Small Wars Journal

Countering Threat Networks: A Standard Lines of Effort Model

Fri, 06/02/2017 - 9:25am

Countering Threat Networks: A Standard Lines of Effort Model

Christopher Goodyear, Brian Greata, Timothy Payment and Martin Wetterauer

Introduction and Thesis Statement

Understanding networked adversaries and countering threat networks (CTN) is an increasingly common challenge for joint force commanders.  This challenge is likely to grow as asymmetric approaches and hybrid warfare become standard for those adversaries who are weaker and search for legitimacy in achieving their objectives.  This implies that commanders must be armed with a generally accepted means to understand these threats and prepare plans to thwart them.

This phenomenon is not entirely new to U.S. and allied military forces, as joint force commanders have confronted terrorist networks in Afghanistan, Iraq, and around the world before and since 9/11.  U.S. Southern Command has been fighting criminal threat networks for over 20 years through Joint Interagency Task Force-South (JIATF-S).  Insurgent threat networks are an even older phenomenon, as old as nation-states and those who have sought to overthrow them.  These are all valid examples of threat networks; however, a critical, relatively recent development is the convergence of criminal, insurgent, and/or terrorist capabilities into hybrid networks that leverage their respective strengths to create a synergistic threat effect.[1]

With the release of Joint Publication (JP) 3-25, Countering Threat Networks, on 21 December 2016, the joint force now has official doctrine to guide joint force commanders and their staffs as they formulate plans to oppose these most challenging problems.  JP 3-25 provides a number of operational level considerations including the importance of interagency integration, planning to counter threat networks, and assessing progress towards victory against threat networks.  It also covers the finer details of CTN activities such as fundamentals and best practices for analyzing network structure, counter threat finance, CTN in a maritime domain, identity intelligence activities, and exploitation to support CTN.  However, it provides very few specifics for a commander or staff considering how to develop an operational approach, and specifically what lines of effort (LOEs) best achieve operational and strategic end states against threat networks.  Finally, JP 3-25 only briefly considers CTN outside of conflict zones, where the full range of friendly military actions will usually be severely restricted.

JP 3-25 is deliberately broad, and in fact is a very good document for exposing personnel to concepts and orienting thought against these complex threats.  This paper will – to the extent possible – attempt to refine the guidance found in JP 3-25 by proposing methodology to employ JP 3-25 doctrine through recommended lines of effort to counter threat networks.  Specifically, we intend to prove the following thesis: In an Outside Declared Theater of Active Armed Conflict (ODTAAC)[2] environment, a whole of government solution leading to a judicial (i.e., rule of law) end state is best achieved through lines of effort aligned with threat network functions.  In examining this thesis, we will attempt to define an optimal end state and supporting operational conditions, and consider potential lines of effort that align along the PMESII (Political, Military, Economic, Social, Information , and Infrastructure Systems)[3], DIMEFIL (Diplomatic, Information, Military, Economic, Finance, Intelligence, and Law Enforcement)[4], and Threat Network Function models.[5]  Ultimately we attempt to identify a template with the optimal lines of effort along which to carry out military operations, actions, and activities that contribute directly to, or support, achievement of objectives to counter threat networks.


Threat networks are not new.  They have always existed in varying forms, activities, and degrees of power.  They are, per JP 3-25, those networks whose size, scope, or capabilities threaten US interests.[6]  Common types of threat networks are terrorist, criminal, and insurgent networks.[7]  Criminal networks can include narcotics, human trafficking and human smuggling (to include the movement of special interest aliens), and weapons smuggling (potentially including weapons of mass destruction, WMD) amongst other illicit activities.  The relatively recent convergence of these kinds of threat networks is what poses an increasingly significant threat.  We have already seen the merging of all three in the Fuerzas Armadas Revolucionarias de Colombia (FARC) in Colombia.  What began as an insurgent movement gradually adopted terrorist tactics, and then after funding themselves through narcotics trafficking this became a raison d’etre.[8]  Likewise, the ability of criminal networks to utilize established trafficking routes to wittingly or unwittingly move terrorists and/or weapons of mass destruction constitute a serious threat.  Finally, Hezbollah uses the drug trade and other illicit activities around the world to fund terrorist activities in the Levant.[9]

These kinds of threats, and the environments in which they operate, naturally drive friendly networks towards whole-of-government solutions due to the complexity of the problem and the requirement for a comprehensive approach.[10]  To combat threats such as these, the U.S. Government has undergone a significant increase in interagency cooperation since 9/11.[11]  The use of Title 10 forces under a Title 50 lead and authority is one area in particular that has been utilized to leverage the strengths of participating agencies to a greater overall effect.[12]  Likewise, detailing Title 10 personnel to other federal agencies for a specific mission or purpose is another way that DoD can contribute to an other-than-military effect.

