Data “Strategy” in a Military Enterprise

What are the ingredients of a Military Data Strategy? Is there a Data Strategy? How does the approach to the digital economy reflect in military data strategy? 

In its current strategic plans, the military aspires to be a data-driven organisation, data-centric, data-dominant over potential adversaries, or data-use as a force multiplier. Those words echo current trends, but how are they defined in the roads the military must journey to gain more value from its data?

This article creates a definition for data “strategy” for military affairs and studies five data strategies from Europe and the US to see how their approaches differ from data maturity, enterprise architecture, strategic approach, and contextual viewpoints.

Figure 1: Essential components in the military strategic approach to data

1. So-called ¨Data Strategies¨ with the Military

In the military, strategy is perceived as a theory of victory. It explains how to use force to achieve political objectives in war.  A typical military strategy comprises Ends, Ways and Means following the Lykke model, defining “Strategy equals Ends (objectives toward which one strives) plus Ways (courses of action) plus Means (instruments by which some end can be achieved).“  

Data is recognised within an Enterprise Architecture as one domain or approach separate from or within the information domain. The TOGAF data domain resides between business and applications. Moreover, data architecture aims to translate business needs into data and system requirements and manage data and its flow through the enterprise.  Digitisation has increased data value, and digital transformations, if successful, have gained strategic advantages in business performance.  With digitalisation, military affairs value data, especially in multi-sensor surveillance, intelligence analysis, predictive maintenance, resource optimisation, force generation, and decision-making. The amount of collected data, big data, has been perceived as a game-changer or force multiplier.  

Combining data and strategy to create a data strategy provides a focused view of military affairs' achieving strategic Ends using data as a Means or data-related tools as Ways to enable or multiply capabilities. Hence, data strategy is more of an implementation plan to achieve goals in the Defence Strategy. While the global digital economy recognises three different approaches:  Market-driven (US), rights-driven (EU), and state-driven (CHI). Because of access issues, sampling for data strategies is done only from the US, Australia, and Europe. 

Therefore, the data strategic principles in military affairs are defined as:

• Recognised threat and technology development environment that may provide the adversary an advantage or an emerging vulnerability in their data structure.
• Ends defined in military affairs (processes, business) terms
• Data-related Ways: Analytics, data science, data fusion
• Data as Means: Big data, metadata models, semantic models, integration and sharing
• Military threat environment requires more efficient data-related confidentiality(C), integrity(I) and availability(A) methods to ensure the enabling or multiplying outcomes
• Since data is a component in a military socio-technical system, the transfer of culture is usually the most challenging hurdle to overcome on the transformation roadmap
• Multi-sourcing dimension to ensure that military affairs are integrated with society, the defence industry, and other governmental agencies and coalition partners.
• Compliance with the digital economy principles that the surrounding society has adopted: market-driven or rights-driven.
• Finally, data lives in a technical environment, platforms and networks. Do they enable the new valuation of data?

 

2. How do current data strategies reflect the principles?

Next, the paper uses the strategic data principles to compare contemporary military approaches to gain more value from data within their enterprise and as part of a wider data environment.

Table 1: Comparing a variety of defence data strategies against the principles of military data strategy

Data strategic principles	US DoD[1] 2020	UK MoD[2] 2021	SWEDEF[3] 2021	BUNDESWEHR[4][5] 2021	FINDEF[6] 2021
Recognised threat environment and confrontation	DoD has lacked the enterprise data management to ensure that trusted, critical data is widely available to or accessible by mission commanders, warfighters, decision-makers, and mission partners in a real-time, useable, secure, and linked manner.	With increasing data, it is harder to isolate insights from information	NTR	Recognises the cyber and information space	Disinformation and other data threats, emerging technology
Ends defined in military affairs	Warfighters at all echelons require tested, secure, seamless access to data across networks, supporting infrastructure, and weapon systems out to the tactical edge.	Data is an enduring strategic asset that, when effectively exploited, drives battlespace advantages and business efficiency. Integrated Operating Concept.	Interoperable processes. More effective, simple, safer, and asymmetric capabilities.	Harmonisation and automation of military processes, resilience of defence, value for money	Information dominance, user-driven
Data-related Ways	Data is Visible, Accessible, Understandable, Linked, Trustworthy, Interoperable, Secure.	Exercise sovereignty, standardise data, exploit data, secure data, curate data, endure data	Data asset management, data exchange with other agencies, data modelling, Chief Data Officer and Data Protection Officer, Data science	Data clusters, short innovation cycles, mobile access, and user experience-driven	Improve data accessibility, findability, usability, and establish a new information culture. Knowledge management
Data as Means	Architecture, Standards, Governance, Talent & Culture	Central data leadership, People skill and culture, Governance & controls, data foundations, exploitation	Information architecture, data annotation, master data management, open data, data clustering, Common Information Model, Information Supply Chain, Antifragile data architecture	Establish the inspector for the data and information space	Manage strategic assets, data fusion, and enrichment
Cultural challenges	Service Members, Civilians, and Contractors at every echelon make data-informed decisions and create evidence-based policies.	NTR	Information as a strategic resource, from application-focused to data-driven, the need for more data, Access to high-quality data, and Data trust.	Innovation-driven approach	Sharing culture, right to use data, and data consumership.
CIA methods	Consumers know that data is protected from unauthorized use and manipulation.	Secure by design	Data quality	Improve cyber defence capabilities.	Identifying critical information, risk management, and ensuring availability
Multi-sourcing	Achieve semantic as well as syntactic interoperability	Defence data ecosystem	National data sources, International open sources.	Transorganisational clusters	Global data environment, data exchange management
Compliance with the digital economy	Data management and compliance with policies are a top priority	Data complies with legal, regulatory and ethical obligations.	SWE, NATO and EU compliance	NTR	Open government
Enabling Technology	Sensors and platforms across all domains must be designed, procured, and exercised with open data standards as a key requirement.	NTR	A cohesive command chain with secure, robust, accessible, and user-friendly IT systems.	Consolidation and integration of data platforms	NTR

