NATO members are used to sharing military assets and capabilities, especially military hardware such as tanks, bases, infantry divisions or fighter jets. Sharing offensive and defensive Cyber capabilities are important for today’s military operations in peace time and conflict. However, they are facing similar challenges as intelligence sharing is among allies, especially in times that seem to favor nationalism over multilateralism.
While the virtual nature of Cyber capabilities in some areas eliminates the logistical difficulties known to military hardware, their blurred lines, sensitive nature and characteristic present many barriers to effective utilization within NATO.
First, the understanding of Cyber is constantly evolving with technology and Cyber responsibilities are shared between military, civil and private organizations in very country. Lines are truly blurred. Policies and regulations prevent military organizations – let alone from other countries – to get involved in nation state level Cyber defense or forensic activities. Yet it might be a nation’s civil rather than military infrastructure that suffers first during conflict. The Cyber skills gap also means that the majority of Cyber skills reside in the private sector—even outside of NATO countries— rather than military so that the military needs to pool its resources but ultimately requires civilian support which results in conflicts with international law.
Second, whether its Cyber defense or offense, there is information such as known vulnerabilities within their own or an adversaries network, nation states do not like to share. Vulnerabilities (e.g. unknown zero days), Cyber intelligence activities (e.g. APT, mapping military and civil targets) or new attack vectors are tightly guarded secretes as they are important assets for intelligence agencies.
Third, Cyber capability sharing to be effectives requires new forms of collaboration. Attacks happen in seconds, algorithms respond. Placing requests for support within NATO would take too long. Support requests and supply of certain Cyber capabilities need to be available in real time just like additional computing power from external providers. Capabilities need to be clearly understood. Data likely classified or overclassified needs to be shared quickly and extensively among NATO without undermining security standard.
Inspired by discussions and many open questions at a Cyber defense workshop and simulation at TIDE Sprint 17, the presentation takes an honest look at the obstacles and solutions for Cyber capability sharing among NATO Member States.