CyberDominance.com is the official home of Cyber Dominance Theory.

Cyber Dominance Theory is the guide to achieving Cyber Dominance.  At the core, it combination of two concepts: General Dominance Theory, and Cyber Security Fundamentals.

  1. General Dominance Theory. GDT, originally developed for Navy Information warfare, is a guide for achieving dominance in any domain.
  2. Cyber Security Fundamentals. The topical technical knowledge related to computer and network security, and the behavior of the people who use them.

In order to understand Cyber Dominance Theory, we recommend that you first read the introduction to General Dominance Theory.

Applying General Dominance Theory to the Cyber Domain Yields Cyber Dominance Theory

General Dominance Theory (GDT) can be applied to any domain.  To apply it to the cyber domain, we will need to do the following:

  1. Define the Cyber Domain and terms of cyber warfare
  2. Define the Six Critical Controls of Cyber Dominance (SCC-C)
  3. Translate the SCCC into a Cyber Warfare Framework

Define Cyber Domain, Cyber Dominance, and Terms of Cyber Warfare

GDT defines Domain as an environment where things exist and where those things are bound by laws and patterns of existence, movement, destruction, propagation, and other environmental factors – the combination of which is either unique of other Domains, or distinct enough to warrant special consideration.

So what is the unique combination of laws, patterns, propagation, etc unique to the Cyber Domain?  The Cyber Domain is the combination of electronics, networks, people, mother nature, and the way these things interact with each other and the physical world.  More specifically, the Cyber Domain is the combination and interaction of the following (not intended to be exhaustive):

  1. Computer and Electronic Hardware
    1. Processors
    2. Storage Media
  2. Firmware and Software
  3. Networks of the above
    1. Wired
    2. Wireless
      1. Near-field
      2. Long-haul
    3. Protocols
  4. Control Signals and Data
  5. Infrastructure
    1. Physical Security
    2. Logistics
    3. Energy
  6. Mother Nature
    1. Weather
    2. Space
    3. Environment
    4. Electricity, Magnetism, and Electromagnetic Physics
  7. Developers
  8. Users
    1. Privileged (Administrator)
    2. Unprivileged (regular user)

This should make it apparent that they Cyber Domain is quite vast, and includes extreme parts of each aspect.  For example, both very experienced and inexperienced people are in this domain.  Both undersea and space environments.  Both the most basic hardware and the most abstracted software.

Dominance is what we want in the Cyber Domain, because being dominant means that if we don’t want to be hacked, we won’t get hacked.  If we want to hack, we can.  If we want to communicate, we can.  If we want to deny our adversary’s communications, we can.  Users have the access they need.

GDT defines Dominance as: the state in the battle space where a desired image of reality can be achieved completely despite the will of an adversary.  Therefore, Cyber Dominance is: the state in the Cyber Domain where a desired image of cyber reality can be achieved completely despite the will of an adversary.

The struggle for Cyber Dominance is cyber war, and the actions we take to win the war are all part of Cyber Warfare.  Cyber Warfare is the pursuit of Cyber Dominance.

Perception of Reality (POR) and Ability to Affect Reality (ATA) are required to achieve Dominance, therefore Perception of Reality in the Cyber Domain (POR-C) and Ability to Affect Reality in the Cyber Domain (ATA-C) are required to achieve Cyber Dominance.  Cyber Warfare is the struggle against an adversary to achieve and retain a perfect ATA-C and POR-C:

According to Cyber Dominance Theory, Cyber Dominance is achieved when you have a perfect Ability to Affect the Cyber Domain (ATA-C) and Perception of the Cyber Domain (POR-C).
According to Cyber Dominance Theory, Cyber Dominance is achieved when you have a perfect Ability to Affect the Cyber Domain (ATA-C) and Perception of the Cyber Domain (POR-C).

