Following the establishment in 2010 of US Cyber Command—America’s first joint warfighting combatant command for the cyber domain—each of the military services faced a choice about how to organize their personnel to detail to that command, as well as how to organize their own cyber forces. In a break with its standard operating procedures, in 2014 the US Army decided to create a new basic branch—the cyber branch—to organize a career path for personnel engaged in military cyber operations.1 This was not a preordained outcome. Rather than creating a new branch, the Army could have integrated cyber functions and skills into preexisting branches such as the signal corps or military intelligence branches, where much of the Army’s cyber talent already resided. Alternatively, the Army could have created a functional area career field, similar to the strategic plans and policy functional area, which officers could join after having spent time in their basic branch.2 These measures would have been consistent with the Army’s typical institutional approach to “[assimilate] technology into its existing branch structure.”3 For example, shortly after World War II, rather than break with the cavalry legacy in response to such extraordinary technological innovations in mechanized warfare, from mounted cavalry to modern tanks, the Army chose to reinvent the cavalry branch as the armor branch in the Army Organization Act of 1950.4
The Army’s decision to establish a cyber branch also stands out when thinking about how the US military adapts organizationally to evolving domains of warfare. The decision to establish a cyber branch came only a decade after the US military first defined cyberspace as a new domain of warfare.5 By contrast, it took almost four decades after the establishment of the Air Force (from the Army Air Corps) in 1947 for the Army to create an aviation branch. And while outer space has also been defined as a domain of warfare, the Army elected to organize its space personnel as a functional area, rather than create a basic branch for space.
The Army is also the only service that chose to establish an entirely new entity to organize its cyber forces. While the Air Force established a cyberspace career field in 2009, it “was not so much the bottom-up creation of a new cadre of cyber specialists as it was the semantic rebranding of an existing career field”—the communications career field, which historically was not a warfighting function within that service.6 More strikingly, the Navy simply chose not to create a cyber operations career field at all.7 Only after congressional intervention, nearly a decade after the Army created the cyber branch, did the Navy establish a distinct career field for its cyber personnel.8
Factors that are typically invoked to drive organizational change struggle to fully account for the Army’s choice to create a cyber branch. The early part of this century saw a growing accumulation of cyber incidents. Examples include China’s 2005 Titan Rain espionage campaign that targeted the US Defense Department and other government agencies; the Stuxnet cyber campaign against Iran’s nuclear weapons program uncovered in 2010; and Russia’s use of disruptive cyber operations against Estonia in 2007 and Georgia in 2008. These incidents showcased an evolving threat and a changing technological landscape. However, these macro changes in the threat environment or developments in cyber capabilities are a poor fit to explain specific institutional choices. They especially cannot explain why the Army’s choices in this case differed from other services and even the Army’s own decisions at other points in time. Other causes of change, such as exogenous shock (for example, defeat in war) or domestic political pressure (for example, civilian intervention in military affairs) do not apply to this case. (As we discuss below, interservice rivalry offers an incomplete explanation.)
Therefore, the Army’s choice to establish a new branch for cyber warriors presents an empirical puzzle. Why did the Army create an entirely new organization for its cyber personnel, when this choice fell outside of the organization’s standard approach to other new technologies and domains, did not mirror the approaches of the other services, and did not occur in response to significant shocks?
We argue that an overlooked but critical factor was the role played by a small group within the Army of what we term “culture entrepreneurs,” who orchestrated the development of the cyber branch through bottom-up mechanisms. This factor contrasts with other explanations for organizational change, which tend to focus on top-down drivers of change, be it change prompted by shock, or intervention from without, or leaders from within. Instead, the creation of the cyber branch was the product of a deliberate effort by culture entrepreneurs within the Army to not only establish a new organization—the cyber branch—but also to imbue it with a new, distinct culture within the Army’s broader service culture. This was by no means an easy task, as it required the culture entrepreneurs to navigate tensions within the Army’s culture and subcultures, as well as between the Army’s dominant culture and key external cultures.
In this article, we explore the causes, processes, and outcomes of cultural change within the Army in a cyber context. We conduct an in-depth examination of how the US Army decided to organize its personnel for cyber warfare as a theory-building case. The purpose is to help develop new concepts that can be applied more broadly to evaluate military cultural change (or stagnation) in a cyber context. We focus on the decision to create a cyber branch because personnel decisions are especially important for military cyber operations. Rebecca Slayton argues that “the relative skill with which adversaries manage complex information technology” is a critical factor shaping the offense-defense balance in cyberspace.9 Similarly, Max Smeets’ research has noted the range of skilled personnel who are foundational to military cyber organizations, including vulnerability analysts, targeteers, malware developers, on-net operators, linguists, and many other roles.10 We also focus on the branch because it is an essential locus of organizational culture within the Army.
Through interviews with and analyses of the writings of central figures in the Army, we assess how the interplay between cyber “hacker” culture and the Army’s dominant service culture gave rise to cultural change within the Army through its new cyber branch. Overall, we find that culture played a significant role in shaping why the Army chose to establish a new branch and, more broadly, how it grappled with the implications of cyberspace. We also find that some cultural change occurred, especially with respect to the growth of a new cyber subculture within the Army that professed new ideas about the nature of warfighting. We argue, however, that this change resulted in a cyber culture poorly integrated within the Army’s dominant culture.
Such contradictory cultural change may hold broader strategic implications. Unresolved cultural tensions within military organizations could have negative consequences for warfighting. Most advanced militaries promulgate operational concepts that rest on the integration or coordination of kinetic and cyber effects on the battlefield.11 Disintegrated cyber cultures may result in cyber operations that are uncoordinated with broader military campaigns or that fail to deliver expected results.12 As then-Col. William Hartman, at the time the commander of the Army’s first offensive cyber operations brigade, reflected in 2015, cyber operators need to “learn to speak infantry” to effectively integrate cyber capabilities into conventional warfighting.13 Cultural contradictions could also negatively affect military effectiveness through eroding morale, recruitment, and retention, as effective cyber warriors find themselves undervalued within the broader organization—a concern already reflected in surveys of military cyber personnel.14
Such contradictory cultural change may hold broader strategic implications.
This article proceeds as follows. First, we detail the literature on strategic and military culture, as well as culture change, and illustrate how cyberspace fits into and extends this literature. We then outline the contours of the “cultural dilemma” that the emergence of cyberspace presented to military organizations, by comparing and contrasting the characteristics of the Army’s dominant warfighting culture with an external cyber “hacker” culture. Next, we trace how a group of culture entrepreneurs within the Army sought to effect culture change along two dimensions—the conceptualization of the role of cyberspace in modern conflict and the definition of what constitutes a cyber warrior—and assess the nature and extent of this change. Finally, we conclude by exploring the implications of contradictory culture change.
