Dec. 31, 2025

Beyond the Uniform: Reconnecting the Nation’s Cyber Force

The United States faces a structural cyber manpower challenge that cannot be solved through traditional military or Department of War (DoW) force-generation models alone. Drawing on his experience as the Department of the Navy’s Principal Cyber Advisor (PCA), CDR (Retired) Christopher Cleary contends that while the nation trains exceptional military cyber operators, it employs only a fraction of its available cyber talent. The article proposes a Cyber Mission Support Framework (CMSF) to reconnect uniformed forces with trusted, highly skilled cyber professionals in the private sector. CMSF enables scalable mission augmentation and, potentially, regulated cyber proxy operations under clear legal and operational oversight. The essay examines why cyber operators leave uniformed service despite continued commitment to national defense, how industry has become a latent reserve of operational expertise, and why existing models are insufficient for future conflict—particularly in high-demand theaters. Ultimately, it argues that reconnecting national government and industry cyber talent is essential to sustaining U.S. cyber readiness and strategic advantage.

Dec. 31, 2025

Evolution of U.S. Cyber Command since 2018

Much has changed at United States Cyber Command (USCYBERCOM) since it became a unified combatant command in 2018. Created in 2010 and elevated to full unified status eight years later, the command underwent substantial evolution from the outset in the ways it designed, developed, and employed its forces. Those changes came at the dictation of operational experience, with leaders learning what worked---and did not---from mission outcomes, while learning how to sustain success and mitigate negative results. Although USCYBERCOM is not fully built out, the command is more capable, more ready, and more often sought as a partner by domestic and allied operational entities. Today it does everything it could do in 2018, and many things it could not do then. These changes occurred as a result of several factors, including leadership continuity, tactical innovation, and operational flexibility. That flexibility, however, bespeaks larger constraints—or competitions for resources and focus—that may one day limit the command’s potential capacity. As the nation considers the organization of cyber forces, USCYBERCOM’s successful functions would have to be employed---or re-created---in whatever organizational construct performs military functions in cyberspace for the United States.

Dec. 31, 2025

“Go Big”: Cyber Force Large

The United States faces a volume and sophistication of malicious cyber activity that far exceeds the capacity of its current military cyber forces. U.S. Cyber Command (USCYBERCOM) must conduct continuous defensive and offensive operations against thousands of state and non-state actors while sustaining a small, high-skill Cyber Mission Force that is already stretched by persistent engagement requirements. This article argues that debates over whether to grant USCYBERCOM SOCOM-like authorities or to establish a separate cyber service miss the central problem: the force is simply too small. Drawing on threat reporting, congressional testimony, and workforce studies, it demonstrates how chronic shortfalls in personnel, misalignment of talent to task, and limited training throughput undermine readiness and constrain strategic options. The article makes the case for significantly expanding the active-duty cyber workforce and pairing this growth with targeted reforms in force management, training standardization, and career progression. It then assesses two primary pathways for scaling the force—growing under a SOCOM-like model or consolidating into an independent cyber service—and evaluates their respective advantages and risks. The article concludes that “going big” on cyber force size, coupled with management modernization, is a necessary precondition for sustaining large-scale cyberspace operations and providing policymakers with credible, scalable options to defend the nation in and through cyberspace.

Dec. 31, 2025

Military Function, Form, and History’s Lessons for Cyber Forces

This article examines what kind of military cyber force the United States requires and what organizing principles should guide future force posture and structure. It argues that cyberspace’s character as a domain of constant contact favors continuous, scalable campaigning rather than episodic operations. Using historical institutional analysis to survey U.S. service, functional, and geographic commands, the article derives criteria for evaluating organizational reform proposals. It foregrounds the core questions that should discipline ongoing debates: What problem, precisely, are advocates trying to solve? What do U.S. military cyber organizations need to do over the coming decades across competition, crisis, and armed conflict? How will proposed changes affect synergy versus segmentation between intelligence and operations, and between cyber and the wider Joint Force? Can adaptation occur with less disruption, expense, and risk while preserving service-organic capabilities and tight intelligence–operations integration? By centering these questions, the article offers a “form follows function” framework to judge whether disruptive organizational change would genuinely improve U.S. cyber campaigning effectiveness and long-term strategic advantage for the nation.

Dec. 31, 2025

Gaming Campaigning in Cyberspace

This article introduces a new tool for gaming out military campaigns in cyberspace. Called the Persistent Engagement Wargame, this multi-sided game explores how different force designs and operational strategies interact with the kinds of missions and objectives that may be assigned to organizations such as U.S. Cyber Command (USCYBERCOM). Five iterations of the game were played at the U.S. Naval War College between 2023-2025. These games indicate that, over periods of sustained competition, sizable cyber forces are necessary, yet they can still fail if the nation’s operational approach is not properly aligned. Optimal results occur when a nation has sufficient capacity and a strategy that exploits gaps in its adversary’s defenses while simultaneously defending its own military networks and critical infrastructure. These games also revealed several important lessons about force design that can inform the current debates surrounding cyber force structure. Chief among these is the requirement for a greater number of “counter-cyber” forces within USCYBERCOM. Another major implication is the need for robust organizations to enable allied cooperation. Greater use of such wargames could help practitioners, planners, and policymakers understand and experiment with different effects of alternative futures for cyber forces.

