyone has a part in this effort.
WE WILL OPERATE SEAMLESSLY, GLOBALLY, AND CONTINUOUSLY.
Regardless of whether, when, or how the “dual hat” terminates, however, we will adopt a comprehensive risk management approach to maintain synergy between operational objectives and the intelligence required to inform and sustain effective cyberspace operations.
Goal Statement: Achieve and sustain overmatch of adversary capabilities.
- Scalability & Transfer
Goal Statement: Create cyberspace advantages to enhance operations in all domains.
- Plans & Operations
- Preparation & Execution
Information & Impact
Goal Statement: Create information advantages to support operational outcomes and achieve strategic impact.
- Capabilities & Products
- Unification & Motivation
Goal Statement: Operationalize the battlespace for agile and responsive maneuver.
- Speed & Agility
Goal Statement: Expand, deepen, and operationalize partnerships.
- Talents, Expertise & Products