In summary, the data strategies in a variety of Defence Forces:

• Do not necessarily approach data from the threat environment or confrontation (2/5), but from the increasing amount of data and fewer abilities for sense-making (2/5).
• Aim to achieve the ends defined in military affairs (5/5), at least at the principal level.
• Data-related Ways are defined per the existing data management boundaries and maturity. Some emphasise ways to access data and process efficiency (3/5). Others see data as an accelerator for capability development (2/5).
• Some see data-related Means from the management approach (3/5) and others from the value creation viewpoint (2/5).
• Cultural challenges are approached from the consumer viewpoint (3/5). Moreover, innovation for novel data applications is seen as a cultural accelerator in one strategy.
• All strategies have a view to data Confidentiality, Integrity or Availability
• All strategies identify data as a Multi-sourced asset.
• All strategies recognise that with a global approach to data assets, compliance with the digital economy is a relevant issue.
• All strategies identify the Enabling and emerging Technologies but do not necessarily refer to them in the data strategy paper.

---

[1] US DoD Office of Prepublication (2020): Executive Summary: DoD Data Strategy

Unleashing Data to Advance the National Defense Strategy

[2] UK MoD (2021): Data strategy for defence

[3] FOI-R--5112--SE (2021): Förstudie om informationshantering i Försvarsmakten – med

fokus på information som strategisk resurs

[4] WD 2 - 3000 - 063/21 (22. September 2021)

[5] Strategische Leitlinie Digitalisierung

[6] https://julkaisut.valtioneuvosto.fi/bitstream/handle/10024/163329/PLM_2021_3.pdf?sequence=1

Cyber and Electromagnetic Activities (CEMA) in All-Domain Battlespace

 ‘In fact, future conflicts will not be won simply by using the electromagnetic spectrum and cyberspace; they will be won within the electromagnetic spectrum and cyberspace.’ 2013 Adm Greenert, Chief of Naval Operations, USN

What are Cyber and Electromagnetic Activities (CEMA)?

Contemporary adversaries aim to integrate lines of operations across information, cyber, electromagnetic, and kinetic domains, as illustrated in Figure 1. They take advantage of the digitalisation of the information realm, which opens avenues to cognitive and social realms. It becomes more cost-efficient to attack through the cyber domain, launch terrorising strikes, and create confusion and fear in these realms. (Clarke & Knake, 2020) 

Besides the expanding cyber environment, the demand for mobility and dispersion in the battlefield multiplies the need for transceivers and wireless communication. Naturally, this increases targets for electronic attacks; for example, suppressing the GPS signal will increase the circular error probability. Moreover, battlespace transceivers open new venues to breach logically isolated cyber domains. (Álvarez, 2025) 

Kinetic line of operation may use the electromagnetic and cyber realms to multiply the systems effect, e.g., an adversary may destroy a central control hub with gliding air-to-ground payload and simultaneously overload defender sensors with fake targets while suppressing means of communications. The combined course of action (CoA) will suppress the surveillance system, prevent its repair, and make the adversary lose trust in any similar C5ISTAR  support system during that conflict. 

Figure 1: A View to Evolving Realms of Military Force Projection

Cyber and Electromagnetic Activities (CEMA) are coordinated offensive or defensive courses of action that either improve BLUE’s freedom of movement and survivability or degrade RED’s electromagnetic and cyber environment use. Since CEMA predominantly comprises hardware nodes, transceivers that utilise electromagnetic propagation, and software-defined features that define the cyber environment, it offers more advantages as the forces of digitalization and mobility intensify. Hence, the Western type of military force is more vulnerable to CEMA effects than a 2nd generation industrial force optimised for attrition, or loosely controlled insurgent teams optimised to terrorise the local population. On the other hand, when any force adapts dual-use consumer electronics, it opens possibly unrecognised vulnerabilities for CEMA attacks. The fast evolutionary pace of dual-use electronics during the Russia-Ukrainian war proves this. Russia is enhancing its electronic warfare (EW) and sensor development and updating its existing equipment to counter Ukraine's rapidly evolving capabilities (Bronk, 2025).

Militaries are globally gaining interest either during their digital transformations or creating asymmetric but systems-effectors against more digitised adversaries. Nations that are wielding information war against their adversaries are particularly interested in these emerging technologies and innovative courses of action. 

What is the CEMA Environment as a Battlespace? 

