Cyber threats to NATO’s security are becoming more frequent, complex, destructive, and coercive. The Allies have taken important steps in cyber defence over the past decade. Most recently, in 2018, they agreed how to integrate sovereign cyber effects, provided voluntarily by Allies, into Alliance operations and missions, as well as devised the ‘contours’ of the Cyberspace Operations Centre (CyOC). But is the Alliance doing enough to address the complex and evolving challenges of cyberspace?
The need to strengthen capabilities to defend the NATO member states against cyber attacks was first acknowledged by Allied leaders at their 2002 summit meeting in Prague. Since then, cyber security has become an increasingly important focus of NATO’s summit agendas. In 2008, the first NATO cyber defence policy was adopted and in 2014, Allies made cyber defence a core part of collective defence and further pledged to enhance the cyber defences of their national networks and infrastructure.
Since the Allies recognised cyberspace as a domain of operations in 2016, NATO has achieved several important milestones. Perhaps most notably, in October 2018, NATO announced the initial stand up of the Cyberspace Operations Centre in its trial structure. The CyOC serves as NATO’s theatre component for cyberspace and is responsible for providing cyberspace situational awareness, centralised planning for the cyberspace aspects of Alliance operations and missions, and coordination for cyberspace operational concerns.
Allies are also taking steps to consider how to more systematically respond to malicious cyber activity that falls below the threshold of armed conflict. At the Brussels Summit, Allies expressed their determination “to employ the full range of capabilities, including cyber, to deter, defend against, and to counter the full spectrum of cyber threats, including those conducted as part of a hybrid campaign.” Furthermore, they resolved “to continue to work together to develop measures which would enable us to impose costs on those who harm us.”
This full spectrum of response, always exercised in accordance with international law and following the principles of restraint and proportionality, is critical to effectively address the prevalence of problematic cyber activity below the threshold of armed conflict. NATO is also deepening its ties to industry through the NATO Industry Cyber Partnership. This overarching programme provides numerous platforms for the exchange of information, threat trends, and best practices. These interactions help NATO build trusted relationships with industry while facilitating all parties to be better prepared to prevent and respond to cyber attacks. Given the centrality of cyberspace to the modern way of warfare, it is imperative that the Alliance be equally capable in this domain as the others.
The approach of the Alliance is sensible: it seeks to address the most significant challenges associated with operating in cyberspace. Ultimately, though, the Alliance must continue to consider how it can do more, since cyber threats are trending only towards more serious impact. Finally, when seeking to keep pace with change in this domain, NATO might see benefit in continuing to evaluate how collaboration with industry might evolve. The Alliance, in short, should continue on its current path, ensuring that through continued attention and resources, cyberspace can become an ordinary part of business.
‘NATO’s Role in Cyberspace’ – Analysis by Laura Brent – NATO Review.