April 1, 2026

Mapping Communication Hijacking in the Asia-Pacific: Data-Driven Insights into Disinformation Networks

This study investigates "communication hijacking"—the strategic co-option and redirection of online discourse—by PRC-sponsored actors within the Asia-Pacific information environment. Using a novel seven-level framework (Persona, Hashtag, Media, Narrative, Campaign, Brand, and Newsjacking), the research categorizes diverse influence activities, including efforts to diminish organizational or individual reputation and exploit real-time media events. Through a multi-lingual, open-source analysis of data from 2021 to 2024, the study identifies specific hijacking cases that utilize coordinated inauthentic behavior (CIB) and synthetic amplification. While finding a preference for creating inauthentic news outlets over direct media hijacking, the research reveals that PRC-sponsored operations use persona-level attacks to target dissidents whereas campaign-level efforts focus on broader objectives like electoral interference. By mapping these tactics, the study provides a taxonomic foundation for communication practitioners in business, government, and the military—particularly those engaged in cognitive warfare and military Operations in the Information Environment (OIE)—to better understand and detect the evolution of digital interference and disinformation practices.

April 1, 2026

David’s Sling, Goliath’s Bill: The Economics of Drone Defense - A Layered Defense Framework

Drones have emerged as a dominant weapon system and force enabler on the modern battlefield. From reconnaissance to resupply to precision strike, drones have fundamentally reshaped how wars are fought. One of the most pressing challenges they pose is a persistent cost asymmetry: defending against low-cost unmanned aerial systems (UAS) is often far more expensive than deploying them. Despite advances in counter-drone technologies, kinetic munitions remain the most reliable means of neutralization. However, the cost of these defenses frequently exceeds the value of the drones they destroy. This paper examines the economic dynamics of contemporary drone warfare and proposes the Resilient Adaptive Multi-layered Protective Air Response Technology (RAMPART) framework, a decision-support model designed to optimize cost-effective counter-UAS strategies. Building on principles of layered air defense and informed by analysis of recent conflicts, the framework introduces the adjusted defense cost fraction (aDCF), a formal metric that integrates defender costs, adversary costs, and the value of protected assets to guide engagement decisions. The model enables a least-cost-first approach, dynamically prioritizing electronic warfare, directed energy, interceptor drones, and kinetic systems based on operational conditions. By formalizing the economic logic of counter-drone engagements, RAMPART provides a scalable analytical tool for improving resource allocation, enhancing operational sustainability, and informing both tactical decision-making and future force design in increasingly contested environments.

March 26, 2026

The Offense Death Cycle: Proactive Environmental Control as a Method of Persistent Cyber Defense

Modern defensive frameworks such as the Cyber Kill Chain, ATT&CK, and D3FEND focus on cataloguing and countering the tactics, techniques, and procedures (TTP) of cyber attackers. While invaluable for incident response, these models remain tactically reactive. In persistent competition, however, Advanced Persistent Threat (APT) attackers and defenders operate in continuous contact within the same contested environment, which renders reactive defensive approaches incomplete. This commentary argues that enduring cyber defense against persistent attackers emerges not from proper reaction but from controlling the environment that the attacker depends on. Building upon Fischerkeller, Goldman and Harknett’s Cyber Persistence Theory (CPT), Monte’s Network Attacks and Exploitation, and Smeets’s PETIO framework, and informed by the author’s operational experience, it proposes the Offense Death Cycle (ODC) – a field-informed operational concept for defensive persistence. The ODC translates strategic persistence into a practical loop of intelligence, induced friction, and anticipation, enabling defenders to transform home-field advantage into a source of initiative and to exhaust APTs through executing proactive environmental control.

March 24, 2026

Digital Force Protection for Expeditionary Land Forces: An Early-Warning Framework for Mission Command Resilience

Digital force protection (DFP) is increasingly a survivability requirement for expeditionary land forces because adversaries can generate operational effects without penetrating classified systems. Exploitation can occur through enabling infrastructure, metadata, and traffic analysis, coalition seams, and commercially available data that makes units and patterns of life observable and correlatable at scale. This commentary proposes a practical early-warning framework that links shifts in strategic competition to measurable geopolitical indicators and observable pressure in the information environment. It then translates those signals into tiered posture adjustments for communications resilience, reduction of digital and commercial observability, and management of mission-partner dependencies. The approach emphasizes explainability and repeatability for commander decision-making under tempo, using transparent indicator families rather than attribution or predictive certainty. The central contribution is a decision-focused method for acting earlier and more deliberately as conditions deteriorate, treating cyberspace defense as force protection and mission assurance rather than a narrow information technology compliance function.

March 19, 2026

Protecting Energy Systems for Power Projection: The Promise and Peril of AI for Cyber Early Warning Systems

Military power projection depends on resilient energy infrastructure, yet the grids supporting the United States and allied forces are increasingly vulnerable to cyberattacks. This article examines how intrusions against national power systems and on-base microgrids threaten operational continuity. Through illustrative case studies of Germany, Japan, and the United States, it identifies recurring weaknesses in both legacy and modern grid architectures and demonstrates the insufficiency of current defensive measures. As a solution, the paper evaluates the use of Large Language Models (LLMs) for a more adaptive cyber early warning system (CEWS). Drawing on experiments from the NATO Systems Analysis and Studies (SAS-183) project, it presents findings from tests using LLMs to analyze real-world energy-system data. The results confirm that Artificial Intelligence (AI) can significantly improve anomaly detection and threat contextualization. However, the article cautions that without secure, human-supervised architectures, these same systems introduce risks of high-consequence false positives and adversarial manipulation. Ultimately, this research concludes that AI enhances energy resilience only when its computational speed is balanced by disciplined human judgment.