The Cyber and Electromagnetic environment continues to expand within military forces as they modernise and digitise their platforms, connecting them to a military system of systems-based (SoS) capabilities. (Dahmann, 2012) These systems of systems extend cyberspace and utilise the electromagnetic environment to support military affairs. The defenders' interest is to protect the BLUE system of systems and prevent the systemic effects (Beagle, 2001) of the Attackers (RED) that may suppress essential BLUE capabilities, as illustrated in Figure 2.

Military System of systems

The US Defense Acquisition Guidebook defines a System of Systems as “a set or arrangement of systems that results when independent and useful systems are integrated into a larger system that delivers unique capabilities.” Typical SoS include Joint Fires, integrating effectors and platforms in the air, ground, and sea; Joint C5ISTAR, integrating Command and Control with Cyber Defence, Surveillance sensors, and Intelligence systems; and Combined Air Defence, integrating space air, sea, and ground-based air defence platforms for joint engagement zones. 

A model for a system of systems may be illustrated, as in Figure 2, with a layered structure of Physical platforms or facilities and auxiliary systems that host hardware capacities for processing and transmission; Electromagnetic performance that transfers effective radiated power (ERP) to propagate in an electromagnetic environment (EME); Logical software and data-defined features and flows that enable processes for military affairs. The technical illustration may scale towards socio-technical SoS with users and administrators. (Mattila, 2023) Furthermore, it may extend to enterprise-wide system networks that support the main military functions of Operate, Generate and Support. (DANSE, 2025) These systems of systems open new domains and attack vectors for adversaries to penetrate, exploit, and suppress defenders' capabilities through the means and ways of cyber and electromagnetic warfare. 

Cyber warfare can be thought of as techniques to create effects or gain intelligence on hostile systems through the medium of digital code. (Bronk, 2025 ) Electronic warfare can be thought of as techniques to create effects or gain intelligence on hostile systems through the medium of electromagnetic energy pulses. (Bronk, 2025 )

Cyberspace within SoS

Militaries are embracing the 4th Industrial Revolution and its key enabler: software-defined cyber-physical products, enabling faster decision-making and manoeuvring. (McNamara, Modigliani, & Nurkin, 2025) The software-defined military systems promise advantages such as:

1. Modernising legacy platforms with cutting-edge technology-enabled features, like anti-missile and anti-drone defence.
2. Building future software and artificial intelligence-driven autonomous forces with an iterative approach, such as swarming effectors and loitering sensors.
3. Delivering time and cost efficiencies in administrative and operational processes, such as continuous software integration and AI agents capable of learning multiple tasks. (McNamara, Modigliani, & Nurkin, 2025)

As software-defined features take over from mechanical functions, the amount of software code explodes. Unfortunately, the industry average for coding errors remains 15-50 defects per 1000 lines of code, and at best, the quality may reach 0.1 defects per 1000 lines. (McDonnell, 2004) The exponential rise of software code in armament, the integration of system-of-systems, and big data together increase the area of vulnerability within the technical layer of SoS. 

• Example: More than 30,000 public and private organisations were exposed to the SolarWinds hack between 2019 and 2020. Apparently, a Russian agent was able to inject malicious code into SolarWinds Orion management software. When customers updated their management software, the malevolent code created backdoors for hackers to access data. (Oladimeiji & Kerner, 2023) 

On the other hand, the evolving digital transformation of the Armed Forces requires competent military personnel to manage and use software-defined features and processes. Otherwise, the increasing number of people interfacing with machines will provide lucrative avenues of attack. (Entrust Network, 2022)

• Example: The Russian Ministry of Internal Affairs is advising residents and soldiers in areas near or within Ukrainian Forces not to use online social media, dating apps, geotagging, geolocational links, or unsecured messaging applications. (Linder, 2024)

Software-defined and data-driven cyberspace is both more vulnerable but also provides strategic advantages for the military. Hence, Information technology security, Cybersecurity, and Cyber defence operations are more critical as the military's digital transformation advances. (Whyte & Mazanex, 2023)

• Example: Outdated technologies in enclaves expose the military to strategic vulnerability. An unpatched operation system in a fleet of main battle tanks may become a lucrative way to suppress the entire armoured capability. (Military Dispatches, 2024) 

Electromagnetic environment within SoS

Cyberspace relies on an electromagnetic environment (EME) as part of the physical layer performance and protection. The EME extends cyberspace through the air via propagation, ensuring information flow, surveillance, and precision targeting, among other things. Unfortunately, the EME also exposes cyberspace to bit errors, interference, interception, and jamming. (Adamy, 2015)

Propagation in EME depends mainly on frequency, effective radiated power (ERP), antenna radiation patterns, atmospheric attenuation, and diffusion caused by elements along the propagation paths. This means that a significant concern in EME is the distance between the transmitter and receiver/reflector. Hence, both ES and EA sensors and effectors need to be networked to select optimally located EW sites for intercepting or jamming. (Clark, Walton, Tourangeau, & Tourangeau, 2021) Any EW system, therefore, has cyberspace and needs to be protected against adversary electromagnetic and cyber effects.

