2024-12-28

Cyber Defence is More than Cybersecurity - At least from a Military Viewpoint

 Intro

In the model for state-level actions within the cyber environment in scenarios from confrontation to conflict, the military recognises techniques, tactics, operations and strategies, which all execute the political interests as I described in the 2022 paper published in Military University of Portugal in Figure 1. As with other legacy domains, the tactical, operational, and strategic levels are also feasible in the cyber domain, which is gradually taking over the information sphere in the military impact structure. Adversaries (RED) currently use the cyber domain to impact the physical sphere by combining kinetic and cyber strikes to target the defenders' (BLUE) physical systems. Simultaneously, RED uses kinetic and cyber strikes to create fear and confusion in BLUE's cognitive and social spheres. So, with the introduction of the cyber environment, the military faces a more complex theatre than the traditional physical sphere where space, air, land and maritime operations take place. 

Unfortunately, information security promotes only some controls and procedures (e.g., ISO 27 000 or NIST 800 series), and cybersecurity provides some processes or management models (e.g., NIST Cybersecurity Framework, ITIL, COBIT, ISO 38500). These leave the military short at higher levels of confrontation. Therefore, the paper aims to define cybersecurity at military tactical, operational and strategic levels and provides some examples in cyber defence.

Figure 1: A Model for State Cyber Power

Tactical-level Cyber Defence

Model: Military tactics encompass "the art of organising and employing fighting forces on or near the battlefield."   When this is applied in defence of the cyber environment, it may include establishing a doctrine that would nullify the adversary's most probable attack tactics (IT- architecture), preparation of the area of operation (artificial cyberspace), digging the defensive positions (defence-in-depth) and defining the areas of fire (sandboxes, honey pots), setting the tripwires and reconnaissance (vulnerability hunting, monitoring and threat intelligence), preparing the alternative positions (continuation and recovery) and exercise the fire and position changes drill in day and night (incident, problem, change management and red teams).

Principles for cyber defence tactics may include the following:

  • Construct BLUE domain defence against RED attack vectors (e.g., MITRE Att@ck) based on the posture of information security
  • Prepare the BLUE domain using the dimensions of depth in Figure 2
  • Establish kill zones with honey pots and abilities to create sandboxes within the domain
  • Stabilise BLUE baseline of protocols and behavioural patterns to improve the probability of detecting anomalies
  • Establish 24/7 monitoring, use AI to enhance pattern recognition and automate some of the basic response actions
  • Establish security at least at emission, transmission, communications and session levels in the OSI structure
  • Test the domain integrity continuously with penetration testing, black box testing, and vulnerability hunting
  • Configure the recovery of processing, storage and data to meet the operational availability requirements
  • Exercise BLUE detection, response and recovery with red teaming in live domains.

Examples:

BLUE cyber defence observes the following incidents on their monitors: 

  • SIEM in SOC is not receiving log data from several servers, firewalls, IDS, switches and routers.
  • The network management system in NOC indicates that it has lost connection to several servers, switches and routers.
  • The physical security monitor has lost all video and sensor feeds from Data Center A.

BLUE defenders may take the following actions:

  • Confirm the possible loss of an entire Data Centre from other sources 
  • Assess the gravity of the situation and draft Courses of Action (CoA) for remedy and communicate them to Operation Control 
  • Monitor the process of automated recovery of data and services and launch possible manual remedies 
  • Get recovery priorities and decide on CoA from Operation Control 
  • Launch required additional remedies to recover and restore data and services based on agreed CoA and priorities.  
  • Inform Operation Control and end users of the recovery progress.

BLUE threat intelligence receives information that a software development vendor has been breached and their latest application update may be compromised. The BLUE cyber defence may resolve the situation with the following options:

  • Network Operation Centre (NOC) isolates systems running the possibly compromised application 
  • Cybersecurity Operation Centre (SOC) sandboxes the infected area and investigates the situation 
  • IT security patches the software if the vendor has fixes available 
  • SOC deploys additional security controls and focus monitoring to prevent exploitation 
  • SOC detects a variation in standard behavioural patterns in one site running the possible compromised application. NOC kills the ill-behaving computing process that normalises the situation. 
  • SOC observes the malevolent behaviour in the honey bot and checks how automated sandboxing prevents the malware's spread.

Figure 2: An example of a tactical-level view of Cyber Defence 

Operational-level Cyber Defence

Operational represents the level of command that connects the details of tactics with the strategy goals. Operational art may be based on Sun Tsu (know yourself and your enemy) and Clausewitz (Center of Gravity) models. BLUE recognises their power sources and considers them possible Centres of Gravity (CoG) for the RED. Each CoG needs to be assessed from the RED viewpoint, considering different Lines of Operation (LoO) for effecting the CoG and variation of Courses of Action (CoA) needed to achieve the impact in the most beneficial CoG. From all the feasible CoA variations, BLUE estimates the most probable to be considered from the RED viewpoint based on their doctrine, previous behaviour and available resources in a given situation. 

Principles for operational-level cyber defence may include:

  • Recognising tempting CoGs in the BLUE system of systems: essential operations, critical data assets, critical sites as single points of failure, critical services that are not replaceable, critical gateways that will prevent information flows or suppresses systems that cyberspace is dependent (e.g., telecommunications, power distribution, cooling, fuel distribution, garbage collection)
  • Innovating potential lines of operation to access the beneficial CoGs through humans, kinetic ways, cyber-attack vectors, supply chains, dependencies, and peripherals.
  • Assessing each Center of Gravity against potential Line of Operation and trying to optimise available RED resources, cost of attack and benefit of the impact.
  • Varying vulnerabilities, costs of attack, and possible benefits in different scenarios will provide probable courses of action available to the RED.
  • Wargame scenarios to find the most probable CoAs RED would probably be executing a given situation.
  • BLUE deploys different tactics to defend the potential CoGs and finds ways and means to prevent or nullify the RED CoAs until only the most probable remain. BLUE considers active and passive means and ways to address most RED CoAs. 
  • Then BLUE arranges the critical assets' concealment, mock-ups, and hardening. Along the most probable attack vectors, BLUE sets digital sandboxes and honey pots together with physical engagement zones and counter agents. 
  • BLUE establishes reconnaissance, anomaly pattern recognition, movement detectors, and thresholds to detect RED manoeuvre in physical, cyber, and information spheres.

Examples:

BLUE cyber intelligence indicates that RED has created a new hybrid attack vector to suppress 911 telephony service within a region or nation. The situation where people do not get help from 911 may create fear, terror, and panic, mainly when a large number of people gather for an occasion. BLUE operational planning may come up with the following preparations:

  • prepare information distribution through broadcasts, flyers and messengers to ensure correct information and diminish rumours 
  • prepare to switch from 911 SS7 signalling to other signalling options 
  • prepare parallel ways to communicate and receive help like mobile apps, social media or portals 
  • post a soldier with a radio at each crossroad and deploy more police patrols and ambulances on the streets.

