Key Takeaways from the Launch of e-Volume on Cyber Threats and NATO 2030

NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) in cooperation with King’s College London and William & Mary organised a virtual launch of a new e-volume ‘Cyber Threats and NATO 2030: Horizon Scanning and Analysis’ on 12 January 2021. The entire volume is available here.

During his keynote address, David van Weel, Assistant Secretary General for Emerging Security Challenges, NATO, addressed issues confronting the Alliance and strategies to overcome both adversaries and unknown futures in the cyber domain. Despite the prevalence of cyber initiatives, there is a sense of ambiguity of thresholds in cyberspace activities. The lines of what constitutes acceptable and non-acceptable behaviours are poorly understood or defined and transcend from military spheres into daily life. With an eye to the horizon, van Weel emphasized that the approach to cyber defence needs to be more flexible and member nations need to think more broadly about resilience for complex interdependence in the future. Confronting issues and building trust will be a key part of this as NATO and its citizens move from an “analogue to digital Alliance.”

Session I, “Cyber Domain, New Technologies and NATO’s Response,” was moderated by Dr. Anthony Stefanidis and featured three distinguished panellists. Franz-Stefan Gady, the International Institute for Strategic Studies (IISS), reviewed requirements judged necessary for conducting integrated cyber and kinetic Multi Domain Operations (MDO) in future high intensity conflict involving NATO and a near-peer adversary. Underscoring any requirement is the need for NATO to have its own separate doctrine on MDO with a common systems architecture, place an enhanced focus during war games and exercises on the initial stages of MDO in high-intensity conflict, and a closer examination of legal restrictions and domestic political considerations that could prevent the effective use of multi domain formations and offensive cyber operations in these conflicts. Jacopo Bellasio, RAND Europe, addressed the impact of new and emerging technologies on the cyber threat landscape and the corresponding implications for NATO. As advances in cyber and associated developments are expected to continue, these will have a profound impact on society and life, as well as security and defence. Looking at clusters for machine learning and other technologies, Bellasio emphasized that the most significant impact on the cyber threat landscape will not stem from any individual technological development, but rather the complex interaction of new and existing or legacy technologies operating in a complex synergy with potential cascading effects.  Therefore, NATO will need to increase its ability to absorb capacity, influence legal and regulatory measures applied to new and emerging technologies, assess the implications of technological advancements, and strengthen trust across the Alliance to enhance interoperability. Dr. Simona R. Soare, the European Union Institute for Security Studies (EUISS), examined how cyber warfare and social disorder create interrelated vulnerabilities with cascading effects in smart cities. The layered technologies of legacy systems and the changing patterns of cybercriminal activity can make detection and repair of compromised devices and systems both a lengthy and costly process, assuming the malware is even discovered. To counter this, NATO can exert influence in terms of how security architecture is designed and executed, particularly with the inclusion of local-government oriented resilience and enhanced preparedness. The Q&A that followed addressed how different paces of cyber developments and issues of decentralization can create threats within the Alliance, how new technologies can test the fabric of society and the cohesion of the Alliance, and digital inequality layered upon social inequality. In summary, panellists commented that we are only as strong as our weakest link and that speed and scale (or reaction) are not always a friend to NATO.

Session II “Cyber Conflict, Adversaries and NATO’s Response,” was moderated by Dr. Tim Stevens and featured four distinguished panellists. Prof. Martin C. Libicki, US Naval Academy, argued that the escalatory and de-escalatory use of cyber capabilities is atypical in the management of crisis in that it is best conceptualized as a lattice. The lattice metaphor allows for spill over effects into other domains as well as the “ladder” vertical movements that lead to intensified conflict. Cyber attacks intended to influence a small conflict may also influence a large conflict, which in turn leads to a disproportionate counterresponse. This is owing to increased ambiguity on intentions and thresholds, as well as a lack of correlation between the traditional costs of conflict and causalities. Bilyana Lilly, RAND Corp., addressed Russia’s cyber limitations in personnel and innovation, their potential impact on future operations, and how NATO and its members can respond. While Russia is working to overcome these limitations, their current approach is shaped by the Kremlin’s perception of geopolitics and Russian state power and restrained by Russia’s personnel and resources. To further encourage this trajectory, the Alliance can help exacerbate Russia’s brain drain problem and also dissuade future hackers from joining Russian forces with increased indictments. NATO should, however, carefully weigh the risk and benefit of sanctions, as these can unnecessarily harm firms in IT sectors that are not connected to Russia’s offensive cyber industry. Sally Daultrey, Adenium Group Ltd., and Prof. Chon Abraham, William & Mary, offered NATO considerations to reconcile barriers to shared cyber threat intelligence, drawing on their study of Japan, the UK and the US. The core message imparted was that NATO, as a non-state neutral actor for its members, can be the enabler of cyber intelligence sharing and assist members with lesser capabilities. To ensure that information is shared and handled correctly, NATO could be the architect, standards broker, and clearing house to share clear and credible information. The Q&A that followed discussed Alliance ambiguities (or lack thereof) regarding escalation, Russia’s use of proxies and their inter-departmental competition dynamic, the reconciliation of different legislative frameworks for threat intelligence sharing, and the issues involved in terminating cyber exchanges.

Professor Stephen E. Hanson, Vice Provost for International Affairs, William & Mary, delivered closing remarks. Drawing on the themes evident throughout the discussions, Hanson emphasized the importance of trust in the Alliance, from rebuilding democracies to creating cyber resilience. The greatest strength of the Alliance, and indeed of open societies, is also the greatest vulnerability in the cyber defence sphere: the individual freedom to find and access our own sources of information and to interact freely with others. This fundamental contradiction is a challenge for NATO as it aims to support complex interdependence and also reduce vulnerabilities to cyber attacks. Together with academic institutions like King’s College London and William & Mary, the Alliance and its citizens can begin a process of learning from each other to better understand enduring and emerging transatlantic threats, and to rebuild the bonds of trust.

Recording of the event available on CCDCOE Youtube channel

More photos here.