Sponsored by Spectra Cyber Security Solutions
20 Nov 17. Here’s how NATO is preparing for cyber operations. It’s been more than a year since NATO declared cyberspace an operational domain of warfare akin to air, sea and land and while the alliance is still working its way through the practical implications of this pronouncement, behind the scenes leaders have taken a series of steps to fortify NATO’s cyber operations.
The alliance’s initial focus has been primarily on cyber defense; strengthening NATO’s infrastructure and member nations pledging to take concrete steps to harden their systems as well.
The NATO Communications and Information Agency, is also undergoing a major IT modernization effort mainly focused on centralization and virtualization of services.
Since the announcement last year, the alliance is rethinking how it might run cybersecurity operations, Merle Maigre, director of NATO Cooperative Cyber Defense Center of Excellence – a think tank independent of NATO – told reporters in November at the Estonian embassy.
NATO is now developing detailed metrics related to the cyber defense pledge and regularly reporting how each nation delivers on its cyber commitments based on these metrics, Maigre said.
The alliance also announced the establishment of a cyber operations center.
“Cyber is another top priority for NATO, which will be reflected in our updated command structure,” Jens Stoltenberg, secretary general said in early November. “I expect ministers will decide on ways to integrate cyber into all NATO planning and operations. So we can be just as effective in the cyber domain, as we are in air, on land and at sea.”
This cell will more or less advise commanders on how best to achieve an effect for mission accomplishment, Cmdr. Michael Widmann, CCDCOE Strategy Branch Chief, told reporters at the Estonian embassy.
But what does it mean?
While NATO ministers continue to meet, discuss and update their command structure, what does the declaration of cyber mean from a practical perspective? Despite both DoD and NATO declaring cyberspace a domain of warfare, “nobody has defined what that means,” said Alex Crowther, of the National Defense University, said during a presentation at AUSA’s annual conference in October.
Coalition cyber operations are still in their infancy and it is less clear how a block of nations can conduct and coordinate effects in the inherently obfuscating cyberspace domain.
“In NATO, we need to figure out what cyber operations are before we decide what the organizational construct is. We need to decide what precisely cyberspace is as a domain for operations. Additionally, we need to set down what the rules of engagement are because cyberspace is a different and unique domain for operations,” said Brad Bigelow, the chief technical adviser to the CIS/Cyber Defense (Communications Information Systems/CD) staff at the Supreme Headquarters Allied Powers Europe, or SHAPE.
NATO members own their planes, their ships and their cyber capabilities and they can share that with other allies when they wish and deploy them into NATO missions and operations, Maigre added.
This national model – in which one country employs the effect – has been floated by other thinkers as a potential model given the complicating factors that all 29 member nations have their own systems, networks and views on cyberspace. Even within U.S. organizations and agencies, deconflicting their forces so they are not potentially competing against each within cyberspace other is critical.
Another complicating factor is one that plagues the U.S. as well; definitions and redlines. What type of cyber event – many of which fall beneath the threshold of conflict – might trigger the alliance’s collective self-defense provision?
“These are always political decisions,” Marina Kaljurand, the former minister of Foreign A