Is cyber defense possible?

• Author: Ducaru, Sorin
• Position: Sorin Ducaru - Interview

Cyber issues are rapidly growing in importance to defense alliances. The Journal of International Affairs talked to Ambassador Sorin Ducaru, NATO's assistant secretary general for emerging security challenges, about NATO's efforts to improve its cyber defenses against emerging threats.

NATO officially recognized cyberspace as a military operational domain this year. Is this a significant shift for NATO?

The recognition of cyberspace as a domain of operations represents an evolutionary rather than revolutionary change in NATO's approach to tackling current and emerging cyber threats. Having said that, we should not underestimate the significance of this decision, especially in regard to the implications of our core NATO business.

By treating cyberspace as an operational domain, NATO aims to better protect its missions and operations. It will assist in the management of resources, skills, and capabilities, and also ensure that cyber defense is better reflected in military planning, in exercises, in training, and in the way NATO responds to crises. This recognition of cyberspace as a domain may be seen as part of a strengthened response to the evolving landscape of cyber threats.

NATO will now be able to develop training, policy, and doctrine and innovate according to a more comprehensive framework that better recognizes the important role that cyberspace plays in modern operations and missions, and hence the need to be continually vigilant in protecting these digital systems from cyber risks.

This decision is also a crucial step in enabling NATO to treat cyber defense not only as a static protective discipline but as a means for mission assurance. Operational commanders will consider, in an integrated fashion, cyber defense as a mission or operation rather than a support function, analogous to the traditional domains of air, land, and sea.

Nonetheless, it is worth noting that the step of recognizing cyberspace as a domain does not change NATO's defensive mandate. NATO will continue to act in accordance with international law and following the principle of restraint. This decision is entirely within NATO's approach of supporting confidence building measures and norms of responsible state behavior in cyberspace.

When would Article 5 be triggered in the case of a cyber attack on a member country?

At the Wales Summit, allied heads of state and government affirmed that cyber defense is part of NATO's core task of collective defense. As in the traditional domains of air, land, and sea, a decision as to when a cyber attack would lead to the invocation of Article 5 will be taken by the North Atlantic Council on a case-by-case basis.

Our policy also recognizes that international law, including international humanitarian law and the UN Charter, applies in cyberspace. It's reasonable to expect the severity and impact of such an attack to be considered, within the context of the broader geopolitical situation, during consultations by allies in advance of any North Atlantic Council decision.

To sum up, Article 5 was not meant to be triggered with automaticity. It will always be a result of political consultation in a specific security context. The response itself will also be a consequence of these political consultations. What is important to note, however, is that a response to a cyber attack would not automatically imply only the use of cyber means. It could consist in diplomatic, political, economic, cyber, military, or indeed any other response that allies deem as the most appropriate in specific circumstances.

Is this extended definition both defensive and offensive?

It is important to make...