ACUS advises 'back-to-basics' Cyber strategy
The Atlantic Council of the US (ACUS) and industry partner IBM have outlined opinions on the current cyber security threat, warning that NATO is best ‘sticking to the basics’.
Speaking at a cyber briefing on 27 February ahead of the NATO Chicago summit in May, Jason Healey, director of cyber statecraft initiative, ACUS, said: ‘Sticking to the basics is, I think, a very, very wise strategy.’
Healey said NATO needs to look at the cyber threat in the present, and ‘make sure we live up to the commitments that we made in the previous summit- the Lisbon summit- that set out that goal’.
‘So if I have one thing that I would like to see come out of Chicago, it is that everyone sticks to the plan and keeps it funded for NATO’s cyber security, and to defend their own systems, and [make sure] that the nations and NATO headquarters are following up on that,’ he continued.
He added that some ‘cyber norms’ should be established, in particular ones that apply to NATO cyber operations: ‘Offence fits somewhat awkwardly into NATO’s structure, but that’s ok. It’s new, it’s sensitive, it’s highly classified, but there are some practical suggestions in the paper.’
Healey was referring to the report ‘NATO’s Cyber Capabilities: Yesterday, Today, and Tomorrow’ that he and Leendert Van Bochoven, NATO and European defence leader at IBM wrote in the lead-up to the briefing.
The paper suggests that NATO might consider creating an ad-hoc coordination cell: ‘These officers should apply, but not necessarily share, their knowledge of sensitive capabilities to help communicate the objectives of the alliance’s operational commanders to their relevant national cyber units,’ the report stated.
‘This coordination group might be similar to the US Air Forces Cyber Operations Liaison Element. In addition, as suggested by the Atlantic Council’s Franklin Miller, NATO should consider creating a group, modelled on NATO’s existing Nuclear Planning Group, to consider offensive cyber policy.’
The report explained that since NATO is a military