• Example: Ukrainian forces are combining electronic attacks, attack drones, and advancing infantry to penetrate behind Russian lines and create confusion. First, the Russian surveillance drones are jammed; then, attacking drones hit both aerial and ground targets; and finally, infantry can advance and take over crucial points on the ground. (Álvarez, 2025)

As the vulnerability of any radiating site increases, the need is to distribute, for example, surveillance radars and create low-size, weight, and power (SWaP) radar networks (Knight, 2025). While improving systems resilience, the distributed architecture also provides more comprehensive coverage, especially in complex terrains. With the distributed and more disposable radar structure, the cognitive electronic warfare (CEW) attributes will enhance both offensive and defensive capabilities. (Vernhes, 2025)

• Example: Artificial intelligence-driven electronic protection (EP) can adapt in real-time to conventional radar configuration and avoid detection. (Knight, 2025)

Combined cyber and electromagnetic domain from a C5ISTAR system of systems viewpoint

Figure 2 presents a technical figure of the CEMA environment. It is a snapshot from the viewpoint of a Command, Control, Communications, Computers, Cyber, Intelligence, Surveillance, Target Acquisition, and Reconnaissance system of systems, illustrating both vulnerabilities to attacks and defensive measures. Cyberspace can be used to attack transceivers and create a systemic disruption in communications services.

• Example: Russians used a strain of wiper malware, ‘AcidRain’, to remotely erase vulnerable modems and routers of the Viasat service, disrupting Ukrainian access to broadband space communications for up to a week. (CyberPeace Institute, 2022)

Electromagnetic attacks can be used to jam wireless transceivers and cause denial-of-service effects in cyberspace.

• Example: Russians are reportedly jamming GPS and other satellite-based navigation systems in the vicinity of the Baltic Sea as part of their hybrid operation to create fear of flying by degrading flight safety. (Waterman, 2024)

Cyberspace data flows can be captured by intercepting the GSM signal with a software-defined transceiver and analysing the data flow of ongoing sessions. (Louwers, 2024) By rerouting GSM traffic through compromised switches and exchanges, adversaries can capture mobile data flows.

• Example: The Russian FSB operates communications interception devices (SORM) in telecommunications exchanges to collect and analyse traffic. (Soldatov, 2014)

A hacker can take over a router in cyberspace by accessing it through a wireless interface, exploiting outdated firmware, and using the hijacked router as part of a Denial-of-Service (DoS) botnet, distorting routing protocols or capturing IP packets. (Rau, 2023)

• Example: Russia's APT28 hacking group appears to have remotely breached the Wi-Fi of an espionage target by hijacking a laptop in another building across the street. (Greenberg, 2024)

Figure 2: A View of the CEMA Environment in Typical Forces Confrontation

CEMA in an Operational Context

Since the CEMA domain overlaps cognitive and physical realms and covers most of the information realm, as illustrated in Figure 1, it is an avenue to support both kinetic and information operations. Both Electronic and cyber-attacks can contribute to kinetic fires for joint systemic effect, as presented in Figure 3. The Russian Fancy Bear hacker group successfully infiltrated a Ukrainian artillery application used to control fires. Through the breach of 2014-2016, Russian artillery was able to locate both fire controllers and weapon sites on the Ukrainian side and destroy them more efficiently. (Crowdstrike, 2016) 

Moreover, information operations benefit from Cyber or Electronic attacks that suppress official media sites or utilise hijacked cyberspace elements to disseminate influence messages. (Microsoft, 2023)  Within the information realm, CEMA operations can also be employed independently as a covert arm, operating below the conventional threshold of war or providing an asymmetric advantage (Russian Defense Policy, 2017) against modern forces. Russia has also used CEMA as part of a broader hybrid campaign to create terror, break the trust between population and government, and manipulate polarisation within a population. (NATO, 2024)

Since CEMA primarily focuses on the synchronisation and coordination of cyber and electromagnetic activities, the components and their combination in support of operations are more critical in various contexts. (UK MoD, 2018) The Electronic Warfare components are Electronic Attack, Electronic Support, and Electronic Protection, as shown in Figure 3. 

• Electronic Attack (EA) broadly refers to the use of electromagnetic energy to degrade the performance of hostile systems for offensive purposes. It may contribute to kinetic, information, and CEMA operations independently.
• Electronic Support (ES or ESM) encompasses the exploitation of passively collected electromagnetic emissions to identify, track and possibly even target hostile systems. It supports EA, EP and Network operations directly and provides essential awareness for force protection.
• Electronic Protection (EP or ECM) involves the use of electromagnetic energy by a platform to defend itself against enemy attacks, typically by degrading the signals received by enemy fire control radars, datalink connections, or missile seekers. (Bronk, 2025 ) EP support is used directly in kinetic operations security and survivability but also contributes to Network operations and EA.

Cyberspace actions are network operations, cybersecurity, cyber defence, and cyber-attack. 