Strategic and Military Culture
Cultural factors, including strategic and military culture, shape how militaries prepare for warfare.15 The advent of cyberspace as a new domain of warfare raises questions about how cyber technologies and distinctive cyber cultures may be changing the cultures of military organizations. Cyberspace is ripe for culture-based studies because it is characterized by uncertainty and ambiguity, which make actors more likely to reach for cultural frameworks to make sense of its implications.16 For example, cyberspace lends itself to strategies of deception and secrecy, which make it difficult to discern intent and attribution.17 Furthermore, while all new technologies of warfare require interpretation, the warfighting implications of cyber capabilities are especially hard to pin down. Cyber “weapons” lack clear analogies to conventional military capabilities, which leads scholars and practitioners to endlessly debate whether cyberspace should be understood primarily as an intelligence contest; an extension of the post–Gulf War information revolution in military affairs; a unique environment demanding initiative persistence; or something else.18 Adding to this complexity, civilian cyber cultures, especially in the private sector, can be in tension with military cultures.19
Our analysis focuses on military culture, which overlaps with but is conceptually distinct from strategic culture.20 Strategic culture concentrates on those elements of a political culture that pertain to national security, in particular assumptions and habits about preferred strategies and tactics for the use of military force, such as “the cult of the offensive.”21 Strategic culture can be defined as “the sum total of ideas, conditioned emotional responses, and patterns of habitual behavior that members of a national strategic community have acquired through instruction or imitation and share with each other with regard to . . . strategy.”22 Most writing on strategic culture examines beliefs, attitudes, and habits pertaining to the use of force that are distinctive, enduring, and shared within a group that socializes neophytes into established folkways.23 Strategic culture is shaped by influences from civilian as well as professional military communities, and may encompass subcultures with distinctive attitudes and habits. Like military culture, strategic culture can also be influenced by the strategic and technological environment.24
Distinct from strategic culture, many studies focus on the culture of military organizations.25 Whereas strategic culture focuses on strategic assumptions about the use of force, military culture begins with identity issues: beliefs about the fundamental nature of the military’s profession as a warfighting organization as well as about the warrior ethos. The military’s totalizing nature makes it “well equipped to inculcate a common culture” that has a formative effect on individual and organizational identity.26 Elizabeth Kier notes that military culture is neither equivalent to national character nor interchangeable with strategic culture, nor does it refer to a universal “military mind” shared by all military organizations.27 Instead, distinct military organizational cultures establish “collective standards of relevance about the critical aspects of the organization’s work or goals and often provide a special language.” These standards help members of the military to define problems and devise solutions for them.28 Military culture can be formally institutionalized and codified, but also often exists “in an informal set of conventions and practices formed over time which are difficult for the uninitiated to comprehend.”29 Implicitly, studies of military culture are as much about identity as they are about strategy, although assumptions about identity (such as “the warrior ethos”) may load the dice in favor of certain, often offensive strategies.
Kier’s study of interwar French military policy explores the interplay between military culture and civilian beliefs about the roles of force and the military in society. In her account, the French military interprets its strategic options based on constraints imposed by the civilian environment.30 Echoing this approach, we evaluate the relationship between civilian cyber cultures (a broader social milieu that exists apart from the military, which we term “hacker culture”) and military culture (which we term “warrior culture”).
Cultural Continuity Versus Change
Our analysis focuses on the prospects of cultural change within military organizations. In this sense, we offer a perspective on culture distinct from earlier variants of the literature, which largely see culture as fixed, especially as culture is institutionalized in organizations.31 Dima Adamsky, for example, describes how strategic culture “should manifest more continuity than change, and permanence over time regardless of the varying material circumstances.”32 Military cultures are understood to be particularly resistant to change—“like great ocean liners or aircraft carriers: they require enormous effort to change direction,” as Williamson Murray puts it.33 Yet, some earlier theorists saw the potential for cultural change and represented culture as “semi-permanent” rather than static.34 Colin Gray posits that “strategic culture(s) can change over time, as new experience is absorbed, coded, and culturally translated,” but depicts that process as slow and evolutionary.35
Tension among subcultures or “contradictory elements” in a given culture can be a vehicle for endogenous change.
A “fourth wave” of the culture literature, however, more explicitly tackles cultural change.36 These approaches avoid reifying culture as a fixed body of beliefs. Instead, they acknowledge that cultures “can and do change, sometimes radically.”37 These scholars think of culture as a toolkit of arguments, metaphors, and operational techniques that strategic actors can draw on creatively and selectively to accomplish their tasks, add to their power, and persuade others to join them.38 This view places at least as much emphasis on cultural change as on continuity, as actors combine old ideas in new ways, engage in culture wars, and innovate.39
There are two broad views about the causes of change within military cultures. One view posits that change is only likely to occur due to exogenous shock—such as Germany or Japan’s defeat in World War II, which caused a major shift in their strategic cultures.40 Such shocks challenge existing beliefs and create what Jeffrey Lantis terms “cultural dilemmas,” which are resolved through changes in culture.41 Exogenous events force existing cultural frameworks to be “reassessed . . . [and] old models and practices are either recombined into new models and practices, or new models and practices are invented whole cloth.”42
A second view sees change occurring endogenously within organizations because of a perceived failure of the dominant culture to address a particular challenge.43 This view draws heavily from the idea that cultures are not uniform and coherent; instead, they contain distinct subcultures with unique identities.44 Tension among subcultures or “contradictory elements” in a given culture can be a vehicle for endogenous change.45 “Contradictory elements” can exist in a given culture, where “a number of ‘subcultures’ compete for influence over strategic decision-making.”46 These subcultures may be “‘waiting in the wings’ . . . only held by a very small, marginalized minority with virtually no influence—and one of these may one day become dominant, changing that state’s strategic policy profoundly.”47 This view extends to military culture, which is the focus of our analysis. Murray describes how “there is no monolithic American military culture. Rather, the four services . . . have evolved cultures that are extraordinarily different.”48 Similarly, Sarah White describes various subcultures within and across different US military services that pertain to questions of cyberspace and information operations.49
These and other scholars also describe the process of cultural change. Change occurs as existing or new subcultures that had “been marginalized by the dominant culture, begin to flourish . . . [offering] alternative philosophies, values and modus operandi, which eventually become the mainstream.”50 Framing, narratives, and discursive practices are key to this process, especially when mobilized by elites.51 Cultural “entrepreneurs” combine new and old repertoires in distinct ways to effect change.52 They do so through strategically leveraging framing—ways of collectively constructing meaning, interpreting reality, and legitimating ideas.53 Some frames may resonate more than others; frames that are strategically tailored to the targeted culture are more likely to effect change. Cultural change can also occur through mobilizing oral and written narratives—“compelling story lines which can explain events convincingly and from which inferences can be drawn.”54
Applying a Cultural Lens to Cyberspace
As we noted above, cyberspace is an uncertain and ambiguous arena of strategic interaction. This quality is conducive to applications of culturally based approaches, as elites may reach for cultural repertoires to understand new challenges and define new roles and missions within organizations. Cyberspace may also pose unique cultural challenges to military organizations if cyber cultures are in tension with military cultures. A burgeoning literature is tackling cultural explanations for strategic behavior in cyberspace. Miguel Gomez advances a cognitive-cultural explanation of cyber behavior and argues that states use strategic culture as a schema due to uncertainty in cyberspace.55 Extending this argument, Gomez and Christopher Whyte find that Singapore and the Philippines exhibit differences in strategic behavior in cyberspace, which they attribute to differences in strategic culture.56 Focusing on the US, White evaluates how service cultures and subcultures within the military shape varying approaches to innovation in cyber doctrine.57 Finally, Slayton argues that the US military’s dominant warrior culture has led it to prioritize warfighting over cybersecurity, which counterproductively increases cyber vulnerability.58 Collectively, this work is making critical strides in introducing culture as a variable that can account for various outcomes in cyberspace.