These efforts are commendable, but they are niche efforts, usually isolated in nature, and limited in achieving the overall end state.  They don’t constitute a comprehensive approach, or provide a “best practice” for lines of effort that a joint force commander could use to organize operations to counter threat networks. 

This is particularly true when considering the differences between a conflict zone and an ODTAAC environment.  Joint Interagency Task Force-South (JIATF-S), which conducts detection and monitoring missions to combat illicit trafficking and is widely considered an example of successful interagency action, is still largely focused on one kind of commodity (narcotics) of one type of threat network (criminal) and does not function cross-domain (it is almost entirely limited to the Air and Maritime domains).[13]  While its function concentrates on network disruption through evidentiary seizures and criminal prosecution, it is limited by charter from leveraging all elements of national power to achieve a comprehensive approach and strategy.  However, one thing is clear from the JIATF-S example, and that is the fact that a judicial end state is the de facto “approved solution” for the Western Hemisphere (WHEM) when combatting threat networks.

The WHEM is not alone in this respect, and serves as a good example of an ODTAAC environment.  In this environment the Military element of national power is de-emphasized, creating greater reliance on the remaining diplomatic, economic, and information instruments.  This is representative of any ODTAAC area, considered diplomatic or “Title 22” environments.  Although the military is used to great effect in these theaters, it is usually through soft power and influence – not kinetic strikes as used in theaters of conflict. 

However, the DIME construct ignores some very powerful instruments of national power that are utilized not only in the U.S. Southern Command AOR, but around the world.  These include law enforcement, intelligence, and financial entities that can achieve effects against threat networks and which don’t easily fall into one of the “DIME” bins.[14]  For example, a Homeland Security Investigations (HSI) agent is not an instrument of diplomatic, military, economic, or informational power but the authorities and potential effect that HSI can bring to bear against transregional actors is significant.  Likewise, the financial effects that the U.S. Department of the Treasury can apply to threat network finances presents a considerable threat to a network’s resources.  The DIMEFIL construct better captures the full range of instruments of national power.  This construct first appeared in the National Military Strategic Plan for the War on Terrorism in 2006, and although not official doctrine, does serve to address an expanded view of applicable national capabilities.[15]

This concurrent de-emphasis of military power and expanded consideration of other instruments of national power has resulted in a preference within ODTAAC environments for what is commonly referred to as a “judicial end state” for threat networks.  But why should a judicial end state be desirable over any other?  Is this just a political ploy, an effort to make US activities more palatable?  While there is value in reinforcing the rule of law during CTN activities, there are also some good reasons why a judicial end state is desirable outside of a conflict zone. 

First, there is the question of jus ad bellum, or the theory of just war.  If a non-state actor happens to reside within a particular state that is friendly to the U.S., what exactly is the right of the U.S. to conduct military operations against that adversary?  If we conduct clandestine warfare across regional and country boundaries, our actions no longer fit the status quo of justified use of force based on the law of armed conflict and theaters of armed conflict.[16]

Second, there is ambiguity regarding what level of violence rises above criminality to that of armed conflict.  Without clear definitions of what constitutes a significant enough threat to warrant military action, a law enforcement solution is preferred.[17]

Third, we should consider the impacts to accepted norms of proportionality in an ODTAAC environment.  Current rules regarding proportionality arose from conflicts in which civilians were deemed a part of the enemy, and could share in the hardships of war.[18]  In an environment in which the threat network hides amongst civilians who may have no allegiance or even awareness of the threat network, a reassessment of the legal framework governing hostilities may be in order.[19]  Ignoring this consideration, and the potential for collateral damage, risks alienating the indigenous population and US legitimacy.

For these reasons and others, there is a current of thought that emphasizes limiting or abandoning the use of military detention, limiting the use of lethal force, and a preference for criminal prosecution over military detention.[20]  This effectively constitutes the judicial end state.