• Network operations (NO, NOC) encompass actions taken to design, build, configure, secure, operate, maintain, and sustain the C5ISTAR system of systems in a manner that ensures and preserves data availability, integrity, confidentiality, as well as user and entity authentication and non-repudiation. (Senft, 2016) Network operations contribute directly to Cyber defence operations, but they also enable all military activities that use digital information. NO requires cybersecurity operations and other security measures to provide C5ISTAR support services.
• Cyber defence operations (CDO) utilise both passive and active cyberspace capabilities to protect data, networks, net-centric capabilities, and other designated C5ISTAR system of systems. (FM 3-21, 2021) CDO supports Information, CEMA and kinetic operations, ensuring the survivability of C5ISTAR services.
• Cyberattack operations (CAO) are conducted in cyberspace aiming to create noticeable destructive effects (i.e., degradation, disruption, or destruction) in cyberspace or manipulation that leads to denial-of-service impacts in physical domains. (JP 3-12, 2018) CAO supports Information, CEMA, and kinetic operations, opening options for achieving systemic effects in an adversary's system of systems.

Figure 3: A view of CEMA and its components relationship and architectural ontology

Understanding the interrelationships and dependencies of the CEMA in Figure 3 is crucial for effective operational planning and execution, given its complex nature. One instance of negligence renders the entire C5ISTAR system vulnerable to attacks. Naturally, this also applies to adversaries; hence, the coordinated CEMA's offensive activities, whether by themselves or in support of other operations, may yield surprising victories.

How does the CEMA Contribute to and Integrate with Operational and Tactical-level Operations?

The CEMA concept in Figure 4 provides a view of CEMA support to joint operational and component tactical levels of projecting military power. (Plott & Keller, 2020) Joint operations, in this case, assume an all-domain setup, where CEMA is one of the lines of operation (LoOs), in addition to the legacy lines of space, air, ground, and sea. Hence, the joint CEMA may deploy Cyber and Electronic attack effects independently from the other domains and create an alternative line of operation. The CEMA LoO requires specific operational planning, with an understanding of the environment and system of systems engineering (SOSE) of both blue and red systems, in order to contribute to joint operations planning. The execution of CEMA operations requires the orchestration of multiple activities in coordination with the execution of joint operations. Naturally, the CEMA offensive operations planning is facilitated by the Joint Operations Command (JointOpsCmd) and executed according to Operation Orders. 

The Joint CEMA Centre (JCEMA), with particular SOSE competencies, is responsible for supporting the Joint Operations Command with joint CEMA planning and the execution of joint CEMA offensive operations. This requires close cooperation with the Staff that plans and executes the Joint Operations. Hence, the JCEMA usually resides within the Joint Staff and contributes to intelligence, planning, information operations execution, kinetic targeting and logistics processes. JCEMA also collects joint-level situational information and contributes to the Joint Operation Picture.

Joint CEMA effectors, such as Joint Cyber Attack (JCA) and Joint Electronic Attack (JEA) units, are under the command of the Joint Operations Command.  The JCEMA controls them, while the Forces run platforms. CEMA-related sensors and effectors are integrated into the C5ISTAR support system, enabling seamless data flows and the dissemination of CEMA knowledge.

Defensive Joint CEMA activities may be planned and coordinated in J3 and J6 of the Joint Operations Command.

Figure 4: A Simplified Concept of CEMA Operations

At the tactical level, the CEMA centre (CEMAC) that supports each Component is usually close to the Component Command Staff for tactical planning and mission execution. A Component Command may have CEMA sensors and effectors assigned to it by the Joint Operations Command, or they are integral parts of units under operational control or in support. CEMA's offensive activities primarily support tactical-level fires, while defensive activities contribute mainly to force protection, operations security, and network operations.

The CEMA Centre focuses on supporting CEMA planning and coordinating offensive activities within the Component Staff. It also collects electronic threat information and maintains threat catalogues for electronic protection. Furthermore, the CEMA Centre collects CEMA-related situational information from all sensors and transceivers, contributing to the Component Recognised Picture.

The Network Operations Centre (NOC) and Cybersecurity Operations Centre (SOC) are typically part of the C5ISTAR service provider organisation, supporting both Joint operations and Component missions.  The NOC executes, for example, spectrum management operations, communications security, IT security and other ICT-related support, as illustrated in Figure 3, for operations and missions. The SOC conducts cyber surveillance and reconnaissance, monitors assigned cyberspace, detects breaches, and, in conjunction with the NOC, responds to and recovers from adversary cyber-attacks. 

Tactical-level CEMA units include, e.g., Cyber-attack teams (CA), Direction-Finding and Jamming platforms (EA), and EME sensors and transceivers (ES). They are assigned to Joint Operations Command and further delegated under the Component control. In addition to their platforms, all tactical-level CEMA units are connected to either the Joint or Component C5ISTAR support system to integrate with CEMA support, protection, or attack information flows.

Tactical-level CEMA defence aims to provide protected cyberspace and enable freedom of use of the Electromagnetic Environment.

Operational level concept of use

The Joint Operations Command (JointOpsCmd) plans an influence operation to effect the adversary public opinion of their government. INFOOPS requires contribution from kinetic and CEMA lines of operation. JCEMA is tasked with creating a Course of Action to take down adversary governmental sites and broadcasting, while INFOOPS would disseminate their message through troll factories and bought influencers. After analysing the adversary broadcasting systems and websites, the JCEMA assesses that jamming the TV signal transfer site in the capital and, at the same time, using a botnet for a distributed denial of service (DDoS) attack on the IP gateway that separates government intranet from the Internet would isolate the population from their government for about 24 hours.

