The Commission on US Cyber Force Generation released its findings on June 1, 2026. Its significance lies not in a critique of existing arrangements but in the careful analytical work of defining what a dedicated cyber service could achieve — and what organisational, doctrinal, and strategic conditions would need to be met to realise that potential. The question the Commission addresses is not whether the current architecture has limitations. It is what the next architecture should look like.
By Vladimir Tsakanyan, PhD · Center for Cyber Diplomacy and International Security · cybercenter.space
The establishment of the United States Air Force in 1947 was among the most consequential institutional decisions in the history of American national security. Its significance lay not merely in the reorganisation of existing aviation units but in the creation of an institution whose culture, doctrine, career pathways, and strategic purpose were oriented entirely around mastery of a single warfighting domain. The result, over the decades that followed, was the development of a depth of air power theory, operational capability, and professional expertise that no service for which aviation was a secondary mission could have generated.
The Commission on US Cyber Force Generation, a joint ten-month effort from the Center for Strategic and International Studies and the Foundation for Defense of Democracies, published its findings on June 1, 2026. Its formal public launch at CSIS on June 3 marks a significant moment in what has become one of the most consequential defence policy debates of the current era. The Commission’s work addresses a question whose implications extend well beyond organisational structure: whether the United States military can generate, at scale and with appropriate depth, the cyber warfighting capability that the strategic environment of 2026 demands — and what institutional architecture would best position it to do so.
The answer the Commission develops points toward the potential of a dedicated cyber service as a transformative institutional development — one whose benefits would extend from domestic military readiness to allied interoperability, international deterrence credibility, and the governance of the most contested domain in contemporary security.
The Strategic Opportunity
The case for a dedicated US Cyber Force begins with an assessment of what the domain requires that existing institutional arrangements are not optimally positioned to provide — and what a purpose-built institution could achieve that distributed ownership across existing services cannot.
Cyber warfighting demands a professional depth that develops most fully when a domain is someone’s primary institutional mission. The doctrinal development, the career pathway design, the training architecture, the professional culture, and the budget advocacy that produce genuine domain mastery are most effectively generated by an institution for which that domain is its entire reason for existence. The Air Force did not develop its depth of air power doctrine by being a secondary function within the Army. The Marine Corps did not develop its amphibious warfare expertise by being an afterthought to naval strategy. Domain mastery, historically, has followed institutional primacy.
A dedicated Cyber Force would create, for the first time, an institution whose promotion systems reward cyber excellence, whose training pipelines are calibrated to cyber domain requirements, whose cultural identity is built around cyber warfighting proficiency, and whose budgetary advocacy is oriented entirely toward cyber capability development. The aggregate effect of these institutional conditions — replicated across a career spanning decades for hundreds of thousands of service members — is the development of a professional depth and doctrinal sophistication that the current distributed model is not structurally positioned to generate at equivalent scale.
The Commission’s co-director, Lauryn Williams of CSIS, has described the initiative as addressing the foundational questions of how an independent cyber service would be organised, what its core functions would be, what roles and responsibilities it would hold, and what authorities it would require. These are the questions that the 1947 architects of the Air Force had to answer — and whose answers shaped the institutional character of American air power for generations. The Commission is engaged in precisely this foundational work for the cyber domain.
Analyst note
The timing of the Commission’s findings is significant. The FY2025 National Defense Authorization Act directed the National Academies of Sciences, Engineering, and Medicine to assess whether cyberspace requires an independent military service — a formal congressional mandate that reflects the elevation of the Cyber Force question from think-tank debate to legislative priority. The Commission’s role is complementary and specifically practical: not to litigate the decision but to develop the implementation framework that any positive decision would require. The combination of the National Academies’ formal assessment and the Commission’s implementation analysis provides the policy architecture that the administration and Congress would need to move from decision to institution with appropriate deliberateness and minimal delay.
The Talent Pipeline and Its Potential
The most substantive contribution of a dedicated Cyber Force to American strategic capability lies in its potential to fundamentally reshape the relationship between the military and the nation’s cyber talent.
The United States possesses the world’s deepest pool of technical talent in software engineering, network security, artificial intelligence, and the adjacent disciplines that underpin advanced cyber capability. This talent is concentrated overwhelmingly in the civilian technology sector, for reasons that reflect the incentive architecture of the current moment. A dedicated Cyber Force would have the institutional mandate — and the structural flexibility — to develop recruitment, compensation, and career pathway models specifically designed to engage this talent pool in ways that existing service structures are not optimally designed to do.