This, like any policy or generally accepted norm, is bound to run into occasional conflicts.  For example, within law enforcement, one such source of tension is between disruption and dismantlement.  Investigative entities are tasked, and are naturally inclined due to the nature of their work, to lean towards caution when considering disruption activities.  They generally prefer to delay disruption in order to gain greater knowledge of an entire network, and thereafter achieve complete dismantlement.  On the other hand, other law enforcement entities are tasked with disruption of criminal activities and are quick to move against threat network activities in order to disrupt imminent threats.  Therefore, “judicial end state” implies a wide range of law enforcement and judicial/prosecutorial activities that achieve the desired end state and reinforce the rule of law within ODTAAC environments.

If we accept that the judicial end state is preferred in an ODTAAC environment, then we must be concerned about how to design an operation to achieve it.  Operational design is “the conception and construction of the framework that underpins a campaign or major operation plan and its subsequent execution.”[21]  It results in the operational approach, “which broadly describes the actions the joint force needs to take to reach the desired state.”[22]  Some of the components of an operational approach (particularly specific contributing factors or intermediate military objectives) cannot, and should not, be determined until faced with an actual problem and development of a proper understanding of the environment, the precise threat networks and their capabilities, and friendly network. 

Notwithstanding this, the lines of effort for CTN within an ODTAAC environment should be relatively stable and applicable regardless of the specific environment or threat network. 

Threat networks are formed at the confluence of a catalyst, a receptive audience, and an accommodating environment. The removal of any or all of these is necessary to eliminate the threat that any network poses, and achieve an acceptable end state.  Therefore any articulation of an end state should at a minimum reflect a satisfactory achievement of effects against these three conditions (See Figure 1):[23]

  • End state #1 – No Catalyst.  The catalyst for establishment of the threat network is eliminated or sufficiently addressed to reduce the perceived need to assemble or take action.
  • End state #2 – No Receptive Audience.  Potential threat network audiences have more to gain by not participating, are not motivated to participate, or do not have the means to conduct actions that address the catalyst.
  • End state #3 – Unaccommodating Environment.  The environment is inhospitable to the organization and activities of the threat network. (In an ODTAAC environment, law enforcement activities are critical to achieve this.)

The accomplishment of these three end states constitutes success vis-à-vis countering a threat network.  A joint force commander may add to these to meet a peculiar additional environmental condition which they have been tasked to resolve, but cannot take away if they want to address the threat network completely.

In order to reach the end state, certain operational conditions must be achieved.  In the case of countering threat networks, it is possible to backwards plan conditions that support the end states listed previously, and that are applicable to any kind of threat network.  The following conditions must be met; each is listed with the end state(s) that it will support (see Figure 2).

  • Friendly network narrative or option seen as more legitimate and less risky than threat network practices or ideologies (End states 1,2,3).
    • In order to achieve this condition, the risks associated with the threat network outweigh the benefit or profit; threat ideologies are seen as bankrupt; a narrative alternate to the threat network is developed and accepted; and the threat network, its objectives, and its actions are seen as illegitimate. These may constitute intermediate factors (potentially along with others) that fall along lines of effort to achieve this condition.
  • Effective governance presents a safer environment and greater economic opportunities than a threat network. (2, 3)
    • In order to achieve this condition, a comprehensive approach will assist host nation development of available economic opportunities; promote effective and equitable governance including the rule of law; and establish a safe and secure environment through successful detention and prosecution of threat network members.
  • Threat network operations, intelligence, and sustainment degraded. (3)
    • In order to achieve this condition, joint forces should consider degradation of threat network freedom of movement; disruption of their ability to gather intelligence or resources; and disruption of threat network operations, actions, and activities (OAAs).

The emphasis on the rule of law, the establishment of a safe and secure environment, successful prosecution, and disruption of threat activities all are areas where law enforcement and judicial processes will contribute heavily.  The likely “judicial end state” desired given current policy and common practice, as well as compelling reasons given an ODTAAC environment, is reflected in a number of these conditions. 

The precise actions that will fall along these lines of effort are too specific to be considered in this paper, and instead must be developed and refined once confronted by a specific threat network scenario.  These can subsequently be tailored and scaled based on analysis of the peculiarities of a specific environment and threat network.

The key question that remains is how a joint force commander should select lines of effort that will support achievement of a judicial end state, articulate an appropriate DOD role in a whole-of-government solution, and apply an ideal application of instruments of national power to counter threat networks.  The following description of models and analysis intend to provide a broad answer for future application.


This paper considers three potential LOE models –the DIMEFIL, PMESII, and Threat Network Function models.

