Too many NATO members fail to understand the risks of cyberspace and the need to hit back at aggressors. This is a recipe for failure.
Emily Otto
NATO has invested heavily in cyber defense since 2016, but most of its members remain focused on protecting national networks rather than taking the initiative.
Starting in 2020, the alliance found itself in an unbalanced position: threat sharing is improving, but offense and contesting NATO’s very active adversaries in cyberspace is the responsibility of only a few. This gap matters because cyberspace is a domain of constant contact, where passivity cedes advantage.
Five years on, little has changed: NATO’s cyber posture remains weak, anchored in passive defense, while a handful of states shoulder the burden of offensive operations in cyberspace.
NATO recognizes cyberspace as an operational domain, but its members diverge sharply in practice. Most allies focus on network defense — fielding incident response teams and resilience frameworks built around “protection” and “security”. Few explicitly mention offensive action. Only a few, like the United States, the United Kingdom, and Canada, “counter,” “contest,” and “deliver effects” through military-led offensive cyber forces. The result is an uneven posture: many defend, but few fight.
A handful of members have inched toward a more active cyber posture but still stop short of persistently disrupting adversaries. The Netherlands, for instance, recognizes the constant nature of foreign interference yet confines its response to intelligence sharing and coordination — an upgrade from wartime-only operations but still reactive. Russian-backed groups exploit this hesitation. Like it or not, NATO is already in a cyber conflict — it’s just refusing to admit it.
No comments:
Post a Comment