The Air Force’s experience offers an instructive precedent. Aviation attracted a specific category of technically oriented, risk-accepting, mission-focused professional. The Air Force developed an institutional culture, a career pathway, and a professional identity that made military service genuinely competitive with civilian alternatives for exactly this population — not on the basis of matching commercial compensation but on the basis of mission significance, peer community, and the depth of professional development that only a primary-mission institution can provide. A Cyber Force would have the opportunity to develop an equivalent proposition for the technically oriented professionals whose skills are most relevant to the cyber domain.
The reserve and civilian component opportunities are equally significant. A dedicated Cyber Force with the mandate to develop innovative talent models could create pathways for technical professionals to contribute to national cyber capability without the full requirements of active duty service — pathways that bridge the civilian technology sector and the military cyber mission in ways that the current structure does not comprehensively support. The National Guard and Reserve components have demonstrated, in the cyber context, that significant civilian cyber expertise can be mobilised for national security purposes through appropriate institutional arrangements. A Cyber Force would provide the primary institutional home that could develop these arrangements at the scale the strategic environment requires.
The Doctrinal Development Potential
Beyond the talent question, a dedicated Cyber Force offers the prospect of doctrinal development at a depth and sophistication that distributed ownership across existing services has not yet produced.
Cyber warfare doctrine — the principles, concepts, and operational frameworks that guide how cyber capabilities are developed, integrated, and employed — is still developing compared to the mature doctrines of the land, sea, air, and space domains. This is partly a function of the domain’s relative youth. It is also a function of the institutional conditions under which doctrine develops. Mature military doctrine is the product of sustained intellectual effort by communities of practice whose primary professional identity is organised around a single domain — communities that invest careers in operational analysis, lessons learned, theoretical development, and the adversarial testing of concepts against real-world experience.
The existing services have produced sophisticated doctrines for their primary domains through exactly this kind of sustained institutional investment. The cyber domain has not yet had the benefit of an institution for which it is the primary domain — an institution that would develop the career-long investment in cyber doctrinal thinking that the Air Force developed for air power and the Marine Corps developed for amphibious warfare.
A Cyber Force would create the institutional conditions for this doctrinal investment to occur. Its war colleges, its professional military education system, its operational analysis functions, and its lessons-learned architecture would all be oriented toward advancing understanding of the cyber domain — its strategic logic, its operational principles, its integration with other domains, and its evolution in response to technological change. The result, over time, would be a depth of cyber warfighting doctrine that the current distributed model is not positioned to generate at equivalent quality or pace.
International Dimensions and Alliance Opportunities
The establishment of a dedicated US Cyber Force would carry significant implications for the allied cyber architecture — implications that are best understood as opportunities rather than complications, provided the transition is managed with appropriate attention to interoperability.
Allied governments are navigating the same foundational questions about cyber force structure, talent generation, and doctrinal development that the Commission is addressing for the United States. The United Kingdom, Australia, and Canada — the Five Eyes partners most deeply integrated into US cyber operations — each maintain cyber commands whose development has been influenced by, and coordinated with, the evolution of US military cyber capability. A US Cyber Force, as a dedicated institutional peer for allied cyber commands, would provide a more coherent and authoritative interlocutor for allied cyber coordination than the current distributed arrangement across existing services.
The NATO dimension is equally significant. NATO’s establishment of the Space Centre of Excellence in Toulouse and the evolving framework for space and cyber domain coordination within the alliance reflects a recognition that dedicated institutional frameworks for new domains strengthen collective capability. A US Cyber Force, as the primary military institution of the alliance’s most capable cyber power, would provide the anchor for a NATO cyber institutional architecture whose development has been constrained by the absence of a dedicated US counterpart.
The international deterrence dimension deserves specific attention. The credibility of cyber deterrence — the capacity to persuade adversaries that offensive cyber operations carry consequences that exceed their benefits — is enhanced by the visible investment in dedicated capability development that a separate service represents. China’s establishment of the Strategic Support Force in 2016, and its subsequent evolution into the Information Support Force, reflected a strategic judgment that dedicated institutional investment in cyber, space, and information capabilities generates a deterrence signal that distributed capability within existing services does not. The creation of a US Cyber Force would represent an equivalent signal of strategic commitment to the domain — one that is assessed, with the seriousness appropriate to institutional investment, by the adversaries that US cyber deterrence is designed to influence.
Analyst note
The China experience with integrated cyber and information force structure offers analytical lessons that the Commission has identified as relevant reference material. China has, in the assessment of CSIS’s Strategic Technologies Program, developed a cyber ecosystem whose sophistication, scale, and strategic integration now rivals the United States in several dimensions. The institutional investment that produced this outcome — a decade of dedicated organisational development oriented around cyber and information domain mastery — is precisely the kind of sustained commitment that a US Cyber Force would enable. The comparison is instructive not as an argument from competitive anxiety but as a demonstration of what dedicated institutional investment in a domain can achieve over a sustained period, and what the United States military’s own sustained institutional investment could produce.
