Introduction
As cyber threats evolve from nuisance attacks to state-sponsored warfare, nations worldwide are grappling with a fundamental question: should cyber operations be handled by existing military branches, or do they require entirely new organizational structures? Recent developments in the United States reveal the complexity of this challenge and its far-reaching implications for international security.
The debate has intensified as calls grow louder for establishing separate cyber services. The Foundation for Defense of Democracies issued a report calling for the establishment of a cyberspace force as part of the Department of the Army, just as both the U.S. Navy and U.S. Marine Corps are part of the Department of the Navy, while a new commission chaired by former commander of the Army Cyber Command LTG Ed Cardon and former House Armed Services Committee staffer Josh Stiefel is examining the implementation requirements for establishing a cyber service.
The Persistent Challenge of Cyber Readiness
Despite significant investments and attention, the U.S. Department of Defense continues to struggle with fundamental issues in developing sustainable cyber forces. ADM Michael S. Rogers, then-commander of USCYBERCOM, acknowledged in 2017 that achieving “full operational capability” was only part of the CMF’s goal. He “acknowledge[d] that the true challenge will be sustaining the readiness of the CMF and the remarkable men and women who serve within the teams”.
The challenges span four critical areas:
Training Inefficiencies: Current training pipelines are plagued by excessive length, high costs, and poor return on investment. Personnel often lack access to necessary training when they need it, while existing infrastructure proves insufficient for mission requirements.
Equipment and Infrastructure Gaps: Military leaders frequently don’t understand what cyber personnel actually need to accomplish their missions, leading to chronic underresourcing of critical capabilities.
Employment Problems: Perhaps most concerning, cyberspace forces are presented to operational units prior to being fully trained and qualified. Operational units do not have enough capacity to qualify and employ the forces presented, which impedes readiness.
Recruitment and Retention Crisis: The military struggles to attract the right talent and retain it long enough to justify training investments, competing against lucrative private sector opportunities.
Three Paths Forward: A Strategic Analysis
Recent research has identified three potential approaches to address these systemic issues, each with distinct implications for international cyber competition:
Current Approach Plus (Evolutionary Change)
This maintains the existing structure where individual military services train and equip cyber forces, with enhanced coordination through U.S. Cyber Command. While feasible and sustainable, this approach shows the lowest potential for addressing underlying problems.
Centralized Training and Career Management Model
Similar to special operations forces, this would create a unified system where personnel complete operational tours before advancing to elite cyber units. This model offers better coordination and specialized development pathways.
Separate Cyber Service (Revolutionary Change)
The most radical option involves creating an entirely new military branch focused exclusively on cyber operations. For our purposes, we focus on a smaller cyber service that would consist of the current CMF and associated support structure. This structure would include direct training and equipping for the operational forces, as well as staff to engage in DoD headquarters’ processes.
Global Implications and International Relations
The organizational decisions made by major powers like the United States will inevitably influence global cyber dynamics. Nations observing America’s struggles with cyber force development are likely drawing their own conclusions about optimal organizational structures.
Strategic Competition: Countries that successfully solve the cyber readiness puzzle first may gain significant advantages in both offensive and defensive operations. The ability to field consistently trained, well-equipped cyber forces becomes a key component of national power.
Alliance Coordination: How the U.S. structures its cyber forces will impact NATO and other alliance relationships. Coordination shortfalls—lack of coordination within DoD and with other government agencies remain a persistent challenge that extends beyond national boundaries.
Deterrence and Stability: Effective cyber forces are crucial for maintaining deterrence in cyberspace. Nations struggling with readiness issues may appear vulnerable, potentially inviting aggression from adversaries.
Recent Developments and Future Outlook
Significant changes have already begun reshaping the landscape. With the passage of the FY 2024 budget, USCYBERCOM has taken on full enhanced budgetary control for the CMF, and the position of the Assistant Secretary of Defense (ASD) for Cyber Policy—who also serves as the principal cyber adviser to the Secretary of Defense—was created and filled.
These developments represent “service-like” authority being granted to cyber-focused organizations, potentially laying groundwork for future structural changes without the disruption of creating an entirely new service.
Conclusion
The debate over cyber force organization reflects broader questions about how nations adapt their military structures to emerging domains of conflict. While the United States continues to refine its approach, other nations are undoubtedly conducting their own assessments of optimal organizational models.
Urgent calls for the establishment of a cyber service may distract or delay DoD from the work that must be accomplished, irrespective of which approach is pursued. The fundamental challenge remains the same across all nations: developing sustainable, ready cyber forces capable of operating effectively in an increasingly contested domain.
The choices made today regarding cyber force organization will shape the international security environment for decades to come. Success will be measured not just in technical capabilities, but in the ability to sustain those capabilities through effective talent management, training, and organizational structures that can adapt to rapidly evolving threats.
As this transformation unfolds, the international community watches closely. The lessons learned—both successes and failures—will influence how nations worldwide structure their own cyber capabilities, ultimately shaping the future of warfare in the digital age.
Leave a comment