Dec. 31, 2025

Support and Leverage Auxiliaries for Stronger Cyber Defense

Military auxiliary organizations offer considerable but often neglected potential for improving the U.S. military’s cyber defense capabilities and growing the professional ecosystem. These auxiliaries include the Reserves, the National Guard, the Marine Corps Cyber Auxiliary (MCCA), the Civil Air Patrol (CAP), the U.S. Coast Guard (USCG) Auxiliary, and additional entities organized through state authorities. In addition, specialized exercises, such as “Cyber Yankee”, enable better use of these auxiliaries and thus they deserve increased support. International initiatives such as the National Guard Bureau’s State Partnership Program (SPP) and the Interallied Confederation of Reserve Officers’ (CIOR) international cyber event also foster greater engagement and deliver benefits that cannot be achieved through active-duty military efforts alone. All of these capabilities, initiatives, and opportunities stand to improve the generation and use of cyber force by the armed services and U.S. Cyber Command.

Dec. 31, 2025

U.S. Cyber Command Evolution and the Increasing Role of the Private Sector

The United States must effectively leverage all its capabilities to prepare for and prosecute conflicts with a cyber dimension. Both U.S. Cyber Command (USCYBERCOM) and the private sector play crucial roles. However, their efforts remain largely uncoordinated due to limits in traditional approaches to private-sector collaboration. This paper advocates establishing collaboration mechanisms to increase the effectiveness of both USCYBERCOM and the private sector, improving cyber defense at home and in support of friends and allies. Examples such as the Cyber Defense Assistance Collaborative (CDAC) illustrate how both general capacity building and targeted defense assistance are increasingly led by private companies. Key contexts in Europe and Asia highlight the need for deeper private-sector involvement. Numerous current and potential cyber conflict scenarios show where private actors can offer more effective support through intelligence, defensive capabilities, and training that can supplement or sometimes surpass military cyber operations. We conclude that USCYBERCOM should work more directly with the private sector. We propose establishing a Cyber Command Private Sector Collaboration Center (CCPSCC) to enable consistent blue-force tracking across government and private activities; coordinated threat hunting; and improved operations centers supporting cyber defense in conflict.

Dec. 31, 2025

Evaluating Alternative Models for Organizing U.S. Cyber Forces

Despite the significant investment of attention and resources, the Pentagon and armed services continue to struggle to find, train, and retain the cyber personnel needed for great power competition. The 2025 National Defense Authorization Act directs an evaluation of alternative organizational models for U.S. cyber forces. Traditional models for military force generation, including special operations, have received significant attention. However, Congress also requires an assessment of alternative organizational models that could prove to be more effective. This article seeks to do so, challenging common assumptions about which organizational models are most relevant and instructive. In particular, we explore alternative models for cyber force generation that include the Uniformed Health Services, Defense Combat Support Agencies, Department of Defense specialized career paths, and private-sector workforce development. We assess each alternative in terms of its applicability, limitations, lessons for force generation, and potential to inform the dominant models in the current debate—namely the status quo, a special operations (SOCOM) model, or a separate cyber force.

Dec. 31, 2025

Built for Land, Not Cyber

Despite a decade of reform and Congressional intervention, the military services continue to struggle to meet the operational requirements of cyberspace. Informed by my experience in both traditional Army and cyber units, this article argues that the root of the problem lies not in neglect or leadership resistance alone, but more prominently in structural misalignment. The services are optimized for their physical domains of warfare, not for the characteristics of cyberspace. My analysis utilizes Clayton Christensen’s Resources, Processes, and Values (RPV) framework to examine constraints on how the Army generates cyber forces. Although suitable for land warfare, the Army’s RPV is ill-suited to a domain characterized by interconnectedness, constant contact, dynamic terrain, and dual character as both weapon and battlespace. I highlight the friction that arises when an organization built for one domain is asked to generate forces for a different domain. Consequently, rather than continuously retrofitting existing services, I argue that the United States should establish a dedicated cyber service designed to maximize the unique capabilities inherent to the digital domain.

Dec. 31, 2025

Reclaiming the Cyber Domain: Revising U.S. Doctrine to Treat Cyberspace as Battlespace and Not a Function

Cyberspace has been formally recognized as a domain of warfare for over two decades, yet U.S. military doctrine and practice continue to treat it primarily as a cross-domain enabler rather than a battlespace of independent operational and strategic consequence. This paper argues that the prevailing doctrinal framing—cyber as a support function within joint operations—has hindered the development of operational art, force generation models, and integrated campaign design for cyberspace. The paper critiques the conceptual conflation of cyberspace with the information environment and with electromagnetic warfare; it also bridges doctrine with recent scholarship on whether cyberspace constitutes an operational domain. It proposes the adoption of new doctrinal concepts, such as cyberspace control operations, as a foundation for differentiating cyberspace as battlespace rather than a supporting function. The paper highlights the risk of sustaining the supporting-role mindset in an era when adversaries, such as the PRC, employ cyberspace operations as primary tools for competition and deterrence. By clarifying the doctrinal vocabulary and contrasting U.S. practice with the approaches of its adversaries, this paper offers a framework for treating cyberspace as a true domain of warfighting in its own right.