Before examining these models there are a few notes on considerations that should be common to any LOE model adopted by the joint force commander.  Any solution will have to take into consideration conflicting priorities and determine a method for resolving such conflicts.  The Unity of Effort Framework Solution Guide provides a useful tool to guide operational-level planning and development of conflict resolution procedures between departments/agencies.[24]

One area in particular that will have to be taken into account during planning is the tension and balance required between the desire (and sometimes requirement) to disrupt imminent threats versus the desire, particularly amongst investigative and intelligence entities, to leave certain threats in place in order to facilitate a longer-term dismantlement of a network.  Clear triggers and acceptable levels of risk must be identified to guide this decision making.[25]

All three pillars of “network engagement” must be considered when developing specific actions along whatever LOE construct is adopted.  That is, while countering the threat network, the whole-of-government must also partner with the friendly network and engage with the neutral network.[26]

Finally, a comprehensive approach should always be pursued and incorporated.  Other military partners, the Interagency, partner nations, intergovernmental and nongovernmental partners, and the capabilities they all bring to bear should be incorporated when and where they are willing and able in order to achieve a comprehensive approach.

The first Line of Effort model considered is Friendly Network oriented; the DIMEFIL construct (see Figure 3).  DIMEFIL consists of Diplomatic, Information, Military, Economic, Financial, Intelligence, and Law Enforcement instruments of friendly national power. DIME is well established, but as discussed previously in the Background, the additional FIL instruments are appropriate given the nature of the threat, the ODTAAC environment considered, and the desire for a law enforcement oriented approach.  In this model, lines of effort are aligned directly with (and are named for) each of the seven DIMEFIL instruments of power.  DoD has its own Military LOE, and can support each of the other LOEs to varying degrees. 

The second LOE model considered, a Threat Network oriented model, was PMESII (political, military, economic, social, information, and infrastructure).  This is a systems-based model intended to define the structures of an adversary through examination of the PMESII characteristics of the state. [27]  This can be applied towards threat networks in that can exhibit these characteristics, and instruments of friendly power can be applied against each of the threat PMESII systems.  As with the DIMEFIL example, lines of effort are aligned with and named for each of the six systems. (See Figure 4.)

The final LOE model has a mixed Threat Network and Friendly Network orientation.  In this model, three Threat Network Functions (Information, Operations, and Sustainment/Logistics) are supplemented with the addition of a Host Nation (HN) Development LOE.  The Threat Network Functions are derived from various functions identified in JP 3-25, and generalized to fit any type of threat network.  The Information LOE can include actions against threat intelligence, propaganda, and strategic communications (either to build their legitimacy or tear down that of the friendly network).  The Operations LOE includes actions against training, drug manufacturing, operational elements, weapons manufacturing, C2/leadership, and clandestine network components.  The Sustainment/Logistics LOE includes potential actions against threat finance; recruiting; transport of drugs, weapons, people, etc; and other logistical capabilities.  The addition of the Host Nation Development LOE provides sufficient attention on the Friendly Network for a comprehensive approach toward development tasks which support conditions that can meet the desired end states. (See Figure 5.)

Analysis and Discussion

In developing criteria to evaluate the proposed LOE models, we considered first the thesis and what criteria would lead us to an optimal model for CTN in an ODTAAC environment.  Based on this analysis, we selected the following criteria: 1) The maximization of whole-of-government coordination and a comprehensive approach, 2) Applicability to the ODTAAC environment and a desired “judicial end state”, and 3) Alignment with end state conditions.

First Criterion. Our previous discussion of threat networks showed that CTN naturally requires a whole-of-government solution due to the complexities and multifaceted underlying problems that give rise to threat networks.  Therefore, the first criterion is: Maximization of whole-of-government coordination (all instruments of national power) and a comprehensive approach.

At first glance it would appear the DIMEFIL model is preferred because it captures in dedicated lines of effort a broad range of instruments of national power.  In reality, this is counterproductive because in building lines of effort along narrow roles, agencies may become myopic in focusing only upon “their” line of effort, and tend to ignore how they might contribute to the other lines of effort.  This can lead to stove piping of thought and action, and the comprehensive approach will suffer as a result.[28]  This is considered in Joint Publication 5-0, which even goes so far as to recommend against this approach.[29]

PMESII is threat- and result-oriented, which should drive greater collaboration amongst instruments of power to arrive at better coordinated activities along the LOEs.  However, it doesn’t completely eliminate the potential organizational “lane” problem, in that the Military LOE remains, and may drive military contributions unnecessarily along a sole line of effort.

