Immediately following the Vietnam War, the Marine Corps had to answer fundamental questions about its role in future conflicts. In 1976, the Brookings Institution argued that the Corps should update its World War II–era amphibious assault tactics to remain relevant.1 The ensuing debate focused on whether the service should maintain the status quo and risk becoming irrelevant or adopt a new approach and risk harming the unique culture that had sustained it for 200 years.2 One side argued for maneuver-style warfare, while the other promoted staying the course, updating weapons to continue the attrition style of warfare formalized in the Fleet Marine Force Manual. This argument played out, often acrimoniously, in the fleet, on the pages of the Marine Corps Gazette, and in the halls of the Amphibious Warfare School and Command and Staff College.3
The debate ended in 1989 when General Alfred M. Gray, Commandant of the Marine Corps, signed off on a groundbreaking doctrinal publication of just over 100 pages. Fleet Marine Force Manual 1 (FMFM 1), Warfighting, is a small book with a large purpose.4 It was meant to describe the nature of, theory of, preparation for, and conduct of war. In 1997 another Commandant, General Charles C. Krulak, updated FMFM 1—now Marine Corps Doctrinal Publication 1 (MCDP 1)—writing that Warfighting is not “merely guidance for action but a way of thinking.”5
The concepts in Warfighting are timeless and apply to contemporary cyber warfare, providing a vital underpinning for how to think about this new domain. General Krulak specifically states that we “cannot be allowed to stagnate,” and we “must continue to evolve based on growing experience, advancements in theory, and the changing face of war itself.”6 His vision of a Marine Corps doctrine that does not lose relevance has great value as cyber warfare capabilities develop, for both the Marine Corps and the Navy.
Traditional Warfighting Doctrine and Cyber
General Krulak’s “three-block war” concept holds that timely decisions must be made at the lowest level during stressful and complex situations.7 He focused on the human element in combat and how the “strategic corporal” can have an outsized impact relative to rank. General Krulak’s concept involves three city blocks where Marines are required to execute peacekeeping and humanitarian operations, counterinsurgency, and high-intensity conflict operations simultaneously or in close succession. Today’s wars are also fought on a fourth block: cyber.
Applying Marine Corps doctrine to the emerging and rapidly evolving cyber warfare domain is both a challenge and an opportunity. The way Marines think about, train for, plan, and execute combat operations provides a model for the development of a naval service cyber doctrine. Three aspects of Warfighting are especially relevant to cyber warfare: the inseparable nature of offensive and defensive operations, maneuver warfare as a means to create and exploit adversary gaps and vulnerabilities, and a combined-arms approach to leave the adversary in a no-win situation.
Offensive and Defensive Operations Work Together
According to the latest edition of Warfighting, MCDP 1-0, cyber warfare involves combat operations to protect and defend critical information, computers, and networks while denying the adversary access to and use of them.8 As in all other domains of warfare, offense and defense are not just complementary, they are inseparable. Operationally, senior military leaders must be prepared to cohesively respond to an adversary’s action against U.S. interests or to an adversary’s reaction to U.S. offensive action on its cyber terrain. Tactically, the aggressor needs to be prepared to respond defensively to the same tactics being redirected toward him. Any plan dominated by defense is a losing strategy because the advantage obtained in forcing the adversary to react to U.S. offensive actions is lost. Simply minimizing vulnerabilities is shortsighted. The concepts of speed, fluidity of action, and surprise must be used to shape the adversary’s perception of the world.
General Krulak would find ridiculous the notion that large investments in defensive cybersecurity are sufficient to achieve dominance in cyberspace. The doctrine published when he was Commandant of the Marine Corps provides his vision of offense as an “integral component of the defense.”9 Dr. Howard Shrobe, associate director of the Massachusetts Institute of Technology’s Computer Science and Artificial Intelligence Laboratory, concurs with this view, noting that the U.S. approach “layers security on to a uniform, but vulnerable architecture. We do this to create tactical breathing space. But it is not convergent with the evolving threat.”10
Defensive cyber investments allow leaders to feel more secure and take less operational risk. However, when defensive technologies and operations are the primary option, there are limited courses of action and a restricted ability to maneuver. Investments in human capital and technology must be balanced—but not necessarily evenly balanced—between offensive and defensive initiatives. A question frequently asked is how much cybersecurity is enough. That is the wrong question. More appropriately, the two questions we should ask are: What is the national and service-level cyber strategy, and how does the naval service invest to meet the strategy’s objectives? Determining how much cybersecurity is enough becomes clearer once these two questions are answered.