Following the Commander of JointOpsCmd's decision, an influence operation is executed under joint coordination. JCEMA orchestrates the CEMA jamming from airborne platforms and DDoS attacks over the Internet, measures the impact, and keeps JointOpsCmd informed of the operation.

Tactical level concept of use

A: The Air Component Command (ACC) plans to target a strategic manufacturing site in adversary territory. The site is defended by a strong ground-based air defence (GBAD) that would prevent any successful air strike. The Air CEMAC is tasked with determining how it can support the future mission. After analysing the adversary's primary GBAD and secondary support systems, Air CEMAC identifies possible vulnerabilities in the power supply system for the manufacturing site. The electric grid has only one transfer station that feeds the site.

Air CEMAC drafts a mission order as part of the Air Tasking Order, and after the approval from the Commander of ACC, the mission execution is launched. The Air CEMAC coordinates parallel wiper attacks to suppress the grid control system and electromagnetic pulse attacks to burn auxiliary HVAC controllers. 

B: Cybersecurity Operation Centre (SOC) surveys and reconnoitres the Internet and adjacent Intranets within the Area of Interest for adversary activities. When detecting an imminent threat and analysing its potential impact in Blue Cyberspace, the SOC creates courses of defensive action in collaboration with the NOC. 

The NOC communicates CoAs either to the Component Commander or the Joint Commander, depending on the area of potential effect. After the decision, the SOC and NOC implement preventive actions, monitor the situation and prepare for recovery.

Conclusion

Cyber and Electromagnetic Activities do not integrate well in support of all campaigns and areas of operation. The more digitised and mobile the adversary, the more vulnerabilities and potential for systemic effects there are for CEMA's offensive activities, either independently or as a course of action in support of information or kinetic operations. The more network-enabled the Blue Force is, the more options the adversary has for asymmetric effects. Hence, the integrated CEMA defensive actions are necessary for Forces that aim to improve through digital transformations. Whereas, in other operational confrontations, the integration of cyber and electronic warfare means and ways do not necessarily achieve the intended ends. 

Emerging Technologies that Will Enable the Next Digital Transformation Wave for Military Affairs

What are the Emerging Technologies, and Why the Military are Interested?

The military has evolved using emerging digital technologies in three waves (Kale, 2020): 

1. Digitization transferred content from analogue to digital format and improved military administration and office work.
2. Digitalisation introduced enterprise-wide systems, like Enterprise Resource Planning, which enabled human, financial, material, and facilities management or battle-space management systems for faster situational awareness.
3. Digital transformation has enabled revolutions in military affairs, such as Network-Centric Warfare in the US Department of Defense and network-enabled Capability in the UK Ministry of Defence.  

Current waves of transformation enabled by emerging technologies are revolutionising industry (The Fourth Industrial Revolution), commerce (digital biology), facilities (smart homes, cities, and government), and the military (Combat Cloud).

This paper creates an enterprise architecture view of possible digital infrastructure that military affairs may benefit from while planning their second wave of digital transformation for further capabilities. Meanwhile, lethality in battlespace increases, dual-use technology creates tactical advantages, weapon and counter-weapon development takes place in days, arms races raise prizes of armament, and additional defence finances are complicated to gain.

A Systematic Perspective to a Military C5ISTAR Technology Stack Enabled by Emerging Technologies

For a systematic assessment of emerging technologies' impact on Military Affairs, this study divides the technology stack into infrastructure, data, systems, and business models aligned with common enterprise architectures. In this approach, digital modelling or digital twins are the points of interest because they are virtual representations that allow the modelling of the state of a physical entity or system. They are created by digitalising data collected from physical entities through sensors, so various predictions can be made by understanding the behaviour of the physical entity.  Virtualising and digitising the physical world seems a beneficial feature for Military Affairs because it enables the military to :

1. Create digital models of physical phenomena, run accurate simulations, and gain foresight into possible future.
2. Improve the man-machine interface with more immersive ways to interact with machines.
3. Maintain the faster OODA loop at the tactical level with less delayed data transfer, optimised computing, and algorithm-accelerated sense-making.
4. Bring machine interoperability from recognising the data to sharing the understanding.

The following gives a more detailed view of possible military C5ISTAR technology stack changes.

Infrastructure Layer (networking, transfer and processing)

In this case, the infrastructure layer includes networking, data transfer and processing functions, as illustrated in Figure 1. The wireless 5/6G evolution improves the access network from the edge to terminal capacity and connectivity and lowers the latency if cellular base stations are connected via a high-bandwidth terrestrial network. Non-terrestrial, air- and spaceborne base stations are available, improving accessibility and simplifying the integration. The terrestrial and non-terrestrial 5G base stations compose a three-point access network with standard transfer and networking functions.  This multi-domain connectivity will replace legacy tactical data links while improving the availability of access and roaming and extending the range over the horizon, features essential in the Joint All-Domain C2 (JADC2) concept promoted by David Deptula. 

Furthermore, with higher frequencies, the cell sizes are smaller, and the Effective Radiated Power (ERP) is less, which means that transceivers' low probability of detection and identification (LPI/LPD) improves. However, with lower frequencies, higher transceiver density, and smaller radiation patterns, deploying dual-use Radio Frequency Identification (RFID), the Internet of Things (IoT), and Operational Technology on the battlefield becomes feasible. 