The Threat Network Function model doesn’t establish these organizational lanes, and instead encourages cross-cutting application of the instruments of national power across all the lines of effort (See Figure 5).  A potential disadvantage of this model is that this requires a significant effort to coordinate in order to integrate, deconflict, and synchronize interagency contributions.  But on balance, this process will result in more deeply analyzed and coordinated results.  For this reason, the Threat Network Functions model is preferable under this criterion. 

Second Criterion.  Considering the ODTAAC environment and the desire to reinforce the rule of law, we determined that an operational approach and associated lines of effort should lead a joint force commander toward a framework which supports successful prosecution and other law enforcement activities.  Therefore, our next criterion is: Applicability to the ODTAAC environment and a desired “judicial end state”.

PMESII provided no apparent advantage in the ODTAAC / judicial end state environment.  DIMEFIL dedicates an entire LOE to law enforcement activities, which have a clear tie to the judicial end state.  The Financial LOE in DIMEFIL includes Counter Threat Finance activities, which would also support law enforcement and prosecution.  Threat Network Functions avoids a specific LOE for law enforcement, instead intending that each instrument should integrate activities within each LOE.  This is slightly more difficult in that it requires a concerted effort to coordinate, much as with the first criterion.

Third Criterion.  Any line of effort model should naturally align with end state conditions, not crosscut across most or all of them.  In this way, there should be an alignment between cause and effect.  Therefore the final criterion is: Alignment with end state conditions.

DIMEFIL fares the worst against this criterion, precisely because DIMEFIL are the “means” for carrying out lines of effort, and LOEs are the “ways”.  As such, the DIMEFIL instruments should be applied across all lines of effort.  As a result, DIMEFIL is not a good model for demonstrating a flow from lines of effort, to conditions, to end state.  While the DIMEFIL elements will certainly support achievement of conditions and end states, they do not align or “flow” towards the end states.  This became painfully obvious when creating a diagram of operational approaches, creating a spider web of contributions from every LOE to each operational condition (see Figure 3). 

PMESII aligns somewhat better with the conditions in that there’s an exact alignment between the Social LOE and the Legitimacy condition, and the Infrastructure LOE and the Good governance/economic opportunities condition. (See Figure 4.)  Two LOEs (Political and Economic) support two conditions.  Only two LOEs contribute to all three conditions – the Military and Information LOEs.  (There is some overlap in these two LOEs, as potential military information support operations exhibit characteristics of both.)

The Threat Network Functions model also aligns with the identified conditions and end states.  The Operations and Sustainment/Logistics LOEs align well with the Threat Network condition; the Information LOE aligns with the Legitimacy and Threat Ops/Intel/Sustainment conditions, and the Host Nation Development and Information LOEs align with the Good governance/economic opportunities condition.  This is overall a much cleaner, straightforward alignment than the other two LOE models offer.

After considering these criteria, the Threat Network Functions model is the best model identified for lines of effort that lead to end state achievement.  The other two models simply had deeper flaws when compared against the evaluation criteria.  The problem with the PMESII model is that it’s based on a tool designed to analyze an adversary and its “system of systems” in order to identify critical capabilities, requirements, and vulnerabilities for center of gravity analysis – not to themselves become lines of effort. 

DIMEFIL is usually considered the “means” of achieving operational and strategic objectives, and making them lines of effort (i.e., the “ways”) is potentially problematic and should be carefully considered during planning.  DIMEFIL should cut across all LOEs, not define LOEs.  Its potential for stove piping along organizational/authority lines makes this model less than ideal. 

While DIMEFIL arguably dedicates an entire LOE to a core interest – that of the primacy of law enforcement and rule of law – the Threat Network Functions model better aligns with conditions and end states, and if properly implemented will foster better whole-of-government solutions including support to achieving a judicial end state.


In an ODTAAC environment, a whole of government solution leading to a judicial end state is best achieved through adopting lines of effort aligned with Threat Network Functions of Intelligence, Operations, and Sustainment/Logistics, together with Host Nation Development.  Our analysis shows that when confronted by a threat network, adopting lines of effort that conform with Threat Network Functions is advantageous as a standardized template for developing operational design. (See Figure 6.)

There will always be local conditions and factors that cause planners to reevaluate their understanding of the environment, assessment and definition of the problem, what conditions constitute acceptable end state(s), and how to achieve them.  Likewise, a joint force commander may face a scenario in which countering a threat network is not the only challenge.  This is very likely in the real world.  Besides the threat network, there will likely be other environmental conditions that force a hybrid approach to developing end states, conditions, and lines of effort.  In that case, the recommendation we make in this paper will serve as a base from which to develop a more complex, tailored operational approach to address other challenges within the OE.