BLUE information exchange and cooperation between government agencies are harassed by continuous spear-phishing through the Internet email system. After some dignitaries become victims of phishing and get their data wiped, users are afraid to open any attachments, even from known senders and are quickly losing their trust in the email system. BLUE Cyber Defence Operation planning may come up with the following means to mitigate the quickly escalating situation:

  • Lessen the probability of opening malevolent attachments by encrypting all official emails and attached files. Only encrypted emails are safe.
  • Replace email with a cloud-based digital workspace and establish users' access to this service through encrypted sessions.
  • Bypass the Internet-based information exchange by extending and sharing existing intranet services between government agencies.

RED information operation trolls are spreading disinformation through common social media platforms, and malevolent bots are emphasising the flow of disinformation. BLUE Cyber Defence Operation planning may come up with the following means in support of BLUE Information Operations:

  • Request social media platforms to terminate trolling accounts
  • Request telecommunication operators to shut down connections to bots
  • Plan and launch a distributed denial of service (DDOS) attack to suppress the troll factories connection to the Internet
  • Plan and launch a cyber-attack to turn off the troll factories' power distribution
  • Plan and launch joint fires to eliminate trolls and bot nodes.

Figure 3: An example of an operational-level view of Cyber Defence 

Strategic-level Cyber Defence

Military strategy is "the art of distributing and applying military means to fulfil the ends of policy"  Policy in this context usually refers to national-level security strategy, which defines the main threat scenarios against the state, its sovereignty, and interests. The model for strategic thinking in a cyber environment is based on a technological approach among the five dimensions of military strategy defined by Atkeson . The technological approach to strategy assesses the technical innovation and ability to render obsolete adversary effectors. In a conflict of system of systems, the strategic advantage can be achieved in three ways:

  1. The adversary achieves a strategic surprise by launching a strike at an unexpected time or place from the Defender's viewpoint. Unforeseen situations may occur when conflicting parties assess risks differently, the other side sees an opportunity for a knockout with the first strike, or the Defender's decision-making process fails. 
  2. Systemic effects are "those indirect effects aimed at affecting or disrupting the operation of a specific system or set of systems".  In a cyber environment, the indirect effects may impact power distribution, shutting down electricity, which takes down the telecommunications networks and suppresses all digital communication and processing.
  3. Strategic advantage may be achieved through technological innovation and deployment of capabilities multiplied by emerging technologies, providing strategic dominance over the other party.  The USA and China compete for strategic dominance, seeking advantages from artificial intelligence, big data, quantum computing, and integrated circuit manufacturing. 

Principles of strategic level cyber defence may include:

  • An attacker has an advantage in their cyber environment and freedom of manoeuvre on the Internet. The Defender has an advantage in cyber environments under their control. Hence, Defender should focus on building technological advantage and maintaining dominance in their cyber environments.
  • Defender's cyber architecture includes redundant and robust means for communications, computing, and storage, so even with 50% losses of infrastructure, the essential services and processes run sufficiently, and data remains accessible.
  • Defender raises a threshold against cyber-attacks, declaring assured retaliation with weapons of mass destruction.
  • Defender prepares to cut their domestic Internet domain from the international Internet to diminish vulnerable surfaces and minimise options for direct attack vectors.
  • Defender builds their national Internet domain based on entirely different programming languages, communications protocols, and integrated circuits. It effectively filters all traffic in and out of their national domain.
  • The Attacker builds and prepares strong offensive cyber capability against the weakly prepared Defender, which deters other power projections.
  • Attacker sources their cyber warriors from industry or cyber-criminal gangs to accelerate offensive cyber capabilities and gain a possibility of strategic surprise.
  • Defender advances the information security architecture (Domain-defined –> Service-defined –> Zero-trust –> Content-defined)  of her cyber environment, keeping the security controls and monitoring resistant against the potential adversary attack vectors.
  • The Defender uses global dominance in economy, trade, science & technology, and cyber-physical manufacturing to slow Attacker's ability to build a more effective cyber arsenal.

Examples:

BLUE operates two domains for essential processes and functions that multiply the Forces Generation and Operation performance. Since both are under BLUE's control, he chooses to build computing performance, one based mainly on Microsoft technology and the other on Linux and Open-Source technology.

There are indications that RED aims to use artificial intelligence to automate and multiply its exploitation arms, achieving attack vectors that are ten times faster within the next ten years. BLUE may come up with the following options:

  • Accelerate BLUE's development and innovation for a more resilient cyber environment and countermeasure tools
  • Eliminate RED's ability to execute the disruptive leap in offensive capabilities
  • Build BLUE's target acquisition and attacking tools and strike the strikers
  • Change the architecture of BLUE's cyber environment so it will nullify the RED's higher performance
  • Build a more robust and redundant cyber environment that could absorb ten times more Attacker's attempts.

BLUE plans to digitalise its forces to gain strategic advantage. With digitalised processes in Generate and Operate functions, the cyber environment extends the vulnerability surface. The estimations of digital transformation outcomes include 20x more lethal and 10x more cost-effective force. The extended vulnerability goes beyond BLUE's risk appetite. BLUE may come up with the following options to mitigate the risk:

  • Accelerate the evolution of information security architecture and leap to Zero-Trust or Content-Based security models, which will diminish the vulnerability surface even if the digital realm grows much broader.
  • Instead of building a joint information domain, BLUE creates several parallel domains that are not dependent on each other and can multiply force effectivity.
  • Outsource their common information domain to global network and application service providers so big that RED cannot take them down. Then BLUE focuses resources on the anti-fragility of tactical and operational information spheres.

Figure 4: Strategic-level view of Cyber Defence


2024-10-04

An Approach to the Development of Military Capabilities


 "Thoughts without content are empty, intuitions [perceptions] without concepts are blind" 

Immanuel Kant

A Story

A fictional discussion in RED and BLUE Ministries of Defence:

  • RED Minister of Defence: "Let’s build up the strength of our standing force from 1 000 000 soldiers to 1 200 000, improve the operational transportation speed of our railways from a brigade/100km/2hrs. to a brigade/100 km/1hr., and establish new factories that can manufacture ten main battle tanks per day.”
  • BLUE Operational Commander after the Intel brief: “RED is aiming to improve their land component operational capabilities to achieve a mass advantage in any part of the area of operation. I need four mechanised brigades to counter the emerging capability within the next three years.”
  • BLUE Land Force Commander: “We do not have tanks, ammunition, mechanised troops, trained tank crews, antitank weapons, air defence, supporting fires, signals, engineers, logistics or facilities to generate four mechanised brigades. Armament acquisition takes at least four years, building training facilities takes five years and generating troops takes minimum two years. Each brigade will need at least 500 million investment and produces 50 million annual operational costs.”
  • BLUE Armed Forces Commander: “We do not have the budget nor time to meet the operational demand. Are there other options to address the emerging threat but building symmetric forces?”
  • BLUE Minister of Defence: “Now is not a good time to propose an increased defence budget because elections are within 1.5 years, and popular opinion demands health care for increasing elderly population. What is the probability that RED will use this increased military power against us?”
The above pictures a clash of several contents in varied contexts!