 With 5/6 G enhanced wireless communications, the access network becomes more versatile than the legacy Local Area Network (LAN) topology. For example, command posts can be distributed across a wider area without losing seamless collaboration connectivity. Platforms become cell base stations, providing access points to Mobile Adhoc Networks (MANET) within and between platoons, squadrons, teams, and higher organisations. Expendable, swarming sensors and effectors can be connected to a larger tactical unit even in an electromagnetically contested environment. 

Furthermore, the new Open Radio Access Network (ORAN)  and all-encompassing Internet Protocol (IP) solve the current technical-level interoperability issues. They allow you to create virtual, sliced, or private military network domains parallel to other network users without creating congestion points or bottlenecks. 

The flexible network and transport layers support data flows that enable hybrid clouds and hybrid computing, which varies between different clouds, edges, and endpoints. Hybrid computing provides optimal data processing for a task, addressing anything between real-time, big data, or algorithm-crunching requirements.  

Data Layer

In Figure 1, the data layer is on top of the infrastructure layer. Enabling technologies may include Data flows with different Quality of Service (QoS), Data warehouses, Data Lakes, Lakehouses, Table formats, Business Intelligence, and Synthetic data.

These technologies may be implemented in three main categories of data architectures: Stove-piped, centralised, or data mesh. Stove-piped data architecture is a direct continuum from system-based data architecture. It enables the legacy of functional data owners who use proprietary data models and do not share data unless forced. Centralised data architecture breaks the stove-pipe boundaries and brings data to data warehouses, lakes or Lakehouses. A centralised approach establishes central data functions and provides development and Data as a Service (DaaS) to functions and Forces. However, the central entity may become an administrative bottleneck, isolating data from Forces. Conversely, data mesh prioritises domain-driven design while enabling the teams closest to big data sets to take control of meeting their data preparation and analytics needs. Data mesh enables the democratisation of data so that it’s available to everyone in an enterprise, regardless of their technical expertise, function, or organisation. Each Command of sense and decision-making becomes a citizen data scientist, an officer who can analyse data but doesn’t take on that task as their primary role.  Gartner recognises this with the estimation that by 2027, organisations faced with AI and data security requirements will standardise on policy-based access controls to unlock the value from more than 70% of their data.

Data Flow follows uplinks, and downlinks may become bottlenecks if flow management is not prioritised. Since the transfer layer enables Quality of Service prioritisation, military affairs may arrange vertical and horizontal data flows to provide real-time awareness and longitudinal big data for modelling and forecasting.

Data Warehouses are central data repositories integrated from disparate sources, namely operational systems. They enable straightforward business intelligence queries because the data is aligned, cleansed, and structured. 

A Data Lake is a system or repository of data stored in its natural/raw format. The repository may be a single data store but includes raw copies of source system data, sensor data, and social data in structured, semi-structured, or unstructured formats. Data from a data lake may be used for reporting, visualisation, advanced analytics, and teaching machine learning. 

A Data Lakehouse combines the flexibility of data lakes for working with raw and often unstructured or semistructured data with the reliability and performance of traditional data warehouses that store consolidated sets of structured data.  

A Data fabric is a data management design concept for attaining flexible, reusable and augmented data pipelines and services supporting various operational and analytics use cases. Data fabrics support a combination of different data integration styles and utilise active metadata, knowledge graphs, semantics and machine learning to augment data integration design and delivery.  

The Data Table Formats provide cross-platform compatibility, transaction support, and schema evolution. Developing the Data Lakehouse ecosystem requires open table formats like Apache Iceberg, Delta Lake, and Apache Hudi. Enabling schema evolution is essential for managing data structures over time while maintaining data integrity and backward compatibility. Data Schema management improves interoperability at the upper layers and facilitates establishing a smart machine system of systems.

Synthetic data is created by taking a database, creating an ML model for it, and generating a second set of data. The generated synthetic data has the same patterns and properties as actual data, but it’s not tied to any actual data identifiers. Synthetic data is generated fast, automatically tagged, and provides high-quality data regarding events that rarely happen in the real world, which is very applicable in military affairs. 

Available data in both arranged and raw formats enable a variety of data analytics:

• Traditional analytics requires a team of IT analysts to comb through data, theorise potential insights, test those insights, and report on their findings.
• ML-based models can continuously monitor data, pick out anomalies, and alert the appropriate teams in real time without human input. 
• Business intelligence tools harness raw data to extract meaningful patterns and actionable insights.

Systems and Services Layer

The next layer enabled by the data layer is the systems and services layer in Figure 1. Emerging technologies opening new options for military affairs include human-machine interface (HMI), immersive technologies, spatial computing, metaverse, algorithms, energy-efficient computing, and classical and quantum computing.

The Human-Machine Interface will evolve using immersive-reality technologies based on the current industrial and office interfaces enabled by multitouch video technologies on tablets and smartphones. Human actors will experience real-time interactions in three-dimensional virtual worlds that eventually incorporate the physical world. The evolution runs from a fully computer-generated space in virtual reality (VR) to mixed reality (MR) and further towards augmented reality (AR), where computer-generated objects are superimposed on the real world.

