Title: NATO: Time to Adopt a Pre-emptive Approach to Cyber Security in New Age Security Architecture

Introduction

Cyber threats are complex and asymmetrical, particularly because cyberspace is “borderless” and exists digitally. NATO ensures its cyber security through collective action among its permanent members who respond based on the depth of the attack or vulnerability. With the new NATO Cyber Security Centre (NCSC), a cyber security command based in Mons, Belgium, NATO reinforces its capabilities in the cyber ecosystem. NATO seeks to secure its infrastructural digital networks through a centralized allied process. The main stated strategic goal of NATO’s cyber security infrastructure is to collectively counter “the full spectrum of cyber threats at all times.” The key pillars of this deterrence and defense posture include safeguarding vital networks, protecting infrastructures, and supporting cyber security missions. To mitigate the asymmetrical threat of cyberattacks, NATO must remain technologically advanced, agile, and interoperable in military operations to enhance its collective cyber resilience. NATO’s current policy simply responds to cyber attacks and minimizes vulnerabilities. NATO should transition towards preventing such attacks at all levels (from fundamental to complex wired infrastructure).

The Evolution of NATO’s Posture

As a security provider in the Euro-Atlantic region, NATO must ensure protection at all levels to prevent harm and damage from cyberattacks. NATO has long considered cyber defense to be a central defense mechanism. The need for a cyber security space feasibility requirement was first noted in the 2002 NATO Summit meeting in Prague, which discussed the necessity of technological agility and planning on electronic warfare and information systems. The Riga Summit in 2006 reiterated this necessity. Despite this recognition, no cyber security apparatus fully evolved, and interconnected cyber defense capacity remained low. Nevertheless, the summits accurately forecasted that future war operations would be far more complicated due to growing cyber security threats. Battles have occurred over an increasing number of dimensions–whether air, land, sea, or digital–particularly as electronic warfare has become a central pillar of operational attacks on command centers and critical infrastructures. Following the cyber attack against Estonia in 2007, NATO adopted a cyber defense policy and opened its first cyber security center. The 2007 cyber attack on Estonia rendered public and private Estonian installations vulnerable.

Thus, cyber security challenges became more noticeable, and the potential for a national cyber vulnerability became evident. As such, NATO members and cooperative states needed to create a strategic method that would assess and defend against both public and private national vulnerabilities. By June 2011, NATO Defense Ministers had approved a second NATO policy on cyber defense, establishing the vision for coordinated efforts on standards and processes. By April 2012, NATO announced that “cyber defense had become part of the NATO Defense Planning Process.” In September 2014, NATO launched an initiative to boost cooperation with the private sector on cyber threats and challenges at the 2016 NATO Summit in Warsaw. Thus, following 2007, NATO began to organize initiatives to strengthen member states’ cyber security.

NATO’s progress continued in February 2017 when the defense ministers of NATO approved a newer version of the Cyber Defense Action Plan and a “contested roadmap” of the cyberspace domain. This roadmap sought to design and enable an operational capability for security against cyber threats or attacks, thus meeting the needs for defense and resilience. Eventually, this roadmap led to the creation of a Supreme Headquarters Allied Command Europe (SHAPE) in Mons, Belgium, which sought to provide NATO allies with cyber defense support. Notably, SHAPE included the Cyberspace Operations Centre, which supports military commanders with situational awareness. The center also informs, trains, and prepares military and civilian assets for various potential military scenarios. At the 2018 NATO Summit in Brussels, NATO established a new Cyberspace Operations Centre to upgrade cyber security as a central pillar of the NATO Command Structure. In 2021, NATO appointed its first Chief Information Officer (CIO) to facilitate the integration, alignment, and cohesion of information and communications technology (ICT) systems NATO-wide. Cyber security thus became a priority for the organization, including critical infrastructure protection against malware and intrusion methods. As part of these initiatives, NATO has implemented resilience into cyber networks through military education, exercises, and other means of operational coordination and synchronization. On the core strategic end is NATO’s Cyber Defense Policy of 2021, which was adopted during the Brussels Summit meeting of 2021. This policy is the “bible” of core strategic tasks regarding cyber deterrence and cyber defense and affirms a wide variety of cyber security policies. Moreover, during the 2023 NATO Vilnius Summit in Lithuania, NATO endorsed a new concept for cyber defense that is still being evaluated but promises to strengthen NATO’s resilience and military operational approach. Additionally, the NATO Vilnius Summit Meeting on cyber defense reaffirmed NATO’s 2022 Strategic Concept, reiterating the view of “cyberspace” as an interconnected domain that is “contested at all times” by all levels of hacking.

