NATO’s role in the cyber domain is unclear.

slide_6.jpgArticle 5 of the NATO Treaty

NATO’s role in the cyber domain remains unclear. Clearly, NATO will seek to protect its own networks and platforms. Yet, the extent to which NATO’s remit expands further remains to be seen. 

It is unclear how Article Five will apply to cyber attacks. Clearly, petty cyber crimes and financial fraud are outside of NATO’s remit. However, it is at least plausible that Article Five could be invoked if a state experienced a serious cyber attack on critical national infrastructure. An attack threatening vital goods and services, such as the provision of electricity or water, would be regarded as a significant incident that could potentially justify the use of Article Five in response to a cyber attack. 

Equally unclear, is what a NATO response would look like. If the intended strategy is to respond to serious cyber attacks in kind, NATO would have to develop its own cyber weapons. This would be problematic given the inexperience and technical limitations of a NATO workforce that has not previously operated in the cyber domain. Alternatively, NATO could respond to cyber attacks through more traditional expressions of power: via armed soldiers, missiles, navy vessels, and fighter jets. Although potentially more viable, precedents over the point at which a cyber attack merits a physical or kinetic response are yet to be established by the international community. 

The Tallinn Manual, produced by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), has, has sought to respond to some of these questions by exploring how international law can be applied to cyber conflicts. However, the study is regularly misunderstood. Although commissioned by the NATO CCDCOE, the Tallinn Manual does not represent NATO doctrine and is purely an academic, non-binding study, intended to make a start in answering some of the contentious legal questions posed by cyber conflicts. In this regard, whilst the Tallinn Manual makes an important academic contribution, it by no means clarifies NATO’s evolving role in the cyber domain. 

Although NATO has adapted to evolving security threats before, the cyber domain offers altogether new challenges. 

First, there are a number of flaws in the militarisation of the cyber domain. The majority of those with the necessary technical skills to respond to the cyber security challenges work outside of the military sector. In addition, a large proportion of the infrastructure within the cyber domain is privately owned and operated. This prevents NATO from making a substantial contribution to its protection. Crucially, NATO does not have any rights, or powers, to intervene in the private sector. Given NATO’s current lack of expertise in the area, private sector firms are unlikely to welcome NATO assistance. 

Second, not all NATO members agree on the role the organisation should play in the cyber domain. Given the sensitivity of information, states such as the US and UK appear to prefer close collaboration with only a small group of trusted countries. Intelligence-sharing platforms such as Five Eyes (between the US, Canada, UK, Australia and New Zealand) are preferred. In this regard, small, high-trust cooperation forums may be viewed more favourably in the cyber domain when compared to other security domains.

From NATO’s original remit to provide collective defence in a post World War period, the organisation has evolved numerous times, adapting to the challenges faced by the Cold War, the breakup of the Soviet Union, and the emergence of terrorist cells and other non-state actors since 9/11. Although the cyber domain brings altogether new challenges, it would be unwise to write NATO off just yet. 

Jamie Collier:

 

« IBM Watson's Goodbye To Privacy
Russian Air Crash Investigation Changes The Encryption War »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Techmeme

Techmeme

Techmeme is an online news curation service focused on leading edge technology, including cyber security.

Cyber Security National Lab (CINI)

Cyber Security National Lab (CINI)

The Cyber Security National Lab brings together Italian academic excellence in Cyber Security research.

Detack

Detack

Detack is an independent supplier of IT security auditing and consulting services.

Appdome

Appdome

Appdome is the industry's first mobile integration as a service company, providing solutions for enterprise mobility and mobile application security.

Smokescreen

Smokescreen

Smokescreen's IllusionBLACK employs deception technology to detect, deflect and defeat advanced hacker attacks.

Ceerus

Ceerus

Ceerus was created to simplify the process of deploying and managing security across all the channels in an organisation.

ISMS Accreditation Center (ISMS-AC)

ISMS Accreditation Center (ISMS-AC)

ISMS-AC is the national accreditation body for Japan. The directory of members provides details of organisations offering certification services for ISO 27001.

Noventiq

Noventiq

Noventiq (the brandname of Softline Holding plc) is a leading global solutions and services provider in digital transformation and cybersecurity.

Winterhawk

Winterhawk

Winterhawk is a specialist and leading global Cyber, ESG, GRC, Risk & Identity consulting practice.

VCG Group

VCG Group

VCG provides everything you need for the design, implementation and management of data centres, cyber-secure enterprise networks, cloud and connectivity services.

Strike Security

Strike Security

Strike Security offers a continuous penetration testing platform that combines automation with ethical hackers.

Plante Moran

Plante Moran

Plante Moran is a leading audit, tax, consulting, and wealth management firm. Areas of consulting expertise include cybersecurity.

Digital Silence

Digital Silence

Digital Silence is a world-class provider of information security research and consulting services.

Flawnter

Flawnter

Flawnter is a security testing software that finds hidden security and quality flaws in your applications.

Manifest

Manifest

Manifest is a cybersecurity company dedicated to helping enterprises secure their software supply chains.

403Tech Inc.

403Tech Inc.

403Tech is a Calgary based IT Solutions Provider, specializing in small & medium business.