Approaches to Military Capability Development

Developing military capabilities is always a balanced decision between different contents and contexts projected against variety of probable threat scenarios. European Armed Forces are restoring their capabilities in competition with Russia's accelerated military industry and force generation. Some countries have selected to build symmetric armament, others apply modern technology to squeeze more lethal power from their existing capabilities, and some  do what they can in current circumstances.

In every case, the decision-making in capability building is not an easy task since every decision or non-decision impacts the Armed Forces over an extended time and may lead to peril when threats against national security unfold differently than assumed in environment illustrated in Figure 1. Furthermore, maintaining a portfolio of Military Capabilities is affected, for example:

  • Biased and noisy decision-making in an organisation (Kahneman; Johnson; Heat)
  • Path Dependence (Liebowitz & Margolis)
  • Political guidance (Gray)
  • Society´s resources and culture (Bousquet)

The following process brings some systematic analysis and assessment for the military capability planning to provide longevity, balanced sense-making from different points of interest and continuous evaluation of the situation.

Figure 1: Blue vs. Red military might

Building a Concept for Military Capability Development Decision Support

The analysis and assessment process for capability development uses the SDLC V-model  originally created for developing and testing software artefacts, illustrated in Figure 2. The V-model down-slope analysis follows Kahneman's decision-making strategies  utilizing, for example, the following methods:

  • Clustering follows loosely the US DoD DOTMLPFII-programme evaluation model  but with added Budget checkpoint
  • The concept of Operation uses a standard military CONOPS creation methodology. 

The V-model up slope assessment uses operational research methodology, e.g.:

  • Tactical Assessment utilises Lanchester models, 
  • Operational Assessment deploys QJM models, 
  • Strategic Assessment uses systems thinking models of consumption of strategic assets, and 
  • Political Assessment experiments Threat/Prospering Balancing models. 

Figure 2: Capability analysis and assessment with V-model structure

Detailing the Capability Development Analysis and Assessment Process

The process, as illustrated in Figure 3, main functions work as follows:

  • Military capability analysis receives its input from the changes in potential adversaries (RED) via intelligence information, own forces (BLUE) via business intelligence, or environment (Political, Economics, Sociological, Technological, Legal, Environment [PESTLE])
  • The change indicator recognises the change (military intelligence) and possibly pre-estimates its impact.
  • A detected and identified possible impact is forwarded to problem and/or opportunity analysis. This analysis uses existing national defence and military scenarios to detect whether the change is an opportunity or a problem. During the analysis, the key performance indicators for the solution are defined.

Whether a problem or an opportunity is detected, the top-down analysis is commenced. Suppose the problem has surprised BLUE or evolves faster than BLUE expects. In that case, a fast track forwards a quick fix directly to connecting, where urgent need is fitted into the ongoing force generation process and transformation programme is launched.

  • Problem seeks solutions first parallel through DOTMILBIE (B=budget, E=Equipment) phases, and if it is not found, then proceed towards E until there is a solution that meets the given KPIs.
  • Opportunity seeks possibilities to gain advantages over the RED through a similar sequence of analysis.

The top-down analysis provides a concept of operations (CONOPS) for bottom-up assessment to define the detailed design with a sequence of different level war games. The assessment includes the sequence of:

  1. The technical assessment compares the solution/possibility concept against the current and emerging technical capabilities of an adversary
  2. The tactical assessment compares unit-level combat outcomes and varies with strength, lethality, and protection
  3. The operational assessment compares force-level battle outcomes and varies with the area of operation, mode of operation, weather, and quality of troops.

If similar conditions exist, the three wargaming results are verified in live exercises or operations. The wargaming models learn from lessons identified in the live world.

  1. Strategic assessment compares defence-level assets over time and optimises their sustenance over various operations, environments, resources and crises. The assessment is verified using business intelligence collected from BLUE Force over time.
  2. The political assessment reflects the current and future geopolitical, decision making and other PESTLE-related features at the national political level. The assessment is verified using political intelligence collected from international relationships and political decision-making.

Once the top-down concept is assessed through levels of the bottom-up approach, the resulting solution should be considered, optimised and balanced from DOTMLPFII viewpoints and tested successfully at five levels of current and future confrontation. If not, the CONOPS is returned to the analysis process for reconsideration.

The optimised solution continues to the connecting function, where the solution is compared with the existing capability portfolio (composed of three windows: Current, in Generation, and in Planning). Once the suitable timeslot and financing are found, the optimised solution can be introduced to decision-making: Generate new capability or manage the risk other way. If the decision is towards development, a generation programme becomes a part of a 5-10-20-year plan.

During the defence capability portfolio management, the ongoing programmes are continuously compared to national defence and military scenarios and adjusted per emerging needs.

.

Figure 2: A simplified process for military capability development decision support

The above systematic capability analysis and assessment process provides:

  • Continuous and faster analysis and assessment cycle (years to months) than one-time efforts in slower frequency,
  • Faster learning process with improved connectivity to data sources than with only manual research and assessment,
  • Systematic and less biased/noisy process that survives officer rotation than human-centric and dependent process, and
  • Accumulating a knowledge base that enables further automation enhanced with business intelligence, modelling and simulation, wargaming and digital twins.

References

https://euro-sd.com/2024/09/articles/40091/polands-future-armed-forces-take-shape/
https://lordslibrary.parliament.uk/uk-defence-policy-and-the-role-of-the-armed-forces/
https://www.kaitseministeerium.ee/riigikaitse2026/arengukava/eng/
https://en.wikipedia.org/wiki/V-model
https://ia.eferrit.com/ea/e22c190431de180e.pdf&hl=en&sa=X&ei=OhwAZ47NBYWoy9YPtZ-o2Q4&scisig=AFWwaeZLfyOb_lmWYlAEgljNYIGd&oi=scholarr
https://eda.europa.eu/docs/default-source/eda-publications/enhancing-eu-military-capabilities-beyond-2040.pdf
https://www.dau.edu/acquipedia-article/concept-operations-conops
https://www.jstor.org/journal/milioperresej
https://en.wikipedia.org/wiki/Lanchester%27s_laws
https://orion.journals.ac.za/pub/article/view/455
Jackson, Michael, C. (2018) Critical systems thinking and the management of complexity, Wiley, 
https://www.dni.gov/files/ODNI/documents/assessments/ATA-2024-Unclassified-Report.pdf

2024-09-21

Nine Approaches to Transformations

Intro

A recent study by McKinsey sees that digital technology will continue driving and forcing organisations to transform.  Their survey found that 89% of the respondents had launched some digital transformation. Unfortunately, they only captured 31% of the expected revenue lift and realised just 25% of the total expected cost savings. Transformation of socio-technical enterprise is challenging and becomes increasingly challenging according to Mustafa Suleyman and Michael Bhaskar or Simon Johnson and Daron Acemoglu . 