Necessary Adjustments for NATO

To improve these programs, the NCSC should adopt a command-and-control centralized process that could respond to any cyber threats or attacks. NATO should also ensure that its approach is pre-emptive and would deliver strong messages to illegal entities before they attempt cyber attacks. The approach should also assert NATO’s ability to defend against these attacks. The NCSC should harmonize member states’ capabilities and a legal and adaptive process. Discrepancies between national and international cyber security laws currently prevent military-based cyber capabilities at NATO operational levels. Overall, NATO must address emerging hybrid and asymmetrical threats in a changing security landscape.

To take a pre-emptive approach to possible security threats, NATO should utilize generative AI, a fairly new technology in cyber security. Generative AI-driven solutions such as Google Cloud Security AI are already helping private companies identify cyber attacks and assess their potential impact more accurately. Such solutions would also be helpful for NATO, of course, if they do not compromise NATO’s data security. Generative AI can also provide efficient filtering of possible incident alerts by rejecting false positives, and it is expected that the technology’s ability to detect and hunt threats will only become more dynamic and automated, particularly regarding cyber security.

Once implemented, any technological solution must be integrated seamlessly with military forces. This would ensure the agility and resilience of operations, particularly considering that the German Marshall Fund has noted that “malicious cyber activity has increased substantially over the past years, ranging from ransomware and espionage to politically motivated cyberattacks and sophisticated malware.” A joint strategic plan of operations will require knowledge of and infrastructure for complex digital environments. Such a plan is especially pertinent due to the desire for collective security, as NATO members consider a cyber attack on a member state an attack on all. To accomplish this integration, NATO must conduct further research and development. Specifically, it should expand initiatives such as M&S Research and Development of the NATO Science and Technology Organization. NATO M&S Research and Development states that it is an “efficient and effective use of NATO and national Modelling & Simulation (M&S) capabilities, which requires policies, common services, shared data and standards for interoperability and reuse.” It satisfies coordination, synchronization, and standardization needs. Considering the political volatility of the current international security architecture, improving cyber capabilities will be vital. NATO must expand this initiative so that all operational and logistic levels deepen their inclusion of cyber security preparedness to meet constant and emerging challenges.

Where Do We Go From Here? 

Protecting NATO’s information systems and aligning partner states should be a priority. While adopting a new security architecture and an assertive stance are essential to cyber security, a deeper methodological and operational approach combining cyber-security tools and generative artificial intelligence would help project possible threat scenarios before they occur. NATO cannot merely respond to cyber attacks; by minimizing infrastructure vulnerabilities, NATO cannot avoid disruption at any time. Hence, NATO must adopt “pre-emptive preparedness” in its cyber defense. In the present era, the evolution of artificial intelligence and robotics strengthens NATO’s adversaries, increasing the importance of NATO initiatives that protect civilian and military assets.

As global economies become even more interconnected and reliant on the internet, NATO must overcome infrastructural threats and establish the technological capabilities to predict future threats. By synchronizing the digital ecosystem and its digital footprint, NATO can ensure that its technological processes at least match those of the private sector. NATO would thereby serve its original purpose as a centralized security providence. Further research and development through the NATO Modelling & Simulation Group, for example, would allow for more thorough cyber preparedness. As The Record explained, NATO should incorporate a resilient and assertive policy method that would incorporate a “full range of capabilities in order to deter, defend against and counter the full spectrum of cyber threats, including by considering collective responses.” Ultimately, NATO must consider the borderless nature of the digital ecosystem in its approach to defensive cyber operations, especially in an age of artificial intelligence and digital cyberspace. While NATO, NATO partner states, and those aspiring to NATO standards continue to enhance their political agreements, NATO must continue to serve as “the security benchmark” and the provider of preventive and pre-emptive security.

…

Professor Dr. Marios Panagiotis Efthymiopoulos is an Associate Professor of International Security and Strategy and Head of the Department of History, Politics, and International Studies at Neapolis University Pafos, in the Republic of Cyprus. He is also the Executive Director and founder of Strategy International (SI). He has been awarded his PhD from the University of Crete in Greece, from the Political Science Department, specializing in NATO’s New Strategic Concept and NATO-Russia Relations. He constantly grew his professional, academic, and fieldwork experiences in various countries and held positions in Italy, the USA, the UAE, and Cyprus. Dr. Marios is writing his new book, “Falkon’s Maze on Cyber-Security” by Springer, New York. For more information on his profile please visit https://www.nup.ac.cy/faculty/marios-panagiotis-efthymiopoulos/ or his personal website www.efthymiopoulos.gr or think tank www.strategyinternational.org. You may contact him at m.efthymiopoulos@nup.ac.cy or marios@strategyinternational.org.

Image Credit: Flickr