But based on current policy and practice, as well as conformance with the various criteria identified in this document, organizing elements of national power along the Threat Network Function lines of effort will best serve a joint force commander searching for an effective approach to counter threat networks. 

End Notes

[1].  Chairman, U.S. Joint Chiefs of Staff, Joint Publication 3-25, Countering Threat Networks (Washington DC: Government Printing Office, 2016), B1.

[2]. ODTAAC does not appear in any official establishing doctrine or policy documents. However, it is in wide use as a term of art to refer to any region or area outside of “hot” conflict zones.  These regions generally are marked by the predominance of the Department of State, little kinetic activity, and cooperation with sovereign partners.

[3].  Chairman, U.S. Joint Chiefs of Staff, Joint Publication 3-0, Joint Operations (Washington DC: Government Printing Office, 2017), IV3.

4.  Chairman, U.S. Joint Chiefs of Staff, National Military Strategic Plan for the War on Terrorism (Washington DC: Government Printing Office, 2006), 6.

[5].  U.S. Joint Chiefs of Staff, Joint Publication 3-25, IV3.

[6].  Ibid., I1.

[7].  Ibid., III8.

[8].  Ibid., B3-B6.

[9].  Ibid., B6.

[10].  Ibid., I3.

[11].  Chairman, U.S. Joint Chiefs of Staff, Joint Publication 3-05, Special Operations (Washington DC: Government Printing Office, 2014), III-22-III-23.  USSOCOM’s Interagency Partnership Program and Special Operations Support Teams are specific examples of increased cooperation between DoD and interagency partners since 9/11.

[12].  Anthony J. Fontanella, “Bringing Out the Small Guns: Title 50 Covert Operations As A Response to Unconventional Threats in the Modern Era,” Connecticut Journal of International Law 31, no. 115 (2015): 115.

[13].  U.S. Joint Chiefs of Staff, Joint Publication 3-25, V19.

[14].  Ibid., I5.

[15].  U.S. Joint Chiefs of Staff, National Military Strategic Plan for the War on Terrorism, 6.

[16].  Robert M. Chesney, “Beyond the Battlefield, Beyond Al Qaeda: The Destabilizing Legal Architecture of Counterterrorism,” Michigan Law Review 112, no. 163 (2013): 205-211.

[17].  Jennifer C. Daskal, “The Geography of the Battlefield: A Framework for Detention and Targeting Outside the ‘Hot’ Conflict Zone,” University of Pennsylvania Law Review 151, no. 5 (2013): 1166.

[18].  Charles P. Trumbull IV, “Re-Thinking the Principle of Proportionality Outside of Hot Battlefields,” Virginia Journal of International Law 55, no. 3 (2015): 525.  

[19].  Ibid., 526.

[20].  Robert M. Chesney, “Beyond the Battlefield, Beyond Al Qaeda: The Destabilizing Legal Architecture of Counterterrorism,” Michigan Law Review 112, no. 163 (2013): 213-219.

[21].  Chairman, U.S. Joint Chiefs of Staff, Joint Publication 5-0, Joint Operational Planning (Washington DC: Government Printing Office, 2011), GL13.

[22].  Joint Forces Staff College, Joint Forces Staff College, Student Text 1, 6th Edition, The Joint Staff Officer’s Guide (Norfolk: NDU Press, 2017): 3-33.

[23].  U.S. Joint Chiefs of Staff, Joint Publication 3-25, II2.

[24].  U.S. Joint Chiefs of Staff, J-7 Future Joint Force Development, Unity of Effort Framework Solution Guide [Washington DC: Government Printing Office, 2013], 6.

[25].  Ibid., 11.

[26].  U.S. Joint Chiefs of Staff, Joint Publication 3-25, I2.

[27].  U.S. Joint Chiefs of Staff, Joint Publication 3-0, IV3.

[28].  U.S. Joint Chiefs of Staff, Joint Publication 5-0, III28.

[29].  Ibid.


About the Author(s)

Colonel Martin Wetterauer III, USMC, was commissioned in 1992 after graduating from Louisiana State University. Col Wetterauer just recently gave up Command of 8th Marine Regiment, 2d MARDIV. That tour included a deployment as the Commander of the SPMAGTF-CR-AF. Col Wetterauer is headed to Bahrain to serve as the Deputy Commander of 5th MEB.

