In today’s Boston Globe, former Strategic Planner at U.S. Cyber Command Dave Weinstein and I discuss why NATO needs to formulate a defined policy and response against the growing cyber threat. The upcoming NATO summit in Wales is the appropriate place to discuss. The following is an excerpt:

Fortunately, the North Atlantic Treaty Organization has taken the first step by announcing its intention to include cyber attacks in its Washington Treaty, the accord reached in August 1949 to form the alliance. Jamie Shea, the official in charge of emerging security threats, says NATO will “explicitly state that the cyber realm is covered by Article 5.”

This section of the treaty is the cornerstone of the alliance. It declares that an armed attack against one member nation is an armed attack against all, thereby justifying collective defense. The clause has only been invoked once: On Sept. 12, 2001, in defense of the United States after the 9/11 attacks.

Cyberspace has rapidly emerged as an attractive alternative for nations to pursue military objectives. The domain’s inherent anonymity offers opportunities that the physical world renders militarily and politically infeasible. NATO countries face significant cyber threats from many nations, notably Russia.

Personnel of the 624th Operations Center, located at Joint Base San Antonio - Lackland, conduct cyber operations. WILLIAM BELCHER/U.S. AIR FORCE

Personnel of the 624th Operations Center, located at Joint Base San Antonio – Lackland, conduct cyber operations.
WILLIAM BELCHER/U.S. AIR FORCE

But recognizing cyberspace sabotage as an act of war is only halfway to a coherent policy. Shea continues, “We don’t say exactly which circumstances or what the threshold of the attack has to be to trigger a collective NATO response and we don’t say what the collective NATO response should be.” This attitude of “we’ll know it when we see it,” however, is not a strategy.

NATO’s objective should be to deter all aggression in cyberspace. A carefully worded clause in the treaty should be able to do that. It should define exactly what constitutes cyber aggression, and how NATO members, individually or collectively, will respond.

Continue reading the article

Here are some other issues I feel should be addressed at the upcoming NATO summit in Wales, detailed in my latest Foreign Policy Op-Ed.

 

Comments are closed.