Six Critical Controls of Cyber Dominance

Achieving Cyber Dominance requires control of our adversaries and of ourselves in the Cyber Domain. This control can be broken down into Six Critical Controls of Cyber Dominance (SCC-C) required to achieve Dominance:

  1. Control our collection of cyber information
  2. Control our synthesis of cyber information
  3. Control our Ability to Affect Reality in the Cyber Domain
  4. Control the adversary’s collection of cyber information
  5. Control the adversary’s synthesis of cyber information
  6. Control the adversary’s Ability to Affect Reality in the Cyber Domain
The Six Critical Controls of Cyber Dominance illustrate the six things you must control to achieve Cyber Dominance. These Six Critical Controls can each be described as a Pillar of Cyber Defense or a Pillar of Cyber Offense.
The Six Critical Controls of Cyber Dominance illustrate the six things you must control to achieve Cyber Dominance. These Six Critical Controls can each be described as a Pillar of Cyber Defense or a Pillar of Cyber Offense.

SCC-Cs 1-3 are the Pillars of Cyber Defense.  SCC-Cs 4-6 are the Pillars of Cyber Offense.  SCC-Cs 1 – 3 are defensive because loss of any one of these requirements will preclude us from achieving Cyber Dominance.  Reciprocally, if we achieve any of the requirements 4 – 6 then we can prevent our adversary from achieving Cyber Dominance.

Cyber Warfare Framework

To guide the pursuit of Cyber Dominance, we can take the Six Critical Controls of Cyber Dominance and form a Cyber Warfare Framework (CWF).  This framework can help ensure that each task we undertake can be traced back to one of these six requirements, and is therefore very likely to be contributing towards Cyber Dominance (and therefore not a waste of scarce resources).

The Cyber Warfare Framework translates the Six Critical Controls of Cyber Dominance into categories of efforts that will likely contribute towards achieving Cyber Dominance.
The Cyber Warfare Framework translates the Six Critical Controls of Cyber Dominance into categories of efforts that will likely contribute towards achieving Cyber Dominance.

Just as in GDT, each of the SCC-Cs can be divided into one of two categories: (1) Inputs and (2) Outputs.  Inputs satisfy SCC-Cs 1 and 2 and are the actions we take to increase our POR-C.  Inputs can also be described as Cyber Intelligence.  Outputs satisfy SCC-Cs 3-6 and are things we do to affect our adversary or protect ourselves.  Outputs can also be described as Cyber Operations.

Tasks that enable Input and Output actions are Conduits.  They provide the Infrastructure for Intelligence and Operations.  These actions don’t directly contribute to achieving Cyber Dominance because they don’t directly address an SCC-C, but they can be essential to Operations and Intelligence actions.

Task Purpose Description Applicable Critical Requirements Task Category
Inputs Tasks that achieve POR-C 1 & 2 Cyber Intelligence
Outputs Tasks that achieve and maintain ATA-C 3, 4, 5, & 6 Cyber Operations
Conduits Tasks that enable Input and Output actions All (indirectly) Cyber Infrastructure

If every task we perform can fit into one of these three categories, we can have a high degree of confidence that we are working towards the philosophical objective of Cyber Dominance.

Conclusion

If you have read the introduction to General Dominance Theory, you will know that applying GDT to the Cyber Domain is very straightforward.  Although this seems simple, hopefully you also see how giving names to the things we need to do to be successful in the Cyber Domain gives us a clear way allocate scarce time and money in way that will be productive towards the goal of achieving Cyber Dominance.

The next steps of achieving Cyber Dominance are discussed in other articles in the Cyber Dominance Theory section here at CyberDominance.com:

  1. Defining your Desired Reality Space in the Cyber Domain (finding out what you want in the Cyber Domain)
  2. Defining your adversary’s Desired Reality Space in the Cyber Domain (what your adversary wants in the Cyber Domain)
  3. Taking action
  4. Measuring your progress towards Cyber Dominance
  5. Maintain your achievement of Cyber Dominance

Leave a Reply

Your email address will not be published. Required fields are marked *