The Implementation Framework
The Commission’s contribution is most precisely understood as a practical implementation framework — the analytical foundation that any decision to establish a Cyber Force would require in order to move from concept to institution with appropriate deliberateness and without unnecessary delay.
The foundational questions the Commission addresses — organisational structure, core functions, roles and responsibilities, and necessary authorities — are the questions whose answers determine whether an organisational decision translates into an effective institution or into years of implementation friction. The Air Force’s establishment benefited from the analytical groundwork laid by advocates and planners who had thought carefully about what an independent air service would need to be organisationally to fulfil its strategic potential. The Commission is performing equivalent work for the cyber domain.
The Commission’s engagement with current and former government officials, independent experts, industry representatives, and civil society reflects an understanding that the institutional design of a Cyber Force cannot be developed in isolation from the broader ecosystem in which it would operate. The relationship between a Cyber Force and the civilian technology sector — the primary source of cyber talent and the environment in which most cyber capability development occurs — requires institutional design choices that take the civilian sector’s characteristics into account. The relationship between a Cyber Force and the intelligence community — which maintains the most mature institutional cyber capabilities in the US government — requires careful delineation of authorities and coordination mechanisms. The relationship between a Cyber Force and the existing military services — which would retain significant cyber roles even after a dedicated service was established — requires interoperability architecture whose development begins in the planning phase, not after the organisational decision has been made.
The Commission’s report, directed at the administration and the Pentagon, provides this foundational analytical framework. Its June 3 public launch at CSIS marks the beginning of a policy engagement process whose outcome will shape the institutional character of American military cyber capability for the decades ahead.
The Strategic Horizon
The decision to establish a dedicated US Cyber Force, if and when it is made, will be evaluated against the strategic environment of the moment. The environment of 2026 — characterised by state-sponsored cyber operations of sustained sophistication, by the integration of AI into offensive cyber capability, by the pre-positioning of adversary presence in critical infrastructure, and by the accelerating development of autonomous cyber agent technology — provides the strategic context within which the Commission’s findings should be read.
The strategic horizon that a Cyber Force would be designed for extends well beyond the immediate threat environment. An institution established in 2026 or 2027 would be developing its doctrinal depth, building its talent pipeline, and maturing its operational architecture through the 2030s and into the 2040s — a period in which quantum computing will have materially altered the cryptographic foundation of digital security, in which AI agents will have transformed the speed and scale of cyber operations, and in which the integration of cyber effects with space, electronic warfare, and information operations will have become the standard architecture of great power competition.
An institution designed for this horizon — one that develops its professional culture, doctrinal framework, and talent architecture in anticipation of the environment it will operate in rather than in response to the environment of its founding — would represent the kind of forward-oriented institutional investment that has characterised America’s most consequential national security decisions. The Air Force was not designed for the air war of the 1940s. It was designed for the strategic competition of the subsequent half century. A Cyber Force designed with equivalent strategic foresight would be one of the most consequential institutional investments of the current generation.
Bottom Line Assessment
The Commission on US Cyber Force Generation has produced a body of work whose significance will be assessed over years rather than weeks. Its immediate contribution is the provision of a credible, practically grounded implementation framework for a decision whose strategic importance has been widely acknowledged and whose institutional complexity has too often been cited as a reason for delay rather than as a challenge to be deliberately addressed.
The perspectives that the Commission’s findings open are substantive and forward-looking. A dedicated Cyber Force offers the prospect of a talent pipeline calibrated to the cyber domain’s specific requirements, a doctrinal architecture developed by an institution for which cyber is the primary professional mission, an international interoperability framework anchored by a dedicated US institutional counterpart, and a deterrence signal commensurate with the strategic importance of the domain.
These are not certainties. They are institutional possibilities that the design decisions of the next several years will determine. The Commission’s work provides the analytical foundation for those decisions to be made well — with the deliberateness, the practical specificity, and the strategic foresight that the establishment of a new military service demands and that the cyber domain’s strategic significance deserves.
The Air Force was built for a strategic competition that lasted half a century. The institution being contemplated now would be built for one whose duration and intensity suggest it will define the security environment for at least as long.
US Cyber Force · CSIS Commission · Military Doctrine · Cyber Warfighting · Force Generation · Allied Cyber · NATO · Strategic Competition · Deterrence · Institutional Reform · Vladimir Tsakanyan
Leave a comment