Our analysis takes a step back and explores how cyberspace may prompt cultural change within military organizations.59 The cyber context provides an especially compelling case for studying cultural change because cyberspace has not triggered major exogenous shocks that would prompt militaries to reevaluate existing cultures; in other words, a “cyber Pearl Harbor” has not materialized.60 This aspect suggests that endogenous processes of change are more applicable in cyberspace, meaning that military and cyber cultures and subcultures compete to offer new or modified paradigms.61 In operationalizing cultural change in this context, we do not aim to assess whether cyberspace prompted the Army’s existing culture writ large to change. Rather, we explore change in terms of the creation of a new cyber subculture within the Army’s dominant culture. We combine deductive reasoning with inductive case study analysis by tracing the genesis, process, and outcomes of cultural change as a means of theory development.62 The Army is both an influential and deviant case because, as noted, it is the only service that chose to establish an entirely new entity to organize its cyber forces.63
We focus on the Army’s decision to establish a cyber branch because talent management and personnel are foundational to military cyber operations, and, in the Army, the branch is the institutional apparatus that socializes entrants into the Army’s culture.64 Future research could explore the role of culture in other organizational decisions, such as the establishment of US Army Cyber Command or other new organizations founded around the same time period. The Army’s branches are organized by function (such as field artillery, armor, infantry, and so on), and branch identity is central. Carl Builder describes the Army’s branches as “guilds—associations of craftsmen who take the greatest pride in their skills.”65 Each branch has educational and training institutions that inculcate personnel in the branch culture—not only in the skills and competencies needed to carry out specific work roles, but also regarding what it “means” to identify as a member of that branch.66 Indeed, as one officer reflected, “[t]he culture of your branch is so strong that switching branches is painful.”67 Therefore, creating a cyber branch was intertwined with a deliberate effort to define a new cyber culture.68
We find that cultural change was caused by the deliberate efforts of “culture entrepreneurs” within the Army, enabled by a handful of sympathetic senior Army leaders, to integrate elements from civilian cyber “hacker” culture into the Army’s dominant culture to create a novel Army cyber culture. Culture entrepreneurs strategically deployed narratives, symbols, and framing to promote culture change in a way that would resonate with the Army’s dominant culture. The process of change largely occurred within the Army, even as change agents drew on external hacker culture.
Finally, we evaluate the outcome of this process along two dimensions: change in the constitutive ideas within the Army about the nature of warfighting and its associated rituals and symbols; and changes in personnel policies and processes essential to career progression. We find more evidence of cultural change along the first dimension than the second, but in a way that gave rise to unresolved cultural contradictions. We also find that cultural change was most successful when culture entrepreneurs strategically leveraged points of congruence between cyber and Army culture. Ultimately, however, this process produced a cyber culture that fits uneasily within the Army’s dominant culture. In the conclusion, we discuss the implications of our assessment for broader strategy.
Alternative Explanations
Some might argue that other factors offer more compelling explanations of cultural change, and therefore of the Army’s decision to create a cyber branch. A realist perspective, for example, might posit that military cultures are only likely to change as a result of changes in material factors, such as changes in the balance of power, threat, or technology in the international system.69 It is true that the cyber threat environment was steadily growing and evolving in the years leading up to (and following) the creation of the cyber branch, as we noted in the beginning of this article. Nevertheless, a number of earlier cyber “wake-up calls” failed to produce meaningful changes.70 More importantly, little evidence exists that a clear, decisive incident or threat specifically drove decisions about particular institutional choices, such as the creation of the branch, even as certain incidents and threats may have spurred broader organizational decisions, such as the establishment of US Cyber Command to consolidate the military’s joint offensive and defensive cyber warfighting units.71
Others argue that external shocks, such as civilian intervention in military affairs or defeat in war, cause cultural change.72 The Army’s decision-making, however, took place in the absence of these variables. No major “defeat” in cyber war had occurred, because no such war had taken place. And while civilian officials certainly played a role in the creation of organizations like US Cyber Command, the methods each of the services used to organize their personnel were largely left up to each organization. In the case of the Army, military (rather than civilian) leaders largely drove the choice to create a cyber branch—most notably Gen. Keith Alexander, the first commander of US Cyber Command, and Gen. Raymond Odierno, chief of staff of the Army.73
Others posit that organizational theory is better suited to explain cultural change.74 According to this logic, professional military organizations should respond in roughly similar ways to new technologies of warfare. Yet, in this case, the creation of a new branch for cyberspace broke with the Army’s typical practices and organizational processes, and the Army’s response differed from that of other American military organizations (services).75 Other frameworks from organizational theory suggest that interservice rivalry could explain cultural change.76 Some evidence exists that Army leaders were influenced by the other services. When US Cyber Command was established, leaders within the Army felt that their service was at a disadvantage relative to the other services, especially the Air Force, which was an early mover in establishing organizations for cyber warfighting.77 This line of thinking reinforced the perceived need to create a cyber branch.78 Additionally, the architects of the cyber branch turned to the other services, each with their own approaches to define “the problem of what ‘counts’ as cyber,” as points of comparison to inform the Army’s approach.79 Yet, while interservice rivalry may have broadly contributed to the Army’s decision-making, it has little to say about substantive decisions the Army made about the cyber branch and its composition and culture, as we describe below. These choices were more informed by how culture entrepreneurs perceived and operationalized cyber “hacker” culture in conversation with the Army’s service culture than they were by the examples of other services. Indeed, the Army ultimately chose a path—creating an entirely new career field through a basic branch—different from each of the other services.
The Cyber Culture Dilemma
As the US military began to create new cyber organizations, such as US Cyber Command and Army Cyber Command, Army leaders were faced with a dilemma. They needed to provision cyber forces for these commands and, therefore, needed a mechanism for identifying, organizing, and training cyber personnel.80 As Col. (ret.) Andrew Hall, former director of the Army Cyber Institute, described, the Army received a request in 2010 from Gen. Alexander to “‘send me your cyber forces.’ But you can’t make a request for something that doesn’t exist. You can’t ask for what you don’t have. And we didn’t have a cyber force. We didn’t know what General Alexander meant.”81 This situation created an opening for cultural contestation between the Army’s dominant warfighting culture and a cyber “hacker” culture.
Below, we describe the core attributes of each culture. These qualities represent broad generalizations; significant complexity, diversity, and internal incoherence exist within both cultures. These attributes are especially true for cyber culture, which is not contained within a single institution, but instead represents a shared set of values, ethics, and ideas to which a heterogenous set of individuals and organizations subscribe.82 The Army’s warfighting and cyber cultures are not diametrically opposed in all areas, even as they represent significantly different worldviews. Indeed, cultural entrepreneurs within the Army exploited areas of cultural congruence.