Introducing new technical opportunities, migrating legacy content in new processes and knowledgebases, introducing new ways of working, providing people with new competencies and career paths, providing new value to customers, and opening potential markets to grow is not easy to orchestrate over months and years while most of the old structure, operational costs expenditure, laggards among personnel, habituated customers, and sub-optimised shareholders are setting obstacles on the transformation paths.

This essay studies nine approaches to transformation from a personal experience perspective, aiming to summarise their feasibility to a challenge: Project portfolio, Engineered swimming lanes, Capability portfolio, Digital transformation, Linear change management, Organisational transformation, Culture driven transformation, Operational performance optimization and co-designed social change. 


Figure 1: Nine ways to approach transformation 

1. Project Portfolio

The first approach, and sometimes the simplest, is a project portfolio. The portfolio analyses the current situation (AS-IS). It defines where the enterprise needs to be in the end state (TO-BE). These two positions represent the end of the transformation roadmap. The number of projects (Temporary endeavours intended to create a specific unique outcome)  is established to provide one tangible step after another to take the enterprise towards its visioned end state, as illustrated in Figure 2.

Figure 2: A classical project portfolio approach in transformation

Naturally, the portfolio will include interdependent projects, so their timing and scope need to be well adhered to proceed with firm steps. Unfortunately, as always with a human endeavour, there are typical pitfalls that need mitigation:

  • Original project plans cannot consider all variants in the future and, therefore, need adjustment to the portfolio's situation before launch.
  • Outer forces always affect the transformation, so minor and more extensive amendments are needed to keep paths clear and steady.
  • Measuring only projects' achievements does not drive the transformation, so leading and lagging indicators are required to keep a steady pace at the transformation level.
  • Project management may be in everyone's comfort zone, so natural tendency may focus on project-level doings while deviating from the end state and achieving milestones on the way.

The project portfolio is feasible in shorter transformations where migration or change does not fit the current organisational structure but requires temporary ways to arrange people to deliver the outcome. The portfolio may be actionable in cases where technology needs modernising and end-user training.   

2. Engineered Swimming Lanes

A slightly more structured approach compared to the project portfolio is the engineered or designed swimming lanes way to arrange projects in the portfolio. For example, the swimming lanes may be defined in a military way (DOTMLPFII  or TEPIDOIL ) or architectural way (facilities, technology, information, processes, competencies, business value streams, products ). The swimming lanes are sometimes divided into phases, such as the COBIT plan, build, and run, to align life cycles between each project and make procurement easier to manage, as illustrated in Figure 3.

Figure 3: Transformation arranged as swimming lanes with life cycle phases

The swimming lane approach is feasible in engineering and specification-led transformations, e.g., large ERP  or C5ISTAR  implementations. Naturally, there will be challenges like:

  • Focusing only on each lane but forgetting the impact in other lanes, like producing doctrines (D) or tactics, techniques and procedures (TTP) without implementing them in the information systems (I) or training them to operators (T).
  • When several projects must achieve the RUN phase simultaneously to enable some significant change, individual project-level delays may ruin the entire plan. Hence, intermediate solutions or alternative projects need to be in place to ensure reliability.
  • Focusing on lanes will not deliver the transformation. Hence, clear leading and lagging drivers  must keep up the pace on roads towards TO-BE.


3. Capability Portfolio

Stepping more strategically, larger enterprises, especially the military, need to manage the life cycle of their core capabilities and assess their impact in the market or area of operation against their adversary or competitor capabilities.  For example, in military affairs, some capabilities are based on platforms (e.g., main battle tank) with several decades' long life cycles. Maintaining their applicability and reliability with mid-life updates (MLU) is cost-effective if the adversary is not aiming to disrupt with faster evolution (arms race ). Capability may comprise life cycle lengths varying from 30+ years to 24 hours, as illustrated in Figure 4.

Figure 4: Capability portfolio managing life cycles

Transformation is managed through the life cycle, calling platforms to the assembly line for MLU, which is typical for the main battle tank, fighter attacker, or frigate. Migration and replacement projects are typical for information technology hardware, whose life span seldom lasts five years. Software updates and patches are more frequent and require continuous integration (CI)  processes run by existing development and operation organisations. 

The capability portfolio also manages personnel, training, facilities, and other elements. Common mistakes observed using this approach:

  • Not understanding which elements have the shortest life span or are more sensitive to warehousing environment changes. Some armaments may run on old operating systems, creating a significant vulnerability when connected to other effectors. Rocket engines, integrated circuits, and electricity require stable warehousing conditions.
  • Retiring a long-served platform or arm also retires all trained reservists, gravely impacting the war-time order of battle.
  • Not following the technical life cycle but extending hardware or software life span for cost-saving reasons may lead to higher replacement costs (Year 2000 bug)  or dependency on rare technical competencies (legacy software ).
  • Not following adversary (or competitors') intentions, deploying higher-performing sensors and effectors, and keeping old equipment stocks may lead to strategic surprises during the first engagement days. 

4. Digital Transformation

Digital transformation is developing organisational and technology-based capabilities that allow an organisation to continuously improve its impact against adversaries in operation, lower its operation costs, and, over time, gain and sustain operational or strategic advantage over adversaries.  Projects cannot deliver digital transformation, which requires changes at all layers of the enterprise: technology, information, processes, and affairs, as illustrated in Figure 5.

Figure 5: Gears of Digital Transformation

The continuous transformation cycle  needs a technical foundation where information is digitised using platforms. The platforms enable organisations to digitalise their processes, improve cost-efficiency, create new products, or provide new value. Based on digitised information and digitalised processes, organisations may seek significant changes in their business, making sense of areas of interest (network-enabled capabilities ) or deploying effectors (Mosaic Warfare ). 

Digital transformation requires to build a culture and operation model for an enterprise and hence vulnerable, for example:

  • Political or owner's agenda changes resources or mission. Swedish Defence Force was building Nätverksbaserade Försvaret  in early 2000 to transform their capabilities and address the future Russian threats when a political decision cut their resources and changed their mission.
  • Focusing on technology roll-out but forgetting to transfer human behaviour 
  • Focusing on process performance and productivity indicators to gain cost-savings but not using opportunities to find new ways for affairs. 