Private industry is investing enormous sums of money in cybersecurity because it relies solely on defensive operations. Legal restrictions, such as the Computer Fraud and Abuse Act, leave private companies with few if any offensive options to protect themselves, tipping the scale in favor of attackers. In the physical world, governments have allowed private companies to hire armed guards to protect assets and life from armed thieves and terrorists.
Private companies should not be allowed to wage offensive cyber operations. Cyberspace vigilantism is loaded with the potential for dangerous outcomes. However, entities unable to conduct offensive cyber operations are left at a significant disadvantage.11 Consequently, the military must be ready to respond in cyberspace, and it must do so by exploiting a combined-arms approach.
Maneuver Warfare in the Cyber Domain
Maneuver warfare provides the Navy and Marine Corps team with the agility and speed to respond to and preempt adversary actions on any terrain, including cyberspace. The concept has been in use for thousands of years on the physical battlefield. In cyberspace, when operational commanders increase their ability to maneuver through surprise, deception, speed, and agility, they place adversaries in an untenable and unwinnable situation. Colonel John Boyd’s exposition of the OODA loop (observe, orient, decide, act) is a useful framework to consider maneuver warfare on the cyber terrain.12
It is important to grasp what this battlefield looks like. The usual concept of cyber networks involves activities such as watching Netflix at home, executing a financial transaction, sending an email at work, or passing data between commanders in the field. Yet the cyber terrain also includes a wider range of devices, networks, and platforms, such as control systems, internet-of-things devices, and social media. Platforms such as social media move information and disinformation at volumes that even ten years ago were unprecedented. Complexity also is increased because of the mutability of the terrain over time.13 Malicious actors operate seamlessly across this complex cyber terrain, and the Navy and Marine Corps team must maneuver adeptly within and across this domain.
Cyber-focused leaders must consider the overall environment beyond technology. The large number and diverse variety of actors increase complexity. State and nonstate actors, robots and artificial intelligence, private businesses, and public institutions all ensure a nonlinear environment. The fundamentals of warfare do not change because the pace of the engagement and the complexity of the terrain have increased, and situational awareness remains critical for the cyber operator to be ready to respond to malicious actions and minimize collateral damage if offensive operations are undertaken.
Determining what the adversary is doing in cyberspace requires a virtual and sometimes even physical presence. The Navy and Marine Corps team is comfortable with being an expeditionary force; it is ingrained from the first day of boot camp and officer training. Cyber operators must work in a similar expeditionary manner in their own domain. Operators need to place themselves in physical and logical positions that give them freedom of maneuver and the ability to deliver the “rapid, focused, and unexpected” effects required to achieve strategic, operational, or tactical objectives.14 Once situational awareness has been obtained, they must be prepared to complete the decide and act phases of the OODA loop.
At the same time as they remain intimately familiar with technology, cyber warfare leaders also need to study Sun Tzu’s concepts of deception, speed, fluidity of action, surprise, and shaping the enemy’s view of the world. Cyber warfare leaders—from the deckplates and field to the Pentagon—must stay current in the technological advances that enable their operations. They must ensure they take advantage of all professional military education opportunities. Cyber-focused leaders with an equipped force can provide options to combatant commanders that increase the adversary’s operational and tactical friction.
A Combined-Arms Approach Includes Cyber
Cyber operations cannot be executed in a vacuum or solely behind high-security doors. Cyber must be another weapon considered in a traditional combined-arms approach. Technically and tactically proficient leaders must be adept at integrating cyber into planning and operations. This type of warfare can no longer be seen as another means to gather intelligence; it must be elevated to the same level as all other warfare domains.