Army Warfighting Culture
Scholarship on Army culture shares several consistent themes.83 The Army is a human-centric organization that perceives the fundamental nature of its profession—warfighting—to be an inherently human endeavor in which physical contests between land forces over the control of territory is the decisive form of warfare, and where mass is a key element.84 Builder describes how the Army perceives itself as “the essential artisans of war.”85 Moreover, the Army understands warfare as “something eternal, a fundamental, unchanging aspect of human nature.”86 This thinking has led some researchers to depict the Army as skeptical of new technologies.87 That description, however, belies internal inconsistency within Army culture around technology. For instance, other scholars note that the Army values technological innovation, perceives “advanced technology as a comparative advantage over potential foes,” and may sometimes prefer to substitute technology for manpower.88
The Army perceives the tactical engagement as the decisive form of warfare.
The Army valorizes physical prowess and strength. This attribute likely originated from functional requirements related to the reality of land warfare, and has resulted in rituals around physical fitness to cultivate and reinforce collective identity through shared physically taxing experiences. Additionally, Army organizational culture is bureaucratic, hierarchical, and anchored in the concept of service—a necessity, given the paramount importance of the credibility of the chain of command and the need for individuals to carry out orders on a battlefield at enormous personal risk.89 This quality means that a “can-do” attitude is an important cultural value, but the priority is less on an individualistic enterprising approach than an emphasis on seeing a mission through to completion by following orders within acceptable bounds of initiative and discretion.90
The elements of the Army that directly engage in battle—traditionally referred to as the combat arms branches—are at the apex of the hierarchy.91 The prominence of the combat arms branches is akin to an “oligarchy.”92 Historically, the infantry (the “queen of battle”) has enjoyed an implicit prominence even over its fellow combat arms branches.93 However, this may be shifting in favor of “fires”—epitomized by field artillery, which is the “king of battle.”94 In organizational terms, the combat arms branches effectively run the Army. Promotion to the highest ranks is largely determined by an officer’s achievements in command at the battalion and brigade levels, and most leaders come from the combat arms branches. Stephanie Ahern notes that this “reinforces the existing elites—infantry (especially mechanized) and armor—while also creating a zero-sum game . . . to add officers with specialized technical and/or strategic skills to its most senior ranks.”95 As Col. (ret.) Gregory Conti, the first director of the Army Cyber Institute, described: “The Army has optimized combat arms general officers on a certain set of criteria, and this does not include technical expertise.”96
The Army perceives the tactical engagement as the decisive form of warfare. Because “every battle is won or lost by the accumulated successes or failures of the individuals on the battlefield,” small units of soldiers are the nucleus of the Army and operational command is the central feature of the Army’s model of officer leadership.97 This emphasis on command is reflected in the value the Army places on “leading” for officers, which may run counter to the development of deep technical expertise over the entire course of a career. As Rebecca Zimmerman et al. note: “For Army officers, their technical specialty is leadership. An armor officer does not drive the tank; he leads his men.”98 This generalist approach is reflected in the nomenclature for the highest levels of the chain of command: “general” officers. This approach does not imply that Army officers are bereft of technical skill—professional specialties require a significant level of technical proficiency, such as calculating the trajectory of indirect fires or piloting helicopters. Rather, these perspectives reveal the tension within Army culture about technical expertise, as well as the potential tradeoffs between leadership within the combat arms branches and the cultivation of technical expertise—which culture entrepreneurs utilized to effect culture change.
Cyber “Hacker” Culture
Cyber culture is distinct from traditional Army culture along many dimensions, despite some areas of congruence. Cyber culture is difficult to categorize because it exists across several different communities, including big tech in Silicon Valley, hacker communities, and fringe communities such as adherents of “Cyber-Communism.”99 Nevertheless, this eclectic cyber culture shares a common set of attributes.
First, cyber hacker culture styles itself as fundamentally anti-hierarchical, countercultural, and skeptical of authority.100 These attributes are reflected in the “cyberpunk” literary genre spurred by science-fiction writers such as William Gibson, who first coined the term “cyberspace.”101 Steven Levy, in his 1984 work tracing the origin of the hacker culture and hacker ethic, describes a defining notion of this culture:
The last thing you need is a bureaucracy. Bureaucracies, whether corporate, government, or university, are flawed systems, dangerous in that they cannot accommodate the exploratory impulse of true hackers. Bureaucrats hide behind arbitrary rules (as opposed to the logical algorithms by which machines and computer programs operate): they invoke those rules to consolidate power, and perceive the constructive impulse of hackers as a threat.102
As a result, even the most powerful actors in the US technology sector strive to convey a public-facing image that is anti-authority, even as they embody authority.103 For instance, in 2012 Meta’s CEO, Mark Zuckerberg, circulated a letter that described the company as embracing the “hacker way.”104 This aspect of hacker culture is perhaps most challenging to Army culture, given hacker culture’s aversion to authority and its dubious (if not illegal) methods.105
Cyber culture also values individual initiative, experimentation, and hands-on trial and error, where “done is better than perfect.”106 In some ways, this thinking aligns with US Army culture, which values initiative relatively more than the military cultures of other countries, especially autocratic regimes.107 Nevertheless, initiative within Army culture is constrained by a chain of command and a different approach to risk-taking and failure. One of Zuckerberg’s self-professed mottos—to “move fast and break things”—epitomizes the risk- and failure-acceptant nature of cyber culture.108 Making mistakes is simply part of the process; goods and services are brought to market deliberately incomplete (for example, beta versions) with the idea that they will be updated as users engage with, and developers refine and iterate, them. This process often means sacrificing security for alacrity in going to market. Additionally, following the rules is an anathema. The hacker mindset reflects “someone who is passionate about technology and enjoys creatively overcoming or circumventing limitations.”109 This mindset is nearly the opposite of Army culture because mistakes can, at their worst, lead to the literal breaking of things and people.
Moreover, cyber culture places a premium on technical skill and proficiency. Individuals gain acceptance within cyber culture through demonstrated technical skill, rather than formal education.110 Cyber culture valorizes the self-taught college dropout who succeeds due to his or her own creativity, genius, and risk-taking.111 The culture aims to project an image of being highly meritocratic and nonhierarchical. An individual’s proven technical skills and abilities, rather than their position or rank within an organization, convey status and prestige.