5. Linear Change Management

The classical change management models of Kanter (1992)  and Kotter (1996)  explain several sequential steps to take in managing organisational change. The first step usually includes defining the organisation's position, why change is required, and the situation's urgency or "burning platform". Then, there is a need for strong leadership and a capable team to define and communicate the vision. Communication spurs action, and leader enables it by empowering and removing obstacles. On the road to change, a leader celebrates achievements and anchors them in the organisation's structure. Finally, there is no way to return, and the organisation may only mature and achieve a new equilibrium, as illustrated in Figure 6.

Figure 6: Linear steps in the transformation path

Naturally, the sequence of steps does not address the change because it was initially defined from common mistakes made by studied organisational changes. Nevertheless, change management approaches transforming affairs/business as a complex socio-technical system. It puts human and working society at the centre of the transformation. 

Change management may fail in numerous ways:

  • Communication is the leverage for action, but humans usually need to hear WHY and what is there for me, our team, and the higher good. Purpose enhances motivation, which accelerates action. Many transformations claim that communication mistakes cause failures in change.
  • Suppose the vision and communication do not visualise a new or better purpose after the transformation. In that case, the legacy culture eats many good ideas for breakfast. 
  • Even after successful communication, there will be friction on the journey and pure opposition to change. An average of 30% of personnel will oppose or be passive when facing the change.  
  • Suppose the strong leader is not walking the change talk. In that case, the vision and journey remain distant and threatening to personnel. They do not hop on the transformation train.

6. Organisational Migration

Firmly established institutions with a long history cannot change because the culture, heritage and values of organisations and people are fixed. Radical transformations of affairs, business or operations require smaller units outside the parent organisation to experiment and grow in new ways. Some experimentations may fail, but some may scale fast in new ways of doing things. The parent enterprise arranges promising subsidiaries under a new viable enterprise model to meet the future. As illustrated in Figure 7, the old structure and operation methods will be terminated.

Figure 7: Organisational transformation through migration

Military Forces launch these probing organisations as Future Force Units, experimenting first in exercises, then limited level in operations before launching more comprehensive force generation and deployment. Commercial organisations may acquire and merge small entrepreneurs with new technology products or extend markets to keep up with their competitors.  Other companies innovate new ways of doing business, products, and operations with their partners, within governmental innovation incubators, or in cooperation with universities.  

Since transformation aims after the radical restructuring of affairs or disruption of social structure, mergers, acquisitions, innovation networks, or consortiums face many confronts, for example:

  • Leaders proceed without ruthless modelling and simulations with unrealistic expectations of new ways. Eventually, they do not realise the imagined value, meet the political risk appetite, or survive on the battlefield as expected. 
  • Integrating smaller, agile, more entrepreneurial cultures under the established institutional culture fails because of culture clashes, organisational misfits or power structure. 
  • "military organisations are societies built around and upon the prevailing concepts of war. A challenge to an established concept is a challenge to the organisation's social structure." Institute and culture eat experimenting subsidies for breakfast. 

7. Culture-driven

Organisational culture can be perceived as consistent, observable behaviour patterns in organisations. Incentives powerfully shape culture. Culture defines the process of "sense-making" in organisations.  Therefore, culture cannot be bypassed if transformation aims to change profound ways in the organisation. The culture-driven transformation starts with leadership, whose sense-making, behaviour and incentives must be changed first. Based on visible changes in leadership, their stories of different purposes towards a better future have more credibility to spread among personnel, creating further stories of new purposes and values. Storytelling  empowers people to behave differently, seek new ways, and acquire new competencies. The shared journey towards the vision establishes new connections among people, binds new links and incubates new ideas. The different transparency and open communication provide leadership with better information, improving organisational sense and decision-making. A positive cycle of continuous cultural transformation, illustrated in Figure 8, transfers people's behaviour, migrates information towards new flows, and acquires new technology.

 

Figure 8: Culture-drive transformation

No cohesive culture exists in any enterprise , so culture-driven transformation is not straightforward. For example:

  • If the storytelling does not emphasise strategic goals and value creation, the subcultures hang on to better legacy stories. The fighter pilot stories of the Air Force culture do not quickly transfer to heroic stories of remote controllers or successful missions of unmanned aerial vehicles (UAV). 
  • Central Transformation Office cannot monitor cultural-level powers since they are not visible in project or enterprise resource management systems. The cultural transformation indicators can only come from the business leaders and commanders.
  • Influencers (individuals in the business unit who have large, informal social networks and are trusted and respected by others for their transparency, institutional knowledge, and ability to make sense of change) and those responsible (for initiatives, their implementation and new ways of value creation) approaches may differ in units and forces. Their alignment is essential in creating stories that empower personnel towards the journey. 
  • Each unit may have different role models for virtuous behaviour. Units use different concepts and terminology for understanding and conviction. Formal reinforcement mechanisms are different for each Service . Self-confidence, teamwork, and skill building differ between Navy and Land Forces or Sales and Manufacturing.  These foundational cultural differences require different stories, echoed by influencers in proximity and expected from their commanders or managers.

8. Operational performance-driven

Affairs or business-level transformation may focus only on improving a process or operational performance. Performance improvement may be compliance, quality, productivity or maturity-oriented, as illustrated in Figure 9. All the above are feasible if the process or operation is at least the maturity level "defined". Below that maturity, other means are better. The quality approach improves, for example, process reliability, standardisation or best practice, and product or service quality. There are also quality frameworks for the entire enterprise.  

Continuous improvement of operations (LEAN or Toyota  approach) is part of the organisational culture that brings problems upfront, eliminates all waste (muda) in continuous effort (kaizen), and uses the pull principle to avoid overproduction and storing along the value stream.

Capability maturity improvement  is the third approach in this category. Starting from US DOD requirements for software development quality, the CMMI models have expanded to help organisations understand their capability and performance. They offer a guide to optimise business results using good practices, performance measuring, reliability and life-cycle costs analysis, and sustainability estimations. 

Figure 9: Operational or process performance-driven transformation

Operational optimisation improves the quality of service, output and cost-efficiency, but implementing it may face the following challenges:

  • Even a CMMI 5-level software developer fails if the definition of the requirements is unclear, the required effort is underestimated, or the outcome is expected within the unrealistic deadline. 
  • Performance is evaluated, and certifications are granted for an organisation, never being established at behavioural or cultural levels. 
  • LEAN transformation is a strategy that cannot be delivered as a project. Continuous improvement requires continuous measurement and ridding of evident waste. The understanding and need for action should be written in policies and adapted to the culture. 
  • LEAN is a holistic transformation involving the entire enterprise. It takes years to accomplish and requires involvement from all personnel, not only the early adaptors. 
  • None of the quality management applications are successful if the management does not support them, there is no connection to financial performance, and process performance goals are not established or measured. 