March 17, 2026

Trust After the Fight: Long-Horizon Cyber Risk in Occupational and Environmental Health Surveillance

Cyber defense literature has focused primarily on threats measured within operational timeframes, such as data breaches, system outages, and denial-of-service attacks. This commentary identifies a distinct failure mode that operates on a longer horizon. Occupational and environmental health surveillance exists to document potential exposures during military operations and preserve information for health risk assessments that may not occur for years or decades afterwards. As the U.S. military transitions toward data-centric, mesh-based operational architectures optimized for speed and decision advantage, surveillance data increasingly depends on information systems designed for near-term utility rather than long-horizon accountability. This mismatch introduces vulnerabilities not through data compromise, but through erosion of data provenance, contextual fidelity, and analytic explainability. These are epistemic failure modes distinct from the traditional confidentiality, integrity, and availability triad. Drawing on the author's experience as a deployed medical detachment commander and subsequent engagement with veteran exposure accountability, this commentary examines occupational and environmental health surveillance as a case study in long-horizon cyber risk. It argues that preserving defensible uncertainty, the documented and bounded acknowledgment of what is known and what cannot be resolved, is an emerging obligation for cyber architects and data engineers. The commentary does not propose system redesigns or technical prescriptions. It reframes occupational and environmental health surveillance as a nontraditional but revealing cyber-reliant mission set and argues that the credibility of future institutions will depend in part on cyber design decisions made today.

March 13, 2026

Why Alignment Matters: Cyber Capabilities and Military Operational Schemes in All-Domain Operations

Cyber capabilities and operations properly aligned to a military’s operational scheme can provide commanders with additional ways to prevail in armed conflict. Leveraging the potential operational impact of cyber capabilities in all-domain operations requires policymakers and contingency planners to adopt an operational scheme framework as a first step. A military operational scheme indicates how a state plans to fight. The impact of various conventional military capabilities varies across such schemes as blitzkrieg, limited aims, attrition, and insurgency. The same holds for cyber means. When planning beforehand and assessing afterwards, alignment with an operational scheme is a key variable. Cyber capabilities and operations are not one-size-fits-all. This article offers a framework and illuminates the importance of alignment or misalignment with a brief examination of how Russia employed cyber operations in Ukraine from 2015 through the opening weeks of its 2022 full-scale invasion. We conclude that poor alignment of cyber capabilities with Russia’s warfighting scheme limited the operational impact of cyber means.

Feb. 20, 2026

Toward Integrated Persistence: A Comparative Study of U.S., Australian, and Japanese Military Cyber Policy through Cyber Persistence Theory

This article analyzes the military cyber policies of the United States and its critical Indo-Pacific allies, Australia and Japan, through the lens of Cyber Persistence Theory (CPT), a framework that has increasingly informed U.S. military cyber operations. It examines the extent to which these three countries have aligned, or not, their military cyber laws and policies with CPT principles. To do so, the article synthesizes the core tenets of CPT into a parsimonious policy analysis framework and applies it comparatively to recent cyber legislation and policy documents in the United States, Australia, and Japan. The analysis shows that, across all three cases, momentum and scale remain underdeveloped, despite more uneven progress on other CPT criteria. U.S. and Australian cyber forces are generally empowered to seize operational initiative, while Japanese cyber forces, despite significant recent legislative reforms, remain more constrained in practice. The U.S. has articulated cyberspace as a distinct military domain at the doctrinal level, whereas Australia and Japan continue to embed cyber operations primarily within conventional deterrence and kinetic domain frameworks. The article concludes by critically assessing current U.S. approaches to allied cyber operations in the Indo-Pacific. It proposes the concept of ‘integrated persistence’ as a policy-level alternative to integrated deterrence, aimed at strengthening CPT-consistent coordination across allied defense systems.

Jan. 27, 2026

Why Culture Matters: Organizational Culture and Force Generation for the Cyber Domain

Public discourse about the potential for a new organization, a United States Cyber Force, reflects a growing consensus that significant organizational change is required to meet the U.S. military’s current and future challenges in cyberspace. However, much of the discussion takes a mechanistic perspective, centering around restructuring cyber teams, creating new organizations, changing authorities, creating new policies, and so on. This perspective is important but it is insufficient. Culture matters. Organizations ignore culture at their peril. This paper focuses on how service culture has shaped the U.S. Army’s experiences with cyberspace as a case study to illustrate why culture must be considered in any organizational approach to how the U.S. generates cyber forces and conducts cyberspace operations. If the U.S. does not get organizational culture "right", no amount of organizational change will be effective in addressing its force generation challenges.

Jan. 27, 2026

Erratum

Erratum to: “Why Culture Matters: Organizational Culture and Force Generation for the Cyber Domain,” The Cyber Defense Review, Volume 10, Issue 3 (2025). Following publication, a correction to the list of authors was requested for the above-mentioned article. This erratum records the updated authorship information. The correct list of authors is as follows: John Fernandes, Erica D. Lonergan, Alexander Master. This correction concerns only the authorship attribution. The content, analysis, and conclusions of the article remain unchanged. The online version of the article has been updated accordingly.