Other Cultural Influences
Our analysis focuses on the interplay between Army and hacker culture. Other cultures, however, played some role in shaping how the Army approached cyberspace. Because US Cyber Command was initially established as a sub-unified combatant command under US Strategic Command, for which the Air Force was the executive agent, the latter service influenced how all of the services understood warfighting in cyberspace. The Air Force was an early mover in information warfare and computer network operations in the late 1980s and early 1990s, and in November 2006 announced the creation of a provisional cyber command.112 For several years, the Air Force remained the “main advocate in the US government” for cyber operations.113 Much of the doctrinal language describing cyber operations stems from both Army field artillery and the Air Force. In the early day of US Cyber Command, “the joint fires and joint targeting processes exercised by the Air Force and Field Artillery heavily influenced the thinking.”114
The intelligence community was another significant cultural influence, particularly the National Security Agency (NSA).115 Much of the Army’s early experiences with cyber operations took place in a signals intelligence (SIGINT) context, which had a distinct culture that prioritized secrecy and tradecraft.116 An Army civilian at the US Army Cyber School notes that the highest work roles early cyber leaders could fulfill were at the NSA, where “the priority is secrecy and intelligence collection and taking minimal risk.”117 Moreover, because the NSA enjoyed organizational maturity, it set the standard for training and certifications. The Army relied on NSA schools and certifications as it was developing its own courses and training, especially prior to the creation of its cyber branch.118
Army Culture Entrepreneurs
The Army memorandum that established the cyber branch provided few details about how it should be constituted.119 This ambiguity created an opportunity for cultural change—to define, delimit, and institutionalize a new cyber culture within the Army. This opportunity was also enabled because a few Army leaders, particularly Gen. Odierno, saw cyberspace as essential to modern warfare and thought the Army should organize itself accordingly.120 But the process of change was largely driven by a group of culture entrepreneurs who strategically leveraged the interaction between traditional Army warfighting culture, on the one hand, and an external cyber “hacker” culture, on the other. This community was composed of “a cloud of cyber people in the Army doing ‘cyber’ prior to the branch forming—despite the Army.”121 Culture entrepreneurs came from various career fields but were united in their self-perception as “mavericks.”122 They existed “at the fringes” of the signal corps and military intelligence branches or in information operations or space career fields. They sought out assignments in units that were doing anything that might approximate cyber operations.123 Many ended up in academic and research roles, particularly at West Point.124 These culture entrepreneurs proactively conceptualized, wrote about, and advocated for the creation of a cyber branch as early as 2009, and many informed the decision to create the branch and weighed in on its composition. These “grassroots players” managed to “have a voice in the bureaucratic layer in the Army.”125
These culture entrepreneurs grappled with a fundamental question: What does it mean for the Army to have cyber forces?126 They did so in explicitly cultural terms, and saw the creation of the cyber branch and the effort to define what should constitute a cyber warrior as a cultural challenge.127 They discussed and wrote about creating a new cyber culture within the Army—one that was deliberately distinct from the existing Army subcultures and the military intelligence and signal corps branches—that would ultimately populate the cyber branch.128
At the same time, culture entrepreneurs were cognizant that they were attempting to incorporate elements of an external cyber “hacker” culture into an often “inhospitable” Army warfighting culture.
This approach was reinforced by a handful of senior leaders who emphasized the importance of culture, created bureaucratic space for the culture entrepreneurs to advance their ideas, and validated many aspects of their vision (including drawing inspiration from external cyber culture). Brig. Gen. (ret.) Jen Buckner, the inaugural commandant of the Army Cyber School, noted about Lt. Gen. Ed Cardon, the first commander of Army Cyber Command: “[He] was early in saying that you have to get the culture right. He had all of us read Ender’s Game—the idea was that we need to build a force to solve problems we couldn’t yet fathom, to see things differently.”129 Then-Maj. Ryan Tate, an early cyber officer, remarked in 2016: “We went for gold to change the Army culture and implement Chief of Staff and General Cardon’s vision. . . . The vision from the start was to change the culture and create a new identity from those legacy cultures.”130 At the same time, culture entrepreneurs were cognizant that they were attempting to incorporate elements of an external cyber “hacker” culture into an often “inhospitable” Army warfighting culture.131 This thinking shaped the process of culture change—culture entrepreneurs combined repertories, symbols, and ideas from traditional Army culture with elements of cyber culture.
Based on the contemporaneous writings of and interviews with these cyber culture entrepreneurs, we lay out the process and outcomes of endogenous cultural change. We describe the change that culture entrepreneurs sought to achieve, both ideationally and institutionally, along two dimensions. The first is change in beliefs about the nature of warfare and the institutionalization of those beliefs through formal policies, along with the adoption of new symbols and conventions. The second dimension is change in ideas about what it means to be a cyber warrior and formalization through personnel and other career-related policies. Then, we compare these aspirations to the decisions that were made about how to institutionalize cyber forces within the Army. We find that, with respect to the former, the culture entrepreneurs were able to create elements of a new culture within the Army’s dominant culture because they adopted the language and symbols of the former to conceptualize cyber warfare. With respect to the latter, however, culture entrepreneurs struggled to induce culture change. Overall, this resulted in persisting internal tensions.
Conceptualizing Cyberspace in Modern Warfare
To conceptualize the nature of cyberspace in modern warfare, culture entrepreneurs sought “to make cyber things into Army things.”132 Culture entrepreneurs viewed cyberspace as a core aspect of warfighting, on par with—if not superseding—traditional combat arms. This perspective differed from the branch cultures in which many of these individuals had been steeped, such as signal corps and military intelligence, which are combat support.133 Instead, the culture entrepreneurs sought for the cyber branch to assume its perceived rightful place alongside combat arms. They rejected analogies to the combat support branches that were already claiming to “do cyber.”134 Some even saw cyber warriors as the true warfighters of the modern era, “engaging the adversary every single day, even more than combat arms.”135
The framing, analogies, and symbols used by the culture entrepreneurs illustrate how they deliberately adapted traditional Army concepts to cyberspace. They framed cyberspace in a warfighting context and used language associated with combat arms to project their image of the cyber branch. For example, they depicted cyberspace as the modern battleground in which cyber personnel are “non-kinetic warriors”—the equivalent of “21st Century kinetic combat arms soldiers.”136 They saw cyber leaders as being like their “kinetic comrades” and therefore requiring similar accolades and “opportunities for medals, awards, [and] tabs.”137 Furthermore, culture entrepreneurs described the conduct of cyber operations in combat arms terms, applying the language of maneuver, fires, and effects to cyberspace, with a particular focus on analogies to field artillery.138 For example, they referred to “maneuvering in cyberspace”; “creat[ing] and employ[ing] sophisticated and devastating effects in cyberspace”; and the “employment of combat power in cyberspace.”139 Despite significant differences between land warfare and cyber warfare, culture entrepreneurs depicted them as synonymous: “Conceptually, the Cyber branch should be no different with the exception that instead of maneuvering on land, officers of the Cyber branch will operate in cyberspace.”140 The culture entrepreneurs believed that a cyber operator should be no different from “an 11-Alpha officer or an 11-Bravo [in the infantry branch], who maneuvers through a maneuver area in the physical world to conduct a military objective and achieve a strategic end state.141
Similarly, as then-Maj. Tate explained: “[Cyber was] coming from two branches—MI [military intelligence] and Signal Corps—[that] largely have supported other branches to achieve effects on the battlefield. We wanted to shift the way that people thought. We wanted offense/defense, much like Infantry is offense/defense.”142 Col. John Conway, tasked with building the Army Cyber School from 2013 to 2014, reflected in 2018: “It was at my recommendation, that this new branch should in a way divorce itself from MI and Signal, although our skill sets make up what this branch really is. But with cyber becoming its own new domain, that this is really something that should be a maneuver MOS [military occupational specialty]. This is a defensive and offensive weapon capability.”143 Some officers even proposed the creation of a Cyber Ranger School to be “the cyber analogue to the crucible-like leadership experience of kinetic Ranger School.”144
This viewpoint extended to the proposed name for the branch: “cyber” rather than “cyber corps.” As one officer who helped to develop the initial prototypes for the branch name, insignia, and heraldry while serving on the West Point faculty, reflected:
We didn’t want to call [the branch] “cyber corps” because that sounded too much like a support branch. It’s “Signal Corps,” not “Signal.” Other support branches such as Ordnance, Finance, and Transportation all include the “Corps” moniker. But if you look at Infantry, Armor, or Field Artillery—it’s just that. And we wanted a “Cyber” branch to connote maneuver, just in a different domain.145
This thinking is also reflected in the branch insignia, which West Point faculty proactively designed. As one of the insignia creators remarked, “No one asked us for the insignia; we just did it.”146 Figure 1 compares the cyber branch insignia to the branch insignia of three core combat arms branches (infantry, armor, and artillery), as well as to the two combat support branches that generated the bulk of the cyber branch personnel (signal corps and military intelligence).