9. Social, Co-design driven

A broader social change requires better tools than projects, programs, portfolios or implementations of strategies. One approach for social change is co-design, which uses design thinking methodology but in a more cooperative nature.  Design thinking is a method teams use to understand users, challenge assumptions, redefine problems, and create innovative solutions for prototypes and tests. Design thinking includes the phases of 

  1. empathise with the society or user group, 
  2. defining their challenges and possible solutions.
  3. cycles of prototyping and testing will provide a solution that everyone can agree on
  4. deployment may begin.  

There are three approaches societies or enterprises may use to free people to solve problems in Figure 10. Emancipation delegates authority to new teams to seek and test solutions, establish a unit, and merge back into society or affairs after maturation. Liberation empowers personnel to innovate and improve (Google's 20%-time policy)  anything they are passionate about. Abolition is a method to reform existing behaviour by banning constraints or freeing people from current legislative or social codes to find more suitable codes of conduct as a society.  In the enterprise, this may be implemented by establishing subsidiary companies outside of the parent company's institutional management and letting the subsidiary find the best ways of production and engage with their customers with a more entrepreneurial culture. 

Figure 10: Co-design approach to social transformations

Degrees of freedom, delegation, and understanding of outcome may vary in the three levels of co-design. So do the challenges in using this method for transformation, for example:

  • Co-design is an iterative and collaborative process, which can make it difficult to predict outcomes. Institutes may perceive this lack of predictability as high-risk and hesitate to invest. 
  • Attempts to innovate new behaviour and value fail because long-term plans are missing, lack of innovation or entrepreneurial mindset, fear of failing, lacking means to engage competent people, or lack of budget. 
  • According to the statistics from the US, about 45% of new companies fail within the first five years. The reasons for failures may include not understanding the market, establishing the business processes, not having enough starting capital, or expanding too fast. 


 REFERENCES:

Lamarre, Eric; Smaje, Kate; Zemmel, Rodney. Rewired: The McKinsey Guide to Outcompeting in the Age of Digital and AI (p. 1). Wiley. Kindle Edition.

  Suleyman, Mustafa; Bhaskar, Michael (2023): The Coming Wave - Technology, Power, and the Twenty-First Century's Greatest Dilemma

  Johnson, Simon; Acemoglu, Daron (2023): Power and Progress - Our Thousand-Year Struggle Over Technology and Prosperity

https://www.linkedin.com/pulse/msp-managing-successful-programmes-singh-msp-pmp-csm-/
  AXELOS: Management of Successful Programmes; Programme impact matrix

https://en.wikipedia.org/wiki/DOTMLPF

  https://en.wikipedia.org/wiki/Capability_management

  https://guides.visual-paradigm.com/understanding-the-architecture-content-framework-in-togaf-a-comprehensive-overview/

  https://en.wikipedia.org/wiki/Enterprise_resource_planning

  https://www.redcom.com/what-is-c5isr/

  https://www.intrafocus.com/lead-and-lag-indicators/

https://discover.dtic.mil/wp-content/uploads/809-Panel-2019/Volume3/Recommendation_37.pdf
 
 https://www.britannica.com/topic/arms-race

  https://en.wikipedia.org/wiki/Continuous_integration

  https://en.wikipedia.org/wiki/Year_2000_problem

  https://www.droptica.com/blog/5-problems-working-legacy-software-how-deal-them/

https://www.airandspaceforces.com/article/0392stealth/

  Applied from Lamarre, Eric; Smaje, Kate; Zemmel, Rodney. Rewired: The McKinsey Guide to Outcompeting in the Age of Digital and AI (p. xiv). Wiley. Kindle Edition.

  https://mitsloan.mit.edu/ideas-made-to-matter/5-building-blocks-digital-transformation

  https://en.wikipedia.org/wiki/Network-enabled_capability
 
 https://www.darpa.mil/work-with-us/darpa-tiles-together-a-vision-of-mosiac-warfare

  https://www.foi.se/rest-api/report/FOI-R--0671--SE

https://www.cio.com/article/278677/enterprise-resource-planning-10-famous-erp-disasters-dustups-and-disappointments.html
 
 https://c4isys.blogspot.com/2024/03/contemporary-operational-theatre-and.html

  Rosabeth Kanter, Barry Stein, and Todd Jick: ”Implementing Change” chapter in The Challenge of Organizational Change (Free Press, 1992)

  John Kotter: Leading Change: Why Transformation Efforts Fail, 1996

https://hbr.org/2012/09/ten-reasons-people-resist-chang

  https://en.wikipedia.org/wiki/List_of_mergers_and_acquisitions_by_Alphabet

  https://www.a-star.edu.sg/enterprise

  https://direct.mit.edu/isec/article/47/2/48/113546/Dangerous-Changes-When-Military-Innovation-Harms

  https://orgmapper.com/why-do-mergers-and-acquisitions-fail/
  https://ssl.armywarcollege.edu/DCLM/pubs/Military%20Innovation%20Through%20Brilliant%20Mistakes%20(Hill,%20Allen,%20Army,%20July%202014).pdf

  https://hbr.org/2013/05/what-is-organizational-culture

  https://www.forbes.com/sites/isaacmizrahi/2019/02/19/storytelling-is-a-different-story-for-each-culture/

https://www.mckinsey.com/capabilities/people-and-organizational-performance/our-insights/a-single-approach-to-culture-transformation-may-not-fit-all

  Mansoor, Peter R.; Murray, Williamson. The Culture of Military Organizations (p. iv). Cambridge University Press. Kindle Edition

  https://www.mckinsey.com/capabilities/people-and-organizational-performance/our-insights/a-single-approach-to-culture-transformation-may-not-fit-all

