The Evolving Landscape of Cyber Defense within the DoD
Share this post
Focus: SPA Perspectives

Categories: Capabilities, Software, Cyber, and Cloud Computing

The Evolving Landscape of Cyber Defense within the DoD

Mike Farren, Strategic Growth and Business Analyst at SPA

Author: Mike Farren, Strategic Growth and Business Analyst

  • Alexandria, VA | May 28, 2025

This is the second of a four-part series on Rethinking Cybersecurity.

See all the series posts here.

As cyber threats grow increasingly sophisticated, the Department of Defense (DoD) faces critical decisions about organizing and managing its cyber capabilities. Chief among those considerations is whether the DoD should establish a distinct, unified cyber force separate from existing military branches.

Mike Farren, Strategic Growth and Business Analyst at Systems Planning & Analysis (SPA), outlines the complexity of this issue, noting it has occupied significant attention within both the DoD and Congress for nearly 15 years. 

“Since the establishment of U.S. Cyber Command, they've been trying to standardize the manning, training, and equipping of a Cyber Mission Force, which is approximately 6,000 billets for offensive and defensive cyberspace operations,”

SPA Strategic Growth and Business Analyst, Mike Farren
Current Organizational Challenges
Currently, each military branch—the Army, Navy, Air Force, Marine Corps, and Coast Guard—individually manages and equips its own cyber personnel. This decentralized structure, while allowing for branch-specific flexibility, has presented substantial challenges for unified cyber operations.
The Case for a Unified Cyber Force
Advocates of a dedicated cyber force argue that it would improve efficiency and operational effectiveness by:
  • Focusing Resources: Cyber resources could be streamlined without competing against traditional warfighting demands.
  • Standardizing Training and Readiness: A single command structure could ensure personnel are prepared to employ advanced capabilities.
  • Enhancing Operational Cohesion: Stronger integration of cyber strategy and operations could lead to more coherent threat responses.

Congress has seemingly recognized these potential benefits, granting USCYBERCOM incrementally greater authority since fiscal year 2022, including centralized oversight of training and cyber capabilities acquisition.

Risks and Challenges
Despite potential advantages, establishing a separate cyber force raises significant concerns. Foremost is the risk of detachment from traditional warfighting domains.

“We don't do cyber for cyber's sake. We do it because a critical mission needs to be accomplished.”

SPA Strategic Growth and Business Analyst, Mike Farren
The primary concern is that isolating cyber capabilities might compromise integration with kinetic military operations. Cyber operations are most effective when closely linked with traditional combat missions, ensuring strategies remain grounded in warfare’s practical realities.
Farren highlights this critical integration: “If you build a separate cyber force, the worry is always that you lose touch with what matters. Right now, if you bring in an Army soldier who has been part of an infantry battalion, they understand at a visceral level what combat in the kinetic domain is like. We can take that expertise into how we conduct the next cyber mission.”
The Path Forward
Given these complexities, Farren suggests the future of U.S. cyber defense might need to find a middle ground. However, increased authorities for USCYBERCOM, coupled with congressional interest, indicate a trend toward greater centralization – with a major caveat:
“Right now, it’s anyone’s guess as to how this is going to play out,” Farren says. “It really is a political decision at the end of the day, but when you look at the congressional direction and the appetite of U.S. Cyber Command for more control, my opinion is that we’re probably going to see a separate cyber force within the next three to five years.”
Considerations for Policymakers
As DoD leaders evaluate the future of cyber defense organization, key considerations include:
  • Honest assessment of whether/how a dedicated Cyber Force improves the integration of cyberspace operations with the more traditional warfighting domains
  • Avoiding the mistakes made in the establishment of the Cyber Mission Force and Space Force by providing a Cyber Force with sufficient developers and administrative support elements any service needs
  • Pursuing incremental centralization, allowing for adaptive adjustments
Strategic Flexibility: Navigating the Future of Cyber Defense
Deciding whether to create a separate cyber force involves balancing potential improvements in resource allocation and training against risks of operational detachment and bureaucratic inefficiency.

As Farren underscores, cyber capabilities must always serve broader defense objectives. “Cyber capabilities must be aligned directly with mission-critical objectives, ensuring that any structural changes enhance—not hinder—overall national defense readiness.”

Explore This Topic Further

Did you catch the previous post, Aligning Defense Resources with Critical Missions?

Subscribe now to discover how organizational choices directly influence resilience strategies in our next post, Strengthening Cyber Resilience, which examines the critical vulnerabilities within the mission stack.

Subscribe for Future FOCUS: SPA Perspectives Updates

Related Posts

We invite you to subscribe and stay informed. Never miss an update as we continue providing the rigorous insights and expert analysis you rely upon to protect and advance our national security.





      w

      Lorem ipsum dolor sit amet, consectetur adipiscing elit eiusmod tempor