Figure 1. US Army branch insignia comparison. From “Branch Insignia,” Institute of Heraldry, https://tioh.army.mil/Catalog/HeraldryList.aspx?CategoryId= 9362&grp=2&menu=Uniformed%20Services.
The similarity between the cyber and combat arms branch insignia is striking—and was a deliberate choice. The cyber branch insignia contained “crossed lightning bolts, which looks like crossed rifles, crossed cannons [like the other combat arms branches]. And it’s all solid colors, to make it distinct from MI and Signal which are really the operations support branches.”147 “The guiding principle around the heraldry,” shared an officer who was one of its architects, “was that this was maneuver in another domain.”148 Beyond the insignia, the proposed numerical designation for the branch, 17, reflects the desire to instantiate cyber as a maneuver function; it meant “we have aviation to our left [number 15] and special forces to our right [number 18]. So, it’s clear that cyber is supposed to be in maneuver, fires, and effects.”149
Creating a “Cavalryman in Cyberspace”
How the Army’s culture entrepreneurs set out to define what constitutes a cyber warrior differed from how they conceived of the role of cyberspace in warfighting.150 While borrowing from elements of Army warfighting culture to articulate ideas about cyber warriors, culture entrepreneurs drew more heavily from cyber hacker culture to integrate values and ideas that had fewer points of correspondence with Army culture, especially the idea of the “hacker” mindset. This approach introduced tensions into the Army’s cyber culture. First, we describe those aspects of the Army’s dominant culture that the culture entrepreneurs leveraged to conceptualize cyber warriors. Then, we trace the stronger influence of cyber “hacker” culture.
Adapting Army Culture to Create “Cyber Warriors”
Similar to how the culture entrepreneurs compared the nature of warfighting in cyberspace to the combat arms branches, they also used combat arms analogies as models for what constitutes a cyber warrior.151 Col. (ret.) Hall described this linkage: “[The] priority was to make a cavalryman in cyber. To make a commander. To make cyber more like the Army, and less like military intelligence.”152 This framing is notable because military intelligence has long been an established part of the Army, but the term “Army” is used to connote only the combat arms subculture. When it comes to leadership, officer development, and training and education pathways, the cultural entrepreneurs sought to exploit the overlap between Army and hacker culture to create a new cyber culture.
The concept of leadership is central to the Army’s warfighting culture, but it also corresponds with elements of cyber culture, especially the value placed on initiative. Culture entrepreneurs framed those elements of cyber culture that prioritize enterprise and flexible decision-making in terms of the traditional military virtue of seizing the initiative in combat. In Col. (ret.) Hall’s words, the aim was to apply “the strength of the Army.”153 One “strength of the army” is the idea of mission command, which Army doctrine defines as an “approach to command and control that empowers subordinate decision making and decentralized execution appropriate to the situation.”154 Absent delegated authority, units are stymied in adapting to battlefield conditions, maneuvering, and exploiting opportunities. As one Army officer involved in the stand-up of the branch explained: “In maneuver branches, having command is important because, as a commander, you exercise mission command. You get a mission from a higher commander with a task and a purpose; you have been empowered, and you empower your subordinates, to make decisions in a decentralized manner to exploit the initiative.”155 Mission command is especially relevant for cyber operations, given the dynamic nature of the environment and the fact that operators are likely to have limited windows to exploit fleeting opportunities.
Culture entrepreneurs also believed that cyber leaders should be trained and educated across all aspects of their operational role to develop “a level of expertise commensurate with the Army’s combat arms officers.”
This priority contrasts with the signal corps and military intelligence branches, where “commanders rarely exercise mission command because they are almost always a supporting effort. When in command in those branches, commanders are often doing more administrative work rather than operationally relevant work.”156 Instead, culture entrepreneurs felt that cyber officers “must be trained and empowered as maneuver leaders who adopt an ethos and demonstrate the ability and competence to lead maneuver operations.”157 For example, as early cyber officers Lt. Col. Justin Considine and Cpt. Blake Rhoades described in 2016, cyber leaders should be operational leaders: “Like infantry or armor officers, cyber officers must believe and prove themselves to be capable and willing to engage our adversaries at decisive points within the operational environment.”158 This perspective would mean developing “commanders of [cyber] units that are responsible for units with specialties [such as MI and signal corps] that we used to think were supporting.”159
Culture entrepreneurs also advocated for developing cyber officers from the very beginning of their careers—rather than establishing an accession-based branch—to inculcate a branch culture that is deliberately built over time through cumulative experiences, an approach that mirrored the Army’s traditional approach. As Col. (ret.) Hall shared: “I felt very strongly that we needed cyber Lieutenants. . . . Cyber careers in the Army have to start at the beginning.”160 Hall continued:
How do we look at the small unit, the structural strength of the Army that is resident in Infantry? How does this translate to cyberspace? . . . And Lieutenants are essential . . . this was part of making cyber an “Army thing.” We wanted to say that cyber has to be something you can do from the beginning, not something you have to do later. And that is a “strength of the Army” type of argument.161
Similarly, Arnold, Harrison, and Conti argued: “For the Army to be effective in cyberspace, it must produce leaders who understand the intricate aspects of operations in cyberspace with the same level of competence and confidence as combat arms officers. . . . In order to command a maneuver unit, an officer is expected to follow a branch-specific, career-long development-model. . . . Similarly, the Army should expect its cyber leaders to possess a commensurate expertise in their chosen fields as that required from combat arms officers.”162
Culture entrepreneurs also believed that cyber leaders should be trained and educated across all aspects of their operational role to develop “a level of expertise commensurate with the Army’s combat arms officers.”163 As Arnold et al. wrote: “One would not expect to train Infantry officers in only the defense or only the offense and then assign them to defensive-only or offensive-only Brigade Combat Teams. Similarly, our efforts in cyberspace should not be fractured.”164 Across the various levels of command in the Army, culture entrepreneurs presented a model for cyber leadership that directly drew from the combat arms model.165
The Influence of Cyber “Hacker” Culture
At the same time, culture entrepreneurs believed that a new Army cyber culture should incorporate some elements from cyber culture that were in tension with broader Army culture.166 For instance, writing in 2011 as active-duty Lt. Cols., Conti and Raymond argued that “successfully leading cyber warriors takes a different type of leader, one who is comfortable in the inherently technical cyber domain, appreciates the technical expertise, and understands the personality types, creativity, culture, motivations, and intellectual capability of cyber warriors.”167 This framing implicitly drew a distinction between cyber technical expertise—epitomized by the hacker mindset—and other forms of technical expertise already prevalent in the Army. In 2010, then–Lt. Col. Conti and Lt. Col. Jen Easterly described the hacker mindset as “someone who is passionate about technology and enjoys creatively overcoming or circumventing limitations.”168 The cyber branch should seek to recruit “Uncle Ned’s nephew that’s sleeping on the couch in the basement, who’s coding.”169 This thinking meant seeking out individuals comfortable with breaking the rules, experimentation, and learning through trial and error: “Hackers and cyber warriors have a RTFM (Read The Manual) culture, which expects individuals to make every effort to answer their own question before asking an expert.”170 Desirable attributes include “possess[ing] high technical aptitude, be[ing] a creative problem solver, and possess[ing] a hacker mindset that enjoys manipulating complex systems and pushing technology in ways unintended by its designers.”171