Spatial computing maps indoor and outdoor physical spaces (including people and furniture). Then, the digital content is anchored within the physical world, enabling users to interact with it realistically. 

Furthermore, the metaverse interconnects digital spaces where users can interact, socialise, and create. Spatial computing ensures users' accurate positioning and synchronises their actions. The human-machine interface allows people to have lifelike personal and business experiences online.

Virtualisation and decentralisation of the processing layer enable the distribution of computing workloads across different sites, such as hyperscale remote data centres, regional centres, on-premises centres, and edge points. This ability to distribute workloads supports optimising latency, data transfer costs, adherence to data sovereignty regulations, autonomy over data, and security considerations.  Gartner recognises the trend as follows:

‘By 2025, Gartner predicts more than 50% of critical data will be created and processed outside the enterprise’s data centre and cloud.’ 

‘By 2027, approximately 5% of large enterprises will deploy a hyperscaler distributed cloud solution for edge computing workloads outside data centres.’

Edge computing involves processor-intensive, often repetitive, mission-critical data analytics within devices on the outer edge of a network. With supporting networking and data layers, edge computing enables more real-time intelligence and faster sense-making from tactical to operational levels. Furthermore, edge processing supports machine-to-machine cooperation within the Intranet of Military Things (IoMT)  sensors and actors.

The decentralising layer hosts a variety of algorithms, including AI, optimised to specific functions in support of the business layer. Gartner forecasts this in the business as follows:

‘By 2028, 50% of enterprise platforms will leverage specialised infrastructures to support AI infusion, a significant increase from less than 10% in 2023.’

Next-generation systems and services are developed with tools and technologies that enable modern code deployment pipelines and automated code generation, testing, refactoring, and translation. These can improve application quality and development processes.  The Gartner sees this emerging trend as follows:

‘By 2027, 80% of AI-generated SaaS applications will be up to 80% composite for efficiency of human-AI digital engineering.’ 

‘By 2026, 40% of development organisations will use the AI-based auto-remediation of unsecured code from application security testing (AST) vendors as a default, up from less than 5% in 2023.’

Digital Business Modelling Layer

The last layer enabled by the technology layers is the digital business layer in Figure 1. The next-generation technology layers enable features like digital twin, artificial intelligence-based image recognition, optimisation, expert functions, robotic process automation (RPA), AI agents, autonomic systems, synthetic media, ambient, invisible intelligence, polyfunctional robots, and data-driven military.

A digital twin is a virtual representation of an object or system designed to reflect a physical object accurately. It is built on big data, spans the object's lifecycle, is updated from real-time data, and uses simulation, machine learning, and reasoning to help make decisions. Military Affairs may benefit from digital twin features in the maintenance and repair of platforms, developing system of systems, capability life-cycle management, force generation, and strategic modelling. 

Applied AI technologies use models trained through machine learning to solve classification, prediction, and control problems, automate activities, add or augment capabilities and offerings, and improve decision-making.  These features may benefit military affairs, for example, in financial optimisation, personnel promotion, facilities management, supply chain management, and learning management.

Robotic Process Automation and AI Agents refer to a system or program capable of autonomously performing tasks on behalf of a user or another system by designing its workflow and utilising available tools. Beyond natural language processing, AI agents can encompass various functionalities in military affairs, including decision-making within processes, problem-solving in real-time situations, interacting with external environments, and executing actions. The Gartner foresees emerging features in business as follows:

‘By 2027, GenAI tools will be used to explain legacy business applications and create appropriate replacements, reducing modernisation costs by 70%.’

‘By 2027, more than 40% of digital workplace operational activities will be performed using management tools enhanced by GenAI, dramatically reducing the labour required.’

‘By 2028, 60% of IT services will be powered by the trifecta of GenAI, hyper-automation and metaverse, radically changing the services buyer landscape.’

Data-driven military affairs may witness changes among supporting entities like Intelligence, Military Survey, Logistics, and Operation Centres that provide continuously improved data products to their supported entities. Secondly, the data-driven approach may change military supply chain management as products and support become more cyber-physical, and data outside the military will become more valuable assets with emerging commercial space and cyber operators. Thirdly, the military may be able to execute so-called ‘information-driven operations. The defence organisation should not only be capable of obtaining an authoritative information position (or information dominance), but it must also use information as a ‘weapon’, i.e. as a means or instrument of influence.  Fourthly, the quantitatively thinking commanders may be able to mitigate the analysis paralysis usual with current risk-avoiding sense-making supported with less machine-based analysis. 

Altogether, the digitalisation illustrated in Figure 1 supports the Fourth Industrial Revolution (4IR) and provides potential for Military Affairs to benefit from. The second wave of military digital transformation may create strategic advantages for the Operate, Generate, and Support functions. The UK Army’s digital transformation program, THEIA, has three headline outputs: out-compete the adversary, partner better and integrate with partners, and improve efficiency.   The US Army aims to improve and leverage innovative and transformative technologies: modernisation and readiness, optimised digital investments, and a technically savvy, operationally effective digital workforce.  NATO is talking about using these “emerging and disruptive technologies efficiently.” NATO could improve its operations with military, industry, and civilian partners in every warfighting domain, including sea, land, air, space, and cyber operations. 

Figure 1: An illustration of a possible technology stack on top of more efficient communications