Lieutenant Colonel Tim Payment, USA, is currently serving as the Secretary of the General Staff in United States Army Europe.  He earned his undergraduate degree from Kentucky Wesleyan College in 1997 and Masters from Webster in 2008.  Prior to his current assignment, LTC Payment commanded an Infantry Squadron in 2D Cavalry Regiment in Europe.

Colonel Brian Greata, USA, is currently serving as an operations officer in Special Operations Command South.  He was commissioned through the United States Military Academy (USMA) in 1994.  COL Greata earned a Bachelor of Science in Regional Geography from USMA in 1994 and a MBA with a concentration in International Business from the University of Colorado, Colorado Springs in 2012. Prior to his current assignment, COL Greata served as the Garrison Commander of U.S. Army Garrison Natick.

Colonel Christopher Goodyear, USAF, is currently serving as a United States Special Operations Command liaison to the Drug Enforcement Administration’s Special Operations Division.  He was commissioned through ROTC at The Citadel in 1995.  Col Goodyear earned a BA in English Literature from The Citadel in 1995 and an MA in Education from Touro University in 2007.  Prior to his current assignment, Col Goodyear has served for 19 years in various special operations aviation assignments.


(Modified slightly from my initial offering:)

In order to better understand "threat networks" -- in the "expansionist" mode that the U.S./the West seems to find itself in today -- might we benefit from considering how "threat networks" might have been perceived of by the similarly "expansionist" Soviets/communists during the Old Cold War?

To wit: as:

a. Any connection (important: real or potential)

b. Between any states and/or non-state actor entities

c. Which deliberately/intentionally -- or -- unintentionally/unwittingly --

d. Tends to/might tend to -- in any way, shape or form --

e. Prevent, delay, marginalize, thwart, stimi or otherwise get in the way of

f. The transformation of the outlying states and societies of the world more along the "expansionist" entity's -- often unusual and unique -- political, economic, social and value lines.

(Thus, along Soviet/communist lines in the Old Cold War -- and along modern western lines today. In this latter regard, for example, to see and understand the "Whole of Society Foreign Policy" suggestions being made by Morgan Keay here:….)


If we were to adopt this exact such understanding of "threat networks" for ourselves today (see my "a" - "f" above)

And apply same to the U.S./the West's similar "expansionist" goals now (in our case, of course, the transforming of the outlying states and societies of the world more along modern western political, economic, social and value lines),

Then might this help us to better understand, in the common "expansionist" context offered here,

a. What our enemy "threat networks" already are -- and, in the future, might be?

b. How these such "threat networks," accordingly, should actually be perceived? And, thus, help us to better understand

c. What we might actually need to do to "counter" same?

This, if the U.S./the West is to:

a. Achieve its goal of transforming the outlying states and societies of the world more along modern western political, economic, social and value lines. This, in the face of:

b. The "threat networks" that I have attempted to better describe, define and outline above?

(Threatened with the transformation of their states and societies more along alien, profane and/or otherwise unfavorable political, economic, social and value lines -- by the Soviets/the communists back-in-the-day and/or by the U.S./the West today -- one can easily see how, as I note in my comment below, innumerable and various state and non-state actor "enemies" might choose -- or indeed might be forced to -- "network" and fight; this, rather than remain separate and lose power, influence, control, safety, security, opportunity, freedom of action and/or even cease to exist. This, I suggest, is the, real now -- and potentially more later -- "network(s)" that we [like the similarly "expansionist" Soviets/the communists before us?] will need to keep our eye on, will need to understand and will need to develop strategies and related means, methods, etc., to effectively "counter.")

Bottom Line Question:

Should we say that the "Standard Lines of Effort Model" -- proposed by our authors here -- (a) understands "threat networks" in the manner that I have described them above and, thus, (b) meets the "countering" requirements associated with same?


Fri, 06/09/2017 - 8:37am


I was pleased to see this topic on SWJ. The development of Network Engagement (NE) and Countering Threat Networks (CTN) doctrine has taken time and diligent effort. "Network Engagement" is draft Army doctrine and includes CTN as a principle activity as mentioned in the "Description" section. Overall NE involves identifying, defining, and effectively interacting with friendly and neutral networks, while simultaneously engaging threat networks.

Another viable reference for these activities is JP 3-26 Counterterrorism (2014). It includes a Counterterrorism Operational Approach example with LOEs, defeat mechanisms, supported objectives and desired conditions. The publication also includes COG analysis and nine network critical factors for forensic vulnerability analysis and engagement.