The culture entrepreneurs understood this bottom-up, experimentally driven approach to be in tension with Army culture, which they depicted as taking a top-down approach and “favor[ing] the initiatives of a select few at the top, often regardless of expertise.”172 For example, culture entrepreneurs believed that the cyber environment required distinct approaches to initiative, such as encouraging junior officers with greater cyber technical expertise to challenge more senior officers, not in “a sort of traditional Army way.”173 Brig. Gen. (ret.) Buckner described these ideas as “counter-cultural to the Army.” She elaborated: “Our junior people were fresh from graduate school and had the greatest technical expertise. How would you get them into the room where things were being worked on—where the Colonels and Generals making the decisions did not have the expertise? We had to empower people at the most junior level.”174
Additionally, culture entrepreneurs called for new approaches to education, a critical vehicle for cultivating branch culture. For example, they believed the US Army Cyber School should be
more like a start-up company where we need to be sort of agile and have different type of faculty . . . because with cyber more than any other branch, there’s a good chance that whatever we had you doing in the schoolhouse, you will never do again when you get to your unit because tools change, operating systems are updated, networks change.175
When Gen. Bucker became the school’s first commandant, “she was looking to make sure that she got the right people . . . with the right frame of mind to really get what was a start-up organization up and running and off the ground, and moving quickly in the right direction.”176 This speed created friction with Army culture. US Army Training and Doctrine Command (TRADOC), which oversees the Army’s training, education, doctrine, and standards, was “slow moving and all about process. There was not a lot of agility.”177
Another important trait from hacker culture that Army entrepreneurs emphasized was prioritizing deep technical expertise over physical ability. While Army culture values some technical skills, these cannot come at the expense of physical capabilities. Failing at the latter is, by definition, career-ending. The culture entrepreneurs describe themselves as rejecting the “kinetic warfighting culture . . . [which] places the ability to endure physical hardship over intellectual capability.”178 In cyber culture, “not everyone needs to be able to do pushups.”179 Cultivating talent in the cyber branch requires “getting advanced degrees instead of sweating it out in the field.”180 Individuals in the cyber branch should not rise through the ranks via the “biggest caveman in the tribe” model—in other words, “leaders who are adept at carrying heavy things up hills.” Instead, entrepreneurs argued, “the most innovative and skilled problem solvers [should] rise to the top.”181
This approach was also in tension with the Army’s notion of generalist leaders.182 The culture entrepreneurs maintained that the cyber branch should proactively seek out individuals with unique skillsets and technical abilities—including recruiting individuals into the branch on a by-name basis and creating an environment where those with “no natural home in the Army” could flourish.183 This perspective clashed with a culture that prioritizes the small group over highly talented individuals. As Brig. Gen. (ret.) Buckner noted: “What do you do with a guy with a PhD in quantum from Stanford—are you going to tell them to go lead a platoon?”184
These entrepreneurs pushed for a new cyber culture within the Army that would include these elements because they believed that the traditional model did not comport with the requirements for effective cyber warfighting. They worried that emphasizing physical abilities would sacrifice an emphasis on investing resources in improved technical proficiency. Moreover, that emphasis might erode the morale of cyber warriors, who could be required by “kinetic leaders” to conduct “morning physical fitness runs, long road marches, and unnecessary field training exercises for their cyber troops which . . . often prove counterproductive in building a cohesive cyber warfare unit, particularly when the leader is not proficient in cyber warfare.185 Indeed, one officer—who was instrumental in standing up the Army Network Warfare Battalion (an early cyber warfare unit created) and subsequently the 780th MI Brigade—reflected on how one of his brigade commanders “instituted a Ranger-like assessment focused on mental and physical exhaustion to assess leaders for the [cyber] unit. We called it the ‘hunger games.’ And many of us who had already been in the unit found the need to reassess for a unit we had helped to build.”186 Instead, entrepreneurs argued, only through “fostering the development of technical leaders will the Cyber branch find success and legitimize its existence among other operational branches.”187
The culture entrepreneurs also proposed different professional development models. They were skeptical of mandating rotations every few years and requiring officers to serve in specific positions at critical points in their careers.[188]>As Sgt. Maj. Rodney Harris, an advisor at Army Cyber Command, described in a 2013 interview: “We have to help the Army understand that we have to look at cyber soldiers a little bit differently. . . . The Army has some programs that say if you stay in the same place for four to five years and you don’t get promoted, you’re probably going to be looked at for promotion stagnation and maybe get separated from the Army. . . . It’s exactly the opposite of what the Army thinks is right, but in terms of a cyber soldier, it’s 100 percent right.”189 Additionally, culture entrepreneurs argued that certain roles—such as developer, operations planner, technical lead, and technical adviser—should be rank-agnostic.190 In other words, they “should be filled based on matching the specific talents required of the positions to those of the individuals selected to fill them.” Senior officers are not necessarily best suited to grapple with complex technical problems. Rather, “cyber warriors of any rank will be bright and capable of solving hard problems, but they require a creative work environment and culture of innovation that allows ideas to be heard regardless of rank. This notion runs counter to traditional military culture where the senior leader issues a directive and the unit complies.”191
Moreover, culture entrepreneurs believed that some cyber warriors should be able to spend their entire careers in highly technical roles without progressing up the promotion ladder, contravening the Army’s “up or out” promotions process. As an Army civilian, who helped develop the Cyber Center of Excellence at Ft. Eisenhower, described: “Captain Kirk was always up for Admiral but never wanted to take it.”192 An Army officer who was a plank holder for the cyber branch shared a similar perspective: “The Army is concerned with quantity over quality. The cyber branch should be focused on quality. If you want to sit there and code for 25 years, you should be able to do that.”193 Yet, while longer dwell time in technical positions may improve competence, there is a trade-off between “keeping your technical certifications versus keeping a job that is looked upon by others as being legitimate when you are up for promotion and you are competing against other specialties or branches.”194 This trade-off is especially important given the Army’s centralized promotion process. Promotion decisions are made by a centralized promotion board that may or may not be composed of officers from an individual’s branch. A leadership development model that prizes technical expertise over traits the broader Army culture values would mean that cyber leaders “would not be sufficiently ‘greened’—steeped in the Army. What we gain in technical capability we lose in the ability to be integrated with and respected by the larger Army.”195 Entrepreneurs saw these traits as essential to the long-term success of the Army’s cyber branch, but believed that each posed challenges within broader Army culture.
