On 29th January 2024, we hosted our fourth online event within the Public-Private Sector Dialogue series organized in partnership with Globsec. What was the focus this time?

For NATO, a robust cyber resilience framework is critical. Thwarting sophisticated cyber-attacks that pose significant risks to military operations, critical infrastructure, and sensitive information has become an indispensable part of NATO’s broader security goals. The reliance on digital infrastructure has amplified vulnerabilities, making NATO’s networks prime targets for malicious cyber actors. Furthermore, the increasingly contentious geopolitical context has exacerbated cybersecurity challenges of NATO Member States. 

Cyber conflict is also becoming a prominent component of modern warfare and geopolitical strategy — increasing the risk of spill-off attacks on networks of NATO Member States. In this context, NATO’s cyber resilience is instrumental in protecting critical infrastructure, reinforcing collective defence capabilities among member nations, fortifying trust, and cooperation among allies, and serving as a deterrent against adversarial cyber activities. 

Collaboration between the European Union and NATO to counter cyber adversaries is increasingly paramount — progress has been made on information-sharing and through joint cybersecurity exercises, there is also coordination on improving readiness and response capabilities, among other efforts. Furthering coordination between the NATO and EU is critical due to the interconnected nature of cybersecurity challenges while, importantly, avoiding redundancy and duplication in efforts.

NATO has several initiatives developed to bolster the protection of its digital assets — for example, the Alliance’s ‘Centralized Protection” across more than 100 networks in over 20 global locations, with the core hub situated at the NATO Computer Incident Response Centre (NCIRC) in Mons, Belgium, offers multi-layered, real-time monitoring, and defence capabilities. Additionally, the development of Rapid Reaction Teams (RRTs) comprising highly skilled cyber specialists, equipped with mobile Cyber Defence Kits, reinforces local expertise, and swiftly responds to network attacks. These operational tools, alongside the Cyber Threat Assessment Cell (CTAC), play vital roles in post-event analysis, strategic threat evaluation, and intelligence integration within NATO’s structure, facilitating reliable attribution of cyber-attacks. Further, the Malware Information Sharing Platform (MISP) enables cyber specialists from NATO entities and member states to share critical insights on diverse cyber-attacks.

The objective of the discussion was to analyse how NATO can better protect its digital assets and enhance cyber resilience through examining the existing cyber threat landscape, gauging the effectiveness of collaboration between NATO and industry partners in this regard, and ways to strengthen these partnerships.

Key takeaways:

Evolving Threat Environment and high Disruptions due to Geopolitical Changes:

  • Ongoing disruptions due to geopolitical changes contributing to a volatile cyber environment. Adding to this, Russian cyber activities in Ukraine and the rest of Europe contribute to this instability and present a more challenging environment than any time in the past

Global Cooperation and Technology Ecosystem

  • Market industry prioritised in the technology ecosystem while AI is revolutionising the economy, security, and enhancing capabilities for adversaries
  • It is necessary to highlight the issue of responsibility with a strong emphasis on the requirement for global cooperation to develop a more secure cyber ecosystem

Update of Cyber Defence Requirements

  • Focus on enhancing cyber resilience to better withstand and recover from cyber threats and build this resilience withing the private sector.
  • Nurturing private-public partnerships for effective cybersecurity measures
  • Advocating for the exchange of threat intelligence and best practices through early warning systems

Group 1: How has the cyber threat landscape evolved in the past decade and what are the immediate vulnerabilities that NATO faces in this regard?

Develop Comprehensive Cybersecurity Regulations

  • Nations should establish robust regulatory frameworks focusing on resilience and interdependencies across both public and private sectors. 
  • These regulations should extend beyond government directives to include self-regulation, guided by a unified goal of achieving common security.

Invest in Technological Modernisation

  • Modernise military and defence technologies to ensure that new capabilities are supported by advanced IT, network, and software security. 
  • This step is critical to protect against the increasing sophistication of cyber threats.

Enhance Military Education and Training

  • Implement comprehensive training programs for military leaders and personnel to understand and effectively utilise cyber capabilities.
  • Education should focus on the operational and legal aspects of cyber warfare.

Maintain Strategic Ambiguity in Deterrence

  • Adopt a policy of strategic ambiguity regarding the thresholds for retaliation in cyber warfare. This approach will deter adversaries by keeping them uncertain about the consequences of their actions.

Prioritise Protection of Communication and Early Warning Systems

  • Ensure the security of critical systems such as communication networks, early warning systems, and logistics infrastructure against potential cyber-attacks.

Foster Public-Private Collaboration

  • Strengthen collaboration between the public and private sectors in cybersecurity initiatives. This collaboration should focus on intelligence sharing, joint defence mechanisms, and coordinated responses to cyber threats.

Adapt to the Permanence of Cyber Threats

  • Acknowledge and prepare for the ongoing nature of cyber threats, recognising that the cyber domain is a constant battleground rather than a peacetime environment.

Establish Clear International Norms for Cyber Warfare

  • Work towards defining international norms and legal frameworks that clearly state what a cyber-attack and a breach of sovereignty means. This clarity is essential for global consensus on the rules of engagement in the cyber domain.

Group 2: What are the key factors or challenges that influence effective collaboration between NATO, the EU and private sector entities in countering cyber threats and how can these partnerships be strengthened? 

Commercialisation of Private/Public Exchange

  • Promote commercialisation of private-public collaboration through a format akin to a NATO center for exchanging civil-military information on threat intelligence.
  • Emphasise the need to sell services on a commercial basis, taking into account concerns about reputation and dependency on external companies.

Diverse Approaches to Information Sharing

  • Acknowledge that information sharing can be intimidating and recognise the absence of a one-size-fits-all approach.
  • Stress the importance of trust and the necessity for broader cooperation in the public-private alliance.

Establishing a NATO Platform for Private Sector Engagement

  • Advocate for the creation of a platform or center within NATO where the private sector can engage and collaborate.
  • Address the issue of trust within the mutual public-private alliance by institutionalising the relationship.

Focus on Civilian Sector Cooperation

  • Highlight limitations in actual cooperation with the private/civilian sector due to a lack of common ground for sharing classified information.
  • Address the challenge NATO faces in building trust with civilian entities, exploring ways to measure concrete results within the NATO framework.

Potential for a Joint EU-NATO Center:

  • Consider the establishment of a joint EU-NATO center/platform for threat intelligence sharing.
  • Analyse existing political roadblocks and identify mechanisms to overcome them.

Critical Infrastructure Protection

  • Stress the importance of critical infrastructure protection within both EU and NATO, focusing on energy grids and ocean bed cables.
  • Propose a NATO cyber defence pledge to establish order within NATO infrastructure and utilise the collective knowledge of allies effectively.

Solutions and Ideas: Enhancing Trust and Collaboration

  • Advocate for creating platforms to enhance trust and collaboration.
  • Highlight the abundance of information as a challenge and suggest drawing lessons from transparency efforts in Ukraine.

Innovative Approaches Outside EU-NATO Framework

  • Propose solutions outside the EU and NATO framework to avoid regulatory roadblocks.
  • Suggest the creation of a cyber defence platform to bring public-private sectors together on the defence agenda.

NATO’s Role in Cybersecurity

  • Emphasise the importance of not overburdening NATO with tasks already addressed by others, such as the EU.
  • Encourage NATO to plan potential military operations enhanced by cyber enablers and explore possibilities for sharing more classified information.

Balancing Transparency and Security

  • Identify the need for a balanced approach to information sharing.
  • Emphasise transparency about points of contact and ensure agility in mechanisms for effective collaboration.