LOOS and LOEs discussion from JP 3-26:

A LOE links multiple tasks and missions using the logic of purpose— cause and effect—to focus efforts toward establishing operational and strategic conditions. LOEs are used when COGs and decisive points do not involve friendly force orientation toward an enemy force as seen in LOOs.

CT planning uses LOEs to link tasks, effects, and decisive points to objectives to achieve the desired conditions and attain the end state, and are particularly useful when CT force orientation at the operational and strategic levels has little relevance.

CT force orientation at the tactical level may involve LOOs, or a combination of LOOs and LOEs. Furthermore, the JFC planning CT operations may combine CT LOEs with those of corresponding DOS, FBI, and other interagency CT partners, which brings to bear capabilities, expertise, and authorities of multiple elements of the USG and facilitates unity of effort when addressing complex CT problems.

Analysis and Discussion section:

1)The maximization of whole-of-government coordination and a comprehensive approach. This is doctrinally sound and briefs very well. A recently published article here employs the term "whole of society".…

I don't want to become solely CT focused in these comments, but it does include the range of military operations and involves host nation judicial endstates.

Next, I realize this article addresses an Outside Declared Theater of Active Armed Conflict (ODTAAC) environment, but target centric warfare as war control or what the Chinese call "zhanzheng kongzhi" has limited efficacy. Achieving operational objectives as quickly as possible, sabotaging links and nodes, and paralyzing the enemy’s entire command system also briefs well.…

What if the threat system is so resilient engaging their functions has no effect on enabling sustainable host nation development? What if their entire system is the primary COG preventing all of your "counters" and end states?

This is the case for the Taliban who exhibit a variety of complex evolving system characteristics (including memory). "Threat networks function LOEs" are the catalyst, so they contradict the end state. Same for receptive audience and accommodating environment. The same can be said for Mali, where additional multinational forces and Malian government referendums will not necessarily counter threat networks in the region.

Lastly, I also understand the broadness of the conditions, and emphasis on friendly and neutral networks setting them. In some cases the "threat" system is capable if incentivized and more likely to affect desired end states. I may have missed the influencing threat networks aspect. Coopting threat networks with subsets of dislocating and deterring irreconcilables are also COAs oriented towards the same objectives. The ceasefire between the Columbian government and FARC came after four years of peace talks in Cuba ending a 52-year old war.

The new AtN/NE and CTN doctrine is modern, well written and took a lot of collective and diligent effort to draft. I'm glad to the discussion on-line.

Generally speaking, the U.S./the West perceives the problems of the world today as stemming from outlying states and societies who are either:

a. Not sufficiently organized, ordered and oriented more along modern western political, economic, social and value lines. Or who are, in fact,

b. Organized, ordered and oriented along political, economic, social and value lines that are completely different from/diametrically opposed to our own.

This being the case, then one can easily see why, with such understanding of the world's problems as this, a (U.S./Western) "whole-of-government" solution is almost always proposed to address these such world problems. And, this, whether one is talking about:

a. Problems emanating from outlying states and societies within our "hot" conflict zones or (critical to our discussion here)

b. Problems emanating from outlying states and societies in the so-called "Outside Declared Theater of Active Armed Conflict" (ODTAAC) zones also.

With this basic understanding before us (the U.S./the West perceives the world's problems as outlying states and societies not being sufficiently "westernized." The across-the-board solution, therefore, is to -- via a U.S./Western WOG approach -- sufficiently "westernize" these such outlying states and societies) we can now see why our opponents throughout the world today (both state and non-state actors; in this latter category, to include the "criminal" elements) might wish or need to:

a. "Network." This, so that they might, together if not separately,

b. Prevent the states and societies -- wherein they exist, rule and/or operate -- from being "transformed" more along modern western political, economic, social and value lines.

(If such a "transformation" were to occur, then those that profit most from a less-western/non-western orientation of their states and societies [think, for example, authoritarian and/or religious leaders, criminals, insurgents, terrorists, etc.]; these such folks would -- via "westernization" -- not only most likely to be out of a job/a livelihood/a cause but, in fact, would most likely be in jail or, more likely, be dead/executed?)

Thus with:

a. This such U.S./Western understanding of the world's problems today and, accordingly,

b. The suggested understanding of our "networked" enemy, thus,

c. To better understand the perceived need for "countering threat networks" approaches -- such as that offered by our author here?

(Approaches which consistently suggest the U.S./Western WOG method; this, whether we are talking about our "hot" and/or our "ODAATC" conflict zones -- which, as we can see from the above discussion, are now considered to be -- not separate and distinct -- but, indeed, one-and-the-same?)