The goal of warfighting always is to shatter the adversary’s cohesion by delivering coordinated strikes against his vulnerabilities. In the Navy, that means the information warfare community must demonstrate it can operate on and maneuver within the cyber terrain in support of conventional operations. Conversely, traditional warfighting communities must be ready to support cyber operations.
It may not be clear when and how to respond to an adversary’s actions in cyberspace, where warfare is more complex because of the wide range of kinetic and nonkinetic actions. These include trolling opponents on Twitter, disrupting internet traffic, attacking and destroying physical systems, and carrying out cyber vandalism. Perhaps the biggest challenge for national security leaders is deciding when to assign attribution and how to respond. Attribution is difficult because of the anonymity of action on the internet and the reluctance of institutions to release evidence not publicly available. A response decision rests on which lever of national power (diplomatic, international, military, or economic) or combination of levers will constitute appropriate proportionality.15 Because of these complexities, implementation of both the national and Department of Defense cyber strategies at the service level will be challenging.16
Existing Doctrine Still Works
In 1989, the Marine Corps fully embraced maneuver warfare. Contrary to the fears of many, it did not weaken the Corps’ culture but contributed directly to battlefield success. When viewed in the context of Warfighting, cyber warfare is not fundamentally different from the expeditionary operations central to Navy and Marine Corps missions. This type of warfare has reached a point of maturity that demands a doctrine to support resourcing decisions, technology development road maps, and, most important, human capital investments. The Navy and Marine Corps must develop leaders who understand the complex nature of cyberspace, and they must develop a force that can maneuver with the requisite speed and tempo. Cyber operations must be equal in planning for a combined-arms approach.
Many believe the myth that success in cyberspace can be achieved simply by investing in technology. All naval officers must understand Colonel Boyd’s adage that “machines don’t fight wars. People do, and they use their minds.”17 The nation’s cyber warfare leaders must stay true to the fundamental notion that no level of advanced technology will diminish the role of human will, ingenuity, and innovation in combat on the physical or cyber battlefields.
2. Fideleon Damian, “The Road to FMFM 1: The United States Marine Corps and Maneuver Warfare Doctrine, 1979–1989,” master’s thesis, Kansas State University, 2008.
3. S. W. Miller, “Winning through Maneuver Warfare: Part I, Countering the Offense,” Marine Corps Gazette, March 1980.
4. Fleet Marine Force Manual 1, Warfighting, U.S. Marine Corps, 1989.
5. Marine Corps Doctrinal Publication 1 (MCDP 1), Warfighting, U.S. Marine Corps, 1997.
6. MCDP 1, Warfighting, 2.
7. Charles Krulak, “The Strategic Corporal: Leadership in the Three Block War,” Marine Corps Gazette, January 1999.
8. Marine Corps Doctrinal Manual 1-0, Marine Corps Operations, U.S. Marine Corps, 2011.
9. MCDP 1, Warfighting.
10. Howard Shrobe, “We’re Hosed and We’re All in this Boat Together: Governments, Industry, Academia All Have a Role to Play,” lecture, Hack-The-Machine, Cambridge, MA, 23 September 2017.
11. Nicholas Schmidle, “The Digital Vigilantes Who Hack Back,” The New Yorker, 7 May 2018.
12. Jeffrey N. Rule, “A Symbiotic Relationship: The OODA Loop, Intuition, and Strategic Thought,” Strategy Research Project, U.S. Army War College, 2013.
13. Peyton Price, Nicholas Leyba, Mark Gondree, Zachary Staples, and Thomas Parker, “Asset Criticality in Mission Reconfigurable Cyber Systems and Its Contribution to Key Cyber Terrain,” Proceedings of the 50th Hawaii International Conference on System Sciences, 2017, 6042–51.
14. MCDP 1, Warfighting.
15. Jeff Farlin, “Instruments of National Power: How America Earned Independence,” Strategy Research Project. U.S. Army War College, 2014.
16. “National Cyber Strategy of the United States of America,” White House, September 2018, www.whitehouse.gov/wp-content/uploads/2018/09/National-Cyber-Strategy.pdf.
17. Nancy Wesensten, Gregory Belenky, and Thomas J. Balkin, “Cognitive Readiness in Network-Centric Operations,” Parameters 35, no. 13 (spring 2005), 94–105.