March 6, 2019
We have put almost everything out there in cyberspace—personal data, intellectual property, even access to the controls of critical infrastructure. And we have been woefully deficient in defending it. With each passing day, our nation faces an onslaught of cyber threats from various adversaries, including nation states.


The good news is that the White House and the Department of Defense (DoD) both have released closely aligned cyber strategies that stress the importance of tackling these threats head-on through partnerships with our allies, the private sector, and between agencies, to “defend forward, shape the day-to-day competition, and prepare for war.”

Today, when combatant commanders plan an attack on an enemy stronghold, they know exactly what to do, including which intelligence reports to consider, where to send the ground troops, when to call in an air strike, and when to jam the enemy’s radar. But ask those same commanders to attack the enemy in cyberspace and the response is far less defined.

If we are going to defend our networks and fight back, we must develop a cyber doctrine that clearly defines what action can be taken to protect and defend the United States from cyberattack. 

The uncertainty about executing cyber warfare has frustrated Capitol Hill, which has debated how to divide the cybersecurity roles of agencies such as the Department of Homeland Security, as well as the DoD, the National Security Agency, and the Federal Bureau of Investigation (FBI). But more important than organizational issues is the lack of a defined doctrine for cyber warfare. This is hindering our ability to fight back online against digital adversaries.

The DoD strategy lays out five mission objectives that should be the framework for creating cyber doctrine:

  • Ensuring the joint military forces can achieve its mission in a contested cyberspace domain
  • Enhancing Joint Force military advantage through the integration of cyber capabilities into planning and operations
  • Deterring, preempting or defeating malicious cyber activity targeting US critical infrastructure that is likely to cause a significant cyber incident
  • Securing DoD information and systems, including non-DoD-owned networks against cyber espionage and malicious cyber activity
  • Expanding DoD cyber cooperation with allies, partners, and private sector entities


Before we can establish rules of engagement for cyber warfare, we must first establish conventions for the use of cyber weapons. Our adversaries are mounting offensive cyber operations daily and due to a lack of guidelines regarding operations in cyberspace, there is little protocol defining what the appropriate response is. Similar to the outcomes of the Geneva Convention, the world needs new international rules to protect the general public from nation state threats in cyberspace.

In addition to establishing international standards for cyber warfare, the United States needs to take another look at its internal structure. Many government entities have a stake in protecting the United States from cyber intrusion, most notably DHS, DoD, the FBI, and the NSA. Today, each organization operates under its own structure and mission—if we are going to successfully operate in cyberspace we need to better understand each other’s roles and operating parameters.

The Internet is the new battlefield and right now our adversaries are taking advantage with little consequence for their actions. If we don’t act now and develop a global, unified framework for operating in cyberspace the United States and our allies will continue to fall victim to acts of cyberwar.

Bill Leigher is the director of DoD Cyber Warfare Programs at Raytheon Intelligence Information and Services and a retired US Navy rear admiral. In the Navy, Leigher served as commanding officer of Naval Information Operations Command, deputy commander for US Fleet Cyber Command/US 10th Fleet and as Director of Warfare Integration for Information Dominance. Follow him on Twitter @BillLeigher.

RELATED CONTENT