The future of US security depends on owning the ‘gray zone.’ Biden must get it right.

Conventional military superiority once guaranteed the security of the United States and its allies—but no more. Adversaries like Russia and China have learned that if they cannot compete with the United States conventionally, they can undermine US security in the cyber, economic, and information domains through offensive activities in the “gray zone,” or the space between peace (or cooperation) and war (or armed conflict).

After decades of relying on its conventional power, the United States lacks a comprehensive strategy to align gray-zone activities with the national goals it aims to achieve. More complicated still, this term is ill-defined—if even acknowledged—in US and allied strategies, creating an obstacle to further dialogue and policy action. Current efforts are uncoordinated across the executive branch and relevant stakeholders, and the desired end state is unclear. 

The Biden administration, for its part, acknowledges the strategic imperative to effectively compete in the gray zone with concepts like integrated deterrence, which is aimed at integrating all instruments of power “across the spectrum of conflict.” Now, the forthcoming National Security Strategy (NSS), National Defense Strategy (NDS), and Quadrennial Homeland Security Review (QHSR) provide an opportunity to unite national efforts to deal with these nonmilitary security challenges.

But those documents must articulate how acting in the gray zone will advance national objectives, and how US government entities can better coordinate to deter aggression in nonmilitary spaces.

Adversaries at work

China and Russia have long integrated gray-zone operations into their strategies. 

In 1999, for example, two Chinese military strategists penned a paper called “Unrestricted Warfare,” proposing the continuous use of nonmilitary operations to compensate for US military superiority. That was followed in 2003 by “The Three Warfares,” which zeroes in on information-related warfare using psychological, public opinion, and legal means. And in what has been described as the Gerasimov Doctrine, Russia fuses military and non-military means to spur chaos. This was on display before and during Moscow’s invasion of Ukraine, when Russian hackers targeted Ukrainian government and private sites with malware and distributed denial-of-service attacks.

It is important to note the different approaches and goals of the United States’ two main adversaries in the gray zone: While China hopes to make the world safer for its brand of authoritarianism, Russia aims to weaken NATO and command its former Soviet “near abroad.” 

Yet both routinely leverage many forms of statecraft to undermine the rules-based international order, setting the tone for future contestation in the gray zone. These activities directly and intentionally strike pressure points within the target state’s society and across their alliances. When Moscow meddled in the 2016 US election, for example, it exploited fault lines in American democracy; and when nations adopt Huawei 5G, they compromise their own physical and digital infrastructure. 

More broadly, the gray zone blurs the otherwise clear-cut distinction between threats at home and abroad, underscoring the reality that the homeland is no longer a sanctuary—at least in non-physical spaces such as the cyber and information domains. While the United States’ geographic location has proved historically advantageous—bordered by allies and flanked by international waters that protect it from attack—digital and physical infrastructure advancements and enhanced global connectivity have rendered these barriers obsolete when attacked by non-physical means. 

Gray zone attacks can (and have) challenged international stability while simultaneously hitting closer to home, exploiting societal cleavages and domestic vulnerabilities. If the United States continues to view homeland defense and global interests separately, it leaves a blind spot for competitors to exploit.

Coordinate to win

With the Biden administration set to publish the unclassified versions of its NSS, NDS, and QHSR—the strategic documents that will guide US government policy for the next few years—now is the time to coordinate national gray-zone activities across agencies. The devil, however, is in the details: The executive branch must clearly articulate the objectives of its gray-zone and counter-gray-zone activity and how this fits within broader national-security goals (as well as identifying who has authority over what).

The 2021 Interim National Strategic Guidance, a prelude to the NSS, recognizes a need to “develop capabilities to better compete and deter gray zone actions” within the defense budget. Additionally, the Department of Defense’s (DoD) newly released fact sheet, which previews the 2022 NDS, calls for unified action across “the spectrum of conflict” and the need to leverage “other instruments of U.S. national power.” 

The administration’s attention to non-military tools provides a viable starting point for deliberate coordination in the gray zone, embracing the changing character of warfare and the need to compete off the physical battlefield. But coordination across US departments is critical to responding to threats in the gray zone, and the seemingly disjointed drafting of forthcoming strategies—including Biden’s NSS, NDS, and QHSR—represents a missed opportunity for doing so.

Following the 9/11 attacks, the United States recognized the need to unify fragmented intelligence and counterterrorism functions to deal with the violent extremist threat. Today, it faces a similarly fragmented picture of gray-zone threats that, if left unresolved, could create critical security gaps. The United States cannot wait for a crippling cyberattack or a pronounced disinformation campaign before laying the groundwork for coordination. Many US agencies and departments have authorities in the gray zone: DoD houses offensive unconventional military and cyber capabilities, while the Intelligence Community possesses a nuanced picture of the threat environment. The Department of Homeland Security harnesses regulatory abilities, the Department of State houses diplomatic tools, and the departments of Commerce and Treasury wield sanctioning authority. 

But to align efforts and goals, an official coordination mechanism is required. This authority should sit within the National Security Council and be tasked with managing gray-zone activity across the executive branch. This includes responsibility for pulling together information from—and promoting intelligence-sharing across—disparate US agencies, yielding a holistic intelligence picture, and centralizing command and control. Moreover, the coordinating mechanism should include military and civilian decision-making authority to respond to gray-zone threats and be trusted with evaluating US efforts.

The US government must better define who does what, when, and how—lest it fail to provide the comprehensive response needed to thwart malign activity in the gray zone. A changing security landscape requires the United States to radically rethink its competition with Russia and China. National strategies like the NSS, NDS, and QHSR are the right places to start—but gray-zone conflict is a whole-of-nation problem, and the United States’ ability to prevail will hinge on coordinating and executing a whole-of-nation response.

Clementine G. Starling is a resident fellow and deputy director of the Forward Defense practice at the Atlantic Council’s Scowcroft Center for Strategy and Security.

Julia Siegel is a program assistant with Forward Defense.

Further reading

Image: A man is reflected in a monitor as he takes part in a training session at Cybergym, a cyber-warfare training facility backed by the Israel Electric Corporation, at their training center in Hadera, Israel, on July 8, 2019. Photo by Ronen Zvulun/File Photo/REUTERS