Research Questions What does integrated deterrence mean for CYBERCOM? What is the current U.S. approach to cyberspace operations? How should the United States posture its cyberspace forces in the cyber domain to address the strategic challenges posed by China?
The 2022 National Defense Strategy calls for “integrated deterrence” in how the United States postures its cyberspace forces to address the strategic challenges posed by revisionist powers—in this case China. An integrated deterrence strategy entails combining cyber operations with other warfighting domains to reduce a competitor's perceptions of the net benefits of aggression relative to restraints. Such a strategy also represents a departure from the current U.S. Cyber Command (CYBERCOM) focus on technical operations in the cyber domain.
The authors begin with an examination of various theories of international relations to highlight a variety of views on U.S.-China competition. They then apply the concept of selective overmatch to reevaluate current U.S. cyber operations in light of competition and possible conflict with China. Because the United States cannot maintain superiority in all aspects of cyber operations equally, it must selectively create advantage over China by targeting influence points—elements of the adversary's political, economic, or societal strength—that will most likely achieve U.S. objectives. By identifying the key influence points for China and the United States and the actions that might be taken against them, the authors explore selective overmatch as a framework for categorizing and assessing vulnerabilities in the Chinese and U.S. cyber domains, as well as for expanding the capabilities of cyber operations, integrating deterrence, and sustaining U.S. primacy. Selective overmatch, properly understood and applied, can provide a roadmap for CYBERCOM's future operations.
Key Findings At present, CYBERCOM works under a strategy of “defend forward” and the operational concept of “persistent engagement” While useful and necessary as a proactive and agile approach to cybersecurity, these concepts have limited success. To address challenges from revisionist powers such as China, enhanced cyber capabilities that integrate across domains have to be brought to bear. Selective overmatch is a complementary operational concept that can provide a roadmap to CYBERCOM's future operations Selective overmatch complements the doctrine of persistent engagement, selectively creating advantage over China by targeting influence points. Selective overmatch identifies categories of targets to be attacked or defended and evaluates what should be done against specific priority influence points. Selective overmatch and concomitant integrated, integral, extended, and expanded (I2E2) cyber capabilities offer more effective options against each influence point. Properly employed, selective overmatch and enhanced cyber capabilities would allow CYBERCOM to realistically assess what missions to pursue and what missions to delay, transfer, or abandon. Selective overmatch would require a fundamental reexamination of cyber force structure, operational relationships, and planning Changes in policy at the department level would be required. Changes may be required in how a military service organizes, trains, equips, and presents cyberspace and other forces.
Recommendations In the near term, USCYBERCOM should test the selective overmatch concept in wargames and tabletop exercises to evaluate how well it meets strategic and operational objectives. In the medium term (i.e., starting in fiscal year 2024) and in partnership with the services, USCYBERCOM should undertake experiments with I2E2 cyber capabilities to demonstrate how to make the concept real in an operational environment and bring all these enhanced capabilities to bear in all cyber operational postures against all assigned influence points. Longer term, USCYBERCOM should work with the other combatant commands, the services, the Joint Staff, and the Office of the Secretary of Defense to revise force structure to organize, train, equip, and present integrated cyberspace forces. Revisions in operational relationships are part of the roadmap from wargame to experiments to implementation.
Table of Contents Chapter One
Introduction
Chapter Two
The Application of International Relations Theory to Competition and Conflict in Cyberspace
Chapter Three
Current U.S. Approach to Cyberspace Operations
Chapter Four
Creating Selective Overmatch in Cyberspace
Chapter Five
Identifying Chinese Influence Points and Actions to Affect Them
Chapter Six
Defending U.S. Influence Points
Chapter Seven
Conclusion and Recommendations
Research conducted by RAND National Security Research Division
This research was sponsored by U.S. CYBERCOM and conducted within the International Security and Defense Policy Program of the RAND National Security Research Division.
This report is part of the RAND Corporation Research report series. RAND reports present research findings and objective analysis that address the challenges facing the public and private sectors. All RAND reports undergo rigorous peer review to ensure high standards for research quality and objectivity.
This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited; linking directly to this product page is encouraged. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial purposes. For information on reprint and reuse permissions, please visit www.rand.org/pubs/permissions.
The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.