Skip to content
Search

Latest Stories

Save Your Seat
cipherbrief

Welcome! Log in to stay connected and make the most of your experience.

Input clean

NATO's Advancement in Cyber

The 2018 NATO summit and the months leading up to it were a spectacle of diplomacy at its finest and at its worse. The media drama surrounding the summit overshadowed the big strides the Alliance has made in its cyber defense mandate.

With the announcement that Allies agreed on how to integrate sovereign cyber effects into Alliance operations and missions, NATO and its member states managed to articulate (at least internally) how to reconcile NATO’s defensive posture in the face of Allies having adopted offensive cyber capabilities.


This is a considerable success on an issue which has arguably been a conundrum for the Alliance at least since 2013, when the UK announced that the country is developing a full spectrum military cyber capability, including a strike capability. Over the years, NATO member states have used cyber as a standalone capability or in support of their operations individually, and it was only a matter of time that their use be warranted in NATO operations.

NATO’s defensive mandate in cyber has evolved over time – from protecting its networks to protecting its ability to conduct missions in contested environments- but the organization struggled to respond to calls to be more proactive. The announcement that the Alliance will coordinate sovereign cyber effects for its operations, struck many as an aggressive move.

While getting to this decision undoubtedly required a fair amount of diplomatic maneuvering and work with technical and legal experts, the fact that NATO will coordinate sovereign cyber effects for its missions and operations doesn’t change the defensive mandate of the organization- the operators supporting NATO missions need tools to proactively defend themselves before the execution of a mission is jeopardized.  They may need to go outside their networks to disrupt attacks, identify attackers or retrieve stolen data or degrade the adversary capability to continue activities harming NATO’s ability to operate.

I also don’t believe it signifies a more aggressive stance of the organization. As evidenced by the debate around the use of cyber capabilities in the United States- one of the NATO members with the most developed doctrines and policies around their use, the technical and coordination requirements of achieving desired effects with cyber tools- that have to specifically tailored to the system’s architecture or software- to have those effects - renders this option a fairly unattractive one compared to traditional kinetic capabilities.

In fact, coordination, integration, and possible de-confliction that would have to happen before the use of such effects generated by national capabilities can contribute to greater stability and collaboration between European NATO member states and the United States.

Indeed, what can, at the outset, appear aggressive and escalatory can be the biggest contribution to NATO’s collective security mandate in cyber so far. The political oversight and the consensus based decision process in NATO means, that any effects that NATO will want to integrate will be debated among the 29 member states. And while the discussion will likely revolve around “what to achieve” versus “how” it is hard to imagine that the conversation will not include some amount of detail about different vulnerabilities in the information systems and technologies of the adversary that the operation desires to exploit.

This “side effect” can lead to unexpected information sharing between Allies for the greater good. Allies may become more aware of their own national vulnerabilities, but maybe more importantly, disclose these to vendors in their vulnerabilities equities process (VEP) rather than stockpile them for future use. These conversations may also inspire them to establish their own VEP and discuss the tradeoffs associated with the desire to conduct offensive cyber operations at the national level in an interconnected and interdependent world where the tools they launch to achieve certain effects can be reverse engineered and used against them and their own vulnerabilities.

These will be difficult trade-offs for NATO and its member states to manage in a world where they will have to ensure that their military mission can continue in contested cyberspace. But these conversations have the potential to positively shape responsible behavior in cyberspace, especially for those NATO member states that are at the early stages of shaping their thinking, doctrines, and law with respect to offensive cyber operations.

Only time, and more clarity on what NATO’s decision on how to integrate sovereign effects will tell what the decision means for international security. But the decision has the potential to be NATO’s biggest possible contribution to cooperative security and crisis prevention in cyber.

Apply Now to the 2025 Threat Conference

Related Articles

Ex-Spy Warns of Case Officer Tactics in Trump-Putin Dynamic

EXPERT Q&A – After Friday’s meeting in Alaska between U.S. President Donald Trump and Russian President Vladimir Putin, former CIA senior officer and [...] More

​The Weekend Interview: Former CIA Station Chief on Strategic Global Hotspots

​The Weekend Interview: Former CIA Station Chief on Strategic Global Hotspots

WEEKEND INTERVIEW: The signing of a peace framework between the President of Armenia and the Prime Minister of Azerbaijan on Friday at the White [...] More

Sabotage Without Warning: ​Why the Gray Zone Could Be America’s Biggest Blind Spot

Sabotage Without Warning: ​Why the Gray Zone Could Be America’s Biggest Blind Spot

EXPERT BRIEFING — Polish Prime Minister Donald Tusk announced this week that 32 people have been detained since the start of Moscow’s war with [...] More

Two Existential Threats: CIA’s Reputation vs. Democracy’s Survival

OPINION -- In his recent Cipher Brief essay, CIA's Latest Existential Challenge, former CIA senior officer Mark Kelton argues that the Central [...] More

Can the U.S. Fix a Broken System of Acquiring Weapons?

Can the U.S. Fix a Broken System of Acquiring Weapons?

DEEP DIVE – It’s a rare area of bipartisan agreement in Washington: a belief that the U.S. must reform the way it develops and obtains its weapons. [...] More

Experts Warn of Insurgents' Paradise in West Africa

Experts Warn of Insurgents' Paradise in West Africa

CIPHER BRIEF REPORTING– A terrorist group with links to Al Qaeda now controls a swath of territory five times the size of Texas, threatens the [...] More