NATO Defense Spending Should Privilege Cyber

The acting Pentagon chief’s visit to NATO headquarters recently hardly reassured allies rattled by President Trump’s talk of quitting the alliance. But while Trump’s rhetoric is less than encouraging, his criticism of allies who put less than the agreed-upon 2 percent of national economic output toward defense should prompt us to rethink how we define “defense spending” in today’s fast-changing world. 

Of NATO 28’s member states, only five meet the goal; German defense spending is just 1.2 percent of GDP. In this way, at least, Trump has a point: NATO’s economics are clearly not working out, and this disorganization is undermining the alliance. But the crucial adjustment that is needed is not the amount of spending, but what it seeks to fund. 

The face of war is changing dramatically as cyber and electronic attacks become increasingly commonplace, and so must our allies’ understanding of defense. 

Over the past year, state-sponsored Russian hackers have targeted both US elections and critical components of the country’s infrastructure. Chinese hackers appear to be equal, if not more, alarming. The number of data breaches at US companies rose 27 percent in 2017. Yet the most recent NATO document to outline financial expectations remains the Wales Summit Declaration of 2014, which dedicates only two paragraphs to cyber defense and focuses on conventional defense expenditures, including the “deployability and sustainability” of “land, air and maritime forces.” 

Over the last few years, NATO’s member-states have started to acknowledge this oversight and have taken steps to jumpstart the development of cyber capabilities. The alliance has recently announced the imminent release of its first holistic cyber-operations doctrine and the construction of a new cyber command center expected to be fully staffed and operational by 2023. 

The United States, Britain, Denmark, Estonia, and the Netherlands have pledged to use their digital defense systems to respond to a serious cyber-attack on a fellow member-state. 

The alliance has launched Locked Shields and other exercises to fine-tune digital battle tactics. And in the communiqués that followed last year’s summit, “cyber” appeared more often than “terrorism.” 

Yet NATO remains woefully unprepared for digital warfare, as highlighted in a Belfer Center report published last week. One example: only a fraction of a $3 billion fund for satellite communications and computer systems, around $100 million has been used to strengthen critical cyber-defenses. We need to be spending differently rather than simply more.

Instead of pressing fellow member-states for greater financial contributions in general, Trump should launch the development of a more precise economic strategy based on the nature, likelihood, and danger of the threats we currently face. This starts by working with our allies to revise and broaden the current understanding of what defense spending entails. An updated definition would focus on the categories that are most critical to transatlantic security given recent Russian and Chinese activities, but that are not currently included within the scope of the 2-percent target, such as the cyber-defense of electoral processes and of civilian infrastructure. 

Digital defense is cheaper and more easily deployable than its more traditional, asset-heavy counterparts. Thus, revising NATO’s current spending requirements to encourage member-states to spend even a fraction of GDP on bolstering their most vulnerable cyber-fronts would likely be more effective and achievable than current objectives. 

Most importantly for the successful implementation of such changes, recent developments have shown that NATO member-states are indeed willing to spend more on cyber-defense. 

Recently, the Italian defense minister Elisabetta Trenta, a member of Italy’s populist Five Star Movement and a known critic of military spending, demonstrated interest in boosting her country’s defenses in the digital arena. 

“Spending money to develop cyber security defenses should count the same as spending money to buy tanks,” she argued. 
While this view may prove a bit extreme for most NATO leaders, it does suggest a path forward for productive compromise, improved security, and a healthier alliance. 

DefenseOne

You Might Also Read: 

Cyber Attribution Could Tear Apart NATO:

 


 

 

« Hackers Are Focused On Hijacking Payment Data
Falling Returns Mean Cyberecriminals Are Turning To Unconventional Methods »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Concise Technologies

Concise Technologies

Concise Technologies provide specialist IT and telecoms solutions, support services, managed backup, disaster recovery, cyber security and consultancy to SME businesses across the UK and Europe.

Paladion

Paladion

Paladion is a provider of managed IT security services.

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

T-ISAC Japan coordinates information sharing and activities related to ISP/telecommunications network security in Japan.

Cybersecurity Innovation Hub

Cybersecurity Innovation Hub

The main objective of the Hub is to bring cybersecurity and other advanced technologies closer to companies and as a result help to increase their performance as Industry 4.0.

Beazley

Beazley

Beazley are a specialist insurer with three decades of experience in providing clients with the highest standards of underwriting and claims service worldwide.

AngelList

AngelList

AngelList champion startups and the people who empower them. Search tech & startup jobs, find new tech products, and invest in startups.

New Net Technologies (NNT)

New Net Technologies (NNT)

NNT SecureOps provides ultimate protection against all forms of cyberattack and data breaches by automating the essential security controls.

HMS Networks

HMS Networks

HMS stands for Hardware meets Software. Our technology enables industrial hardware to communicate and share information with software and systems.

Keysight Technologies

Keysight Technologies

Keysight is dedicated to providing tomorrow’s test technologies today, enabling our customers to connect and secure the world with their innovations.

1Password

1Password

1Password combines industry-leading security with award-winning design to bring private, secure, and user-friendly password management to everyone.

SecureOps

SecureOps

SecureOps is transforming the Managed Security Service Provider industry by providing tailored cybersecurity solutions proven to protect organizations from cyberattacks.

Valtix

Valtix

Valtix is the first and only multi-cloud network security platform delivered as a service that enables cloud teams to meet the most stringent security requirements in a cloud-first & simple way.

NorthRow

NorthRow

NorthRow provides digital transformation compliance solutions to help businesses manage regulatory and financial crime risks.

Insight Enterprises

Insight Enterprises

Insight is a leading solutions integrator, helping you navigate today’s ever-changing business environment with teams of technical experts and decades of industry experience.

Framework Security

Framework Security

With Framework Security, you get more than a consultancy; you get a partner dedicated to simplifying cybersecurity and protecting your business in the most efficient way possible.

Toro Solutions

Toro Solutions

Toro provide managed security & consultancy to keep governments, businesses & society resilient in the space where cyber, physical & people security converge.