The SolarWinds incident spurred a flurry of debates about whether the U.S. Department of Defense’s 2018 “defend forward” strategy should, or could, have prevented the calamity. Putting aside that the Russian operation was cyber espionage—stealing data rather than denying, disrupting, degrading, or destroying systems—some of these arguments reflected an idea that the United States should defend forward or “persistently engage” everywhere, all the time.

However, this idea is not only unrealistic, with resource constraints (in personnel, target information, access to adversary networks, organizational capacity, etc.) limiting the collective reach of U.S. cyber operations at any given time; it also ignores the concept of points of leverage in the broader internet ecosystem.

Related Experts: Trey Herr and Justin Sherman