The IT Law Wiki


Department of Defense Strategy for Operating in Cyberspace (July 14, 2011) (full-text).



This document sets forth the DoD's unified strategy for cyberspace and officially encapsulates a new way forward for DoD’s military, intelligence and business operations.

DoD is particularly concerned with three areas of potential adversarial activity: theft or exploitation of data; disruption or denial of access or service that affects the availability of networks, information, or network-enabled resources; and destructive action including corruption, manipulation, or direct activity that threatens to destroy or degrade networks or connected systems.

This strategy does not specifically target cybercrime threats — though it notes that "[t]he tools and techniques developed by cyber criminals are increasing in sophistication at an incredible rate"[1] — and instead addresses cybersecurity on the whole.

The documents sets forth five strategic initiatives:

  • Strategic Initiative 1: DoD will treat cyberspace as an operational domain to organize, train, and equip so that DoD can take full advantage of cyberspace’s potential.
  • Strategic Initiative 2: DoD will employ new defense operating concepts to protect DoD networks and systems.
  • Strategic Initiative 3: DoD will partner with other U.S. government departments and agencies and the private sector to enable a whole-of-government cybersecurity strategy.
  • Strategic Initiative 4: DoD will build robust relationships with U.S. allies and international partners to strengthen collective cybersecurity.
  • Strategic Initiative 5: DoD will leverage the nation’s ingenuity through an exceptional cyber workforce and rapid technological innovation.


  1. Id. at 3.