Insight
Protecting European networks: What can NATO do? by Sophia Besch 31 October 2018
With the ‘cyber defence pledge’ NATO is trying to get its allies to do more to protect their networks. The alliance should lead by example. Unprotected computer networks are a security threat. Adversaries can obtain military secrets by breaking into the information and communications systems of a military force, business or nation state. They can also target and interfere with civilian ‘critical’ networks essential for everyday life, such as nuclear reactors, telecommunication companies, power plants and water supply facilities. NATO has had to adapt to this new security threat. This insight evaluates the progress the alliance has made so far as well as the challenges it still faces in the areas of resources, procurement, personnel, training and information sharing. NATO has to wrestle with a range of challenges under the broad headline of cyber defence. Most recently the alliance has been tackling the question of how to integrate ‘cyber’ into NATO planning, training, exercises and operations. It has officially recognized cyber space as an operational domain. But as in the conventional domains of air, sea, land and space, NATO does not own any offensive capabilities itself; it relies on its allies to offer their cyber capabilities to support NATO operations. The alliance’s primary, and most urgent cyber task is the protection of the communications systems and networks owned and operated by NATO. In recent years NATO has also started working on helping allies help themselves. So-called NATO Cyber Rapid Reaction teams are on standby to assist NATO nations suffering a cyber attack. The alliance also offers training opportunities, tries to make information sharing between member-states easier, and pressures allies to do more at home. But NATO has no legal enforcement mechanisms, and persuading the allies to strengthen their cyber defences is a challenge. In defence spending, a more traditional field of NATO responsibility, the alliance has a high-profile instrument at its disposal to exert pressure on allies: the two per cent pledge. NATO has decided to take an analogous approach to its cyber work. The ‘cyber defence pledge’ was conceived in 2016 as a political instrument to expand NATO’s cyber mandate. It makes NATO responsible not just for protecting the alliance’s networks but also for setting CER INSIGHT: Protecting European networks: What can NATO do? 31 October 2018
info@cer.EU | WWW.CER.EU
1