Implications of Contradictory Cultural Change
The need to build cyber forces generated a dilemma: The Army had to create a force that did not yet exist. This dilemma provided an opportunity for cultural entrepreneurs to promote a new cyber culture within the Army—a form of cultural change. To do so, they combined elements of traditional Army warfighting culture with cyber “hacker” culture in a way that they hoped would resonate with elites within the organization. What was the outcome of this effort?
Along the first dimension of change—conceptualizing cyberspace as an integral element of warfighting and implementing policies in accordance with that vision—the culture entrepreneurs were largely successful. This success is likely due to their deployment of framing, analogies, and symbols that could be seamlessly adapted to the Army’s dominant culture. When the cyber branch was created, the Army officially designated it as a combat arms branch; provisioned it with the numerical designations associated with other combat arms branches; formally considered cyberspace to be a core element of maneuver, fires, and effects warfighting in Army doctrine;196 and adopted heraldry echoing that of the other combat arms branches. At least in name, a new cyber culture was created that could coexist within the Army’s dominant culture.
Yet the culture entrepreneurs were largely unsuccessful in inculcating key elements of cyber hacker culture into how the Army develops talent within the cyber branch. The lack of success in this area continues to be a source of internal friction.197 While cyber is not an accessions branch (in that prospective cyber officers join the branch as lieutenants), on many other dimensions of personnel policies the culture entrepreneurs were not able to effect change. The Army continues to operate with a generalist leadership model, and many Army cyber leaders lack mission command.198 A centralized promotions process means that when technically competent officers do rise through the ranks, they are diverted to the command track to ensure continued professional success within the Army’s model. The Army has also not established models that enable the cultivation of foundational knowledge in the technical aspects of cyber operations. The organization, in turn, struggles to fill critical leadership positions with individuals who have the appropriate technical expertise to understand and execute cyber operations, and also suffers from challenges of retention and morale within its cyber forces.199
A cyber culture that exists in an inhospitable broader military culture may impede the integration and coordination of cyber and conventional operations on a battlefield.
A “split personality” cyber culture resulted; elements of a new cyber culture rest uneasily alongside and often in tension with the Army’s dominant culture.200 Moreover, over time the culture entrepreneurs saw their influence wane.201 This development has generated a sense of fatalism among some of the original pioneers of the branch. Col. (ret.) Conti, for example, lamented that he is “pessimistic that Army culture can ultimately accommodate a thriving cyber community. . . . Culturally, cyber is always an afterthought.”202
In one sense, our analysis is consistent with the expectations of contemporary theorizing about cultural change. Our findings offer further empirical support to the notion that military cultures can change, even in the absence of major exogenous shocks, and that this process often stems from internal competition between dominant cultures and subcultures. Moreover, this article underscores how cultures are not monolithic; instead, they are often characterized by inconsistent and even contradictory attributes—and these tensions can be fruitful for enabling change. At the same time, our analysis also reveals that cultural change is difficult and can produce internal contradictions.
These findings raise questions relevant for research and policymaking. While we focus on cultural change as the dependent variable, an important potential extension of our analysis is the relationship between incoherent or contradictory military cultures and key outcomes in the security studies literature. One plausible hypothesis is that incoherent cultures are more likely to exhibit disintegrated strategy or poor battlefield performance. A cyber culture that exists in an inhospitable broader military culture may impede the integration and coordination of cyber and conventional operations on a battlefield.203 For example, the US Army promulgates models for cyber-kinetic integration on the battlefield. This integration includes earlier concepts of Cyber-Electromatic Activities (CEMA) and Cyber Support to Corps and Below, and more recent efforts such as the establishment of the 915th Cyber Warfare Battalion, activated in 2019, which was redesignated as the 11th Cyber Battalion in 2022.204 This expeditionary cyber unit is meant to coordinate and integrate cyber, information, and electronic warfare effects at the tactical edge.205 The joint force has applied similar concepts in practice, such as the Cyber Command’s Operation Glowing Symphony, launched in 2016, to conduct cyber operations against the Islamic State in the context of the US’s broader military mission in Iraq and Syria, Operation Inherent Resolve. Cyber operators were “tasked with coordinating not only with each other, but also with units acting in other domains (including locating targets for ‘lethal fires’) as well as intelligence agencies.”206
One risk stemming from contradictory cultures is that cyber operations carried out by highly technically proficient but culturally isolated personnel will be (at best) uncoordinated with other operations on the battlefield or (at worst) counterproductive. Another concern is that cyber leaders may be unable to effectively communicate cyber options to the kinetic warfighter, which could cause senior leaders to mis-, under-, or over-estimate their utility as part of a broader military campaign, which would result in military ineffectiveness. Additionally, because effective operations depend on a skilled and competent workforce across all levels in the chain of command, a cyber culture that does not fit into the dominant military culture could negatively affect recruitment, promotion, and retention, which would lead to an attrition of the most talented individuals—thereby reducing military effectiveness or contributing to suboptimal decisions about the application of cyber power. For example, a military cyber operator may need to make rapid decisions about whether a cyber effects operation (for example, one to disrupt, degrade, destroy, or manipulate adversary data or networks) can achieve a desired impact within a concept of operations, weighed against critical risk considerations that may have strategic consequences (for example, burning a tool that may have cost hundreds of thousands of dollars and significant time to develop, or incurring the risk of attribution). Absent nuanced technical expertise, personnel may be poorly situated to make such decisions.
Finally, our research suggests important implications for policymaking. Incompatibility between Army and cyber cultures may only be resolved through the creation of a separate cyber service, similar to the creation of the US Space Force in 2019.207 While elements of the military community have been calling for a new service for nearly a decade, doing so has only recently become politically plausible.208 The formation of a new service would provide an opportunity to cultivate a culture that is more consistent with the realities of the cyber environment and is not limited by dominant service cultures. Policymakers should also consider the risk, however, that a cyber service would merely replicate existing cultural dysfunctions in a new organization. Additionally, a distinct service would still need to effectively coordinate with other elements of the joint force, which only underscores the importance of continued efforts to adapt and socialize prevailing service cultures to the realities of cyberspace.
Erica D. Lonergan is an assistant professor in the School of International and Public Affairs and the Saltzman Institute of War and Peace Studies at Columbia University.
Jack Snyder is the Robert and Renée Belfer Professor of International Relations in the Political Science Department and the Saltzman Institute of War and Peace Studies at Columbia University.
Acknowledgments: We are grateful for detailed and helpful feedback from our colleagues on prior drafts of this article, particularly Stephen Biddle and Sanne Verschuren. We also appreciate the constructive comments from our fellow panelists and audience members at the 2022 American Political Science Association Annual Meeting, as well as participants at the 2023 Massachusetts Institute of Technology Security Studies Program Wednesday Seminar and the 2024 George Washington University Institute for Security & Conflict Studies Security Studies workshop.
Image: Soldiers from Cyber Protection Team 182, Army Reserve Cyber Protection Brigade participate in Exercise Grungy Zion 24 from Cyber Protection Team 553, Navy Mission Element on Camp Dawson, W.Va., July 31, 2024. (US Army)