  Mansoor, Peter R.; Murray, Williamson. The Culture of Military Organizations (p. iv). Cambridge University Press. Kindle Edition

  https://www.mckinsey.com/capabilities/people-and-organizational-performance/our-insights/a-single-approach-to-culture-transformation-may-not-fit-all

https://efqm.org/the-efqm-model/

  https://en.wikipedia.org/wiki/The_Toyota_Way

  https://cmmiinstitute.com/

  https://cmmiinstitute.com/resource-files/public/take-your-organization-to-the-next-level

https://www.diva-portal.org/smash/get/diva2:835753/FULLTEXT01.pdf

  https://aisel.aisnet.org/cais/vol17/iss1/36/

  https://kaizen.com/insights/why-are-most-companies-failing-with-lean-implementation/

  https://kaizen.com/insights/why-are-most-companies-failing-with-lean-implementation/

  https://www.villanovau.com/articles/six-sigma/avoid-six-sigma-project-failure/

  Noel, Leslie-Ann (2023) Design Social Change: Take Action, Work Toward Equity, and Challenge the Status Quo. Standford d.school Library

  https://www.interaction-design.org/literature/topics/design-thinking

https://medium.com/@nareshnavinash/googles-20-time-policy-60d5706084be

  https://www.dissentmagazine.org/article/abolition-as-method/

  https://www.macementer.com/insight/co-design-is-dangerous

  https://www.ideapoke.com/growthleader/reasons-innovation-fails/

  https://www.investopedia.com/financial-edge/1010/top-6-reasons-new-businesses-fail.aspx

2024-09-13

MULTI-DOMAIN APPROACH FOR ADVANTAGE IN CONFRONTATION AND CONFLICT

 Bottom Line Up First

U.S. DoD and NATO aim to build Multi-Domain Operation capabilities after successfully deploying Joint Operation capabilities during Desert Storm 1991. The chosen approach seems a logical and natural next step from a force and defence industry viewpoint. Unfortunately, from an adversary viewpoint, the best Armed Forces with Multi-Domain Operations capability constrained by the perception of war and peace is vulnerable to flanking manoeuvre through information, cognitive and social realms. A textbook example of Sun Tzu's lesson is "To subdue the enemy without fighting is the acme of skill."

Striving after Multi-Domain Operations Capabilities

The U.S. DoD has been developing the concept of Joint Operations since the Goldwater-Nichols Act 1986 and used it masterly in Desert Storm 1991 so well that at least the Chinese PLA launched their reform.  

Contemporary militaries are evolving their operational concept from Joint Operations towards Multi-Domain Operations. NATO defines the approach as the "push for NATO to orchestrate military activities across all operating domains and environments. These actions are synchronised with non-military activities and enable the Alliance to create desired outcomes at the right time and place." The Domains NATO names as "Maritime, Land, Air, Space and Cyberspace".  


 Figure 1: A Poster of Multi-Domain Operations Symposium, AUSA 2024 © Greater Los Angeles Chapter Association of the U.S. Army


The U.S. DoD's next step in evolution is called Joint All Domain Operations. "JADO shifts the focus from 'multi-domain', which individual services have been operating in for decades, and places it back on tackling the challenges of joint operations."   The U.S. aims at a combined, connected  arms (without the Service structure) force that senses and effects as one through all domains and can host combined units from other nations. The concept has also been called "Mosaic warfare". It is enabled by the emerging technology experimented on in The Project Convergence exercises . DARPA is promoting mosaic warfare as "combining weapons we already have today in new and surprising ways, introducing manned-unmanned teaming, disaggregating capabilities, and allowing commanders to seamlessly call on effects from sea, land or air depending on the situation and no matter which of the armed services is providing the capability." 

Where did We Come and Where to Go with Multi-Domain

The Multi-Domain concept is not new. Guderian joined close air support from the Luftwaffe with his Pantzer-formations since horse-towed artillery was too slow to support mechanised armies.  The electromagnetic environment has been an established fighting domain since the introduction of radars, navigation and radio during the II WWW.  The U.S. DoD has been coordinating three Services capabilities towards one Joint objective.  With the spreading of the Internet, the cyber environment has become a viable avenue, first for espionage  and later for attacks like the Russian attack against Estonia in 2007  and the U.S.-led coalition Stuxnet attack against Iran in 2010 . Currently, at least the UK MOD and U.S. Army are promoting the doctrine of Cyber and Electromagnetic Activities as combined arms effects.  

Space has been used to support military capabilities since the Gold War. After the development of anti-satellite weapons and their testing since 1958, Space has become a battlefield.  See the evolutionary path illustrated in Figure 2.

Figure 2: Evolution of domains in military conflict

Multi-Domain or Joint, All Domain Operational capabilities are in a linear evolutionary path for the Armed Forces to aim. Furthermore, the defence industry is promoting technologies enabling connectivity, plug-and-play integration of platforms, and automation for faster reaction, robust survivability, and combined effects from all domains.  

In the future, the strategic advantage will be based on improved connectivity, faster OODA-loop, and combined effect over the entire adversary system. Does everybody follow the evolutionary rules or play the same game?

How is the Multi-Domain Approach Doing in the Contemporary Continuum of Conflict?

Since the 2010s, the U.S. military planners have recognised the continuum of conflict from low to high intensity  rather than black-and-white peace and wartime in the Westphalian system . Continuum models illustrate a variety of dimensions along the line of cooperation – competition – confrontation – conflict, including non-state, hybrid and state conflicts or narrative, a zero-sum and non-zero-sum in Joint Concept for Integrated Campaigning 2018.  Militaries globally have been studying how to engage U.S. Military Power with other means and ways, as stated by Hoffman and Mattis 2005: 

"Our conventional superiority creates a compelling logic for states and non-state actors to move out of the traditional mode of war and seek some niche capability or some unexpected combination of technologies and tactics to gain an advantage."

The Chinese (PRC) PLA's recognition and understanding of the current form of war is one of "informatisation" and "intelligentization", where battlefield dominance is achieved through information technology and networked forces, increasingly assisted by automation and artificial intelligence.  They see that patterns of warfare have changed from attrition-based warfare (although the fact in Ukraine)  patterns carried out at the front to information firepower strikes and network-electronic integrated confrontations that occur throughout the battlefield or even globally. The PLA concept of operations includes three lines:

  1. "Collective operations refers to the need to develop a range of interconnected operational systems that can work cooperatively, coordinate the combination of military and non-military measures outlined above, and achieve the PRC's desired war outcomes."  Possibly, the PLA's definition of the Multi-Domain Operations concept.
  2. "Asymmetric strikes are enabled by a thorough understanding of the enemy's operational system and focused on attacking key vulnerabilities, weakening the enemy's operational strength, capabilities, and potential by applying resources as efficiently as possible."  Possibly refers to ways to project power other than through contemporary military domains.
  3. "Paralysing the enemy's systems centres the tailored application of force to reduce key areas of an enemy's functionality and gain initiative and control of battlefield developments."   It possibly indicates more innovative avenues of effect and centres of gravity.

These three lines of operation are combined with "war control",  which may refer to controlling the scope, scale, and pace of war.

The PRC also has a more holistic view of the competition over Diplomatic, Information, Military, Economy, Technology, Infrastructure and International relationships through the Belt and Road Initiative, the Global Development Initiative, and the Global Security Initiative.  Beijing is pursuing "efforts short of armed conflict by expanding coercion to new fronts, violating principles of sovereignty, exploiting ambiguity, and deliberately blurring the lines between civil and military goals", as described in the U.S. National Defense Strategy of 2018. 

Russia, on the other hand, was relatively successful in launching operations in Georgia, Ukraine, Syria, and Middle Africa, manoeuvring within the continuum without crossing the red line of war. Only the 2022 intention to launch a coordinated "blitzkrieg" to capture Kyiv and change the government exposed their main incapability at strategic, operational and tactical levels of warfare.  Nevertheless, the Russian ability to wage information operations  supported by cyber-attacks  and salvos of hundreds of missiles and drones are impacting NATO and Ukrainian political decision-making and structures.

Russia has long been preparing the foundation for their influence operation among domestic and European populations. After the first three months of Russian "Special Operation", some Ukrainians still believed in the de-Nazification of Kyiv.   Over 2.5 years of war, the majority of Greece, Bulgaria, and Italy citizens do not want to send more weapons to help Ukraine win.  Most of the citizens of Hungary, Slovakia, and Bulgaria do not perceive Russia as a threat.  Armenia, Bosnia and Herzegovina, Georgia, Moldova, and Serbia are torn between Russian influence and willingness to become members of the European Community. 

It appears that all countries and militaries are not capable or willing to follow the Multi-Domain competition but play a different game around the military strong points. While Western militaries are building Joint Multi-Domain capabilities in physical and cyber realms, China and Russia are joining their efforts over cyber and information realms to bypass the Multi-Domain militaries waiting behind the war threshold and target both political and population cognitive and social structures with information and kinetic means for terror. 

Figure 3 illustrates the confrontation between two entities. BLUE is an open society and economy with 4th industrial supporting advanced military force but constrained by Westphalian Peace-War definitions. RED is projecting its power more flexibly through the entire spectrum of realms: Physical, information, Cognitive and Social without breaching the line of  War. RED operates in the information realm, using available channels to plant perceptions, beliefs and memes in the cognitive sphere (human perception).  The planting is harvested at the social level where opposing sides spread xenophobia, media bubbles are enforced, and wildly spreading memes are faster than any truth. Cyber attacks and physical destruction support the main information operation of the critical infrastructure in the physical realm.  The RED Multi-Domain approach differs from BLUE militaries space, air, land, sea and cyber. The Jointness of RED hybrid operations is created by controlling information operations, cyber operations and kinetic actions of criminals and terrorists. The Joint impact is multiplied in BLUE media channels, affecting BLUE political and public opinion. The War Control targets soft spots, triggers a small impact and lets the adversary system multiply its effect. It sounds like Sun Tzu's optimum strategy to win the battle without fighting. 

 

Figure 3: Difference of the game between some countries DIME power projection

It may be wise for the Western Armed Forces to consider more of the Total National Defence (Totalförsvaret  in Sweden and Kokonaismaanpuolustus  in Finland) besides getting finally rid of the legacy boundaries of different Services on the battlefield.


References:
https://www.rand.org/pubs/research_reports/RRA1560-1.html
https://www.act.nato.int/article/mdo-in-nato-explained/
https://www.japcc.org/flyers/all-domain-operations-in-a-combined-environment/
https://www.defensenews.com/artificial-intelligence/2023/04/28/connectivity-will-make-or-break-us-military-use-of-ai-official-says/
https://www.defense.gov/News/News-Stories/Article/Article/3692664/project-convergence-capstone-4-works-to-integrate-joint-multinational-defense-s/
https://www.nationaldefensemagazine.org/articles/2018/11/16/darpa-pushes-mosaic-warfare-concept
https://en.wikipedia.org/wiki/Heinz_Guderian
https://en.wikipedia.org/wiki/Electronic_warfare
https://www.rand.org/pubs/research_reports/RRA1560-1.html
https://en.wikipedia.org/wiki/Cyberwarfare
https://icds.ee/en/the-bronze-soldier-crisis-of-2007/
https://en.wikipedia.org/wiki/Stuxnet
https://www.researchgate.net/publication/354879784 _Cyber_and_Electromagnetic_Activities_and_Their_Relevance_in_Modern_Military_Operations
https://en.wikipedia.org/wiki/Anti-satellite_weapon
https://www.baesystems.com/en-us/definition/mosaic-warfare
https://www.leidos.com/insights/what-mosaic-warfare
https://en.wikipedia.org/wiki/Conflict_continuum
https://en.wikipedia.org/wiki/Westphalian_system
https://www.jcs.mil/Portals/36/Documents/Doctrine/concepts/ joint_concept_integrated_campaign.pdf? ver=2018-03-28-102833-257
James Mattis and Frank G. Hoffman, “Future Warfare: The Rise of Hybrid Wars,” Proceedings 131/11/1233 (November 2005), <www. usni.org/magazines/proceedings/2005-11/ future-warfare-rise-hybrid-wars>.
https://www.rand.org/pubs/research_reports/RRA1535-1.html
https://interpret.csis.org/chinese-assessments-of-the-war-in-ukraine-2-years-on/
https://www.rand.org/pubs/research_reports/RRA1535-1.html
https://www.rand.org/pubs/research_reports/RRA1535-1.html
https://www.rand.org/pubs/research_reports/RRA1535-1.html
https://www.rand.org/pubs/research_reports/RRA1535-1.html
https://chinapower.csis.org/20th-party-congress-china-military-pla-cmc/
https://thestrategybridge.org/the-bridge/2023/8/28/chinese-political-warfare-a-strategic-tautology
https://www.defenseone.com/threats/2022/03/five-reasons-why-russia-struggling-ukraine/362636/
https://www.defenseone.com/ideas/2022/04/dont-sleep-russian-information-war-capabilities/364050/
https://www.reuters.com/markets/europe/european-us-regulators-tell-banks-prepare-russian-cyberattack-threat-2022-02-09/
https://www.defenseone.com/ideas/2022/04/dont-sleep-russian-information-war-capabilities/364050/
https://ecfr.eu/publication/the-meaning-of-sovereignty-ukrainian-and-european-views-of-russias-war-on-ukraine/
https://www.aljazeera.com/opinions/2023/2/6/why-some-eu-countries-still-harbour-pro-russian-sentiments
https://carnegieendowment.org/research/2024/05/bosnia-moldova-armenia-between-russia-eu
https://insightnews.media/how-russian-disinformation-works-in-europe-babakovs-hacked-emails/
https://insightnews.media/russias-military-unit-54777-disinformation-and-psychological-operations-abroad/
https://barrystrauss.com/fighting-smart-a-lesson-from-sun-tzu/
https://www.forsvarsmakten.se/sv/om-forsvarsmakten/totalforsvaret/
https://fi.wikipedia.org/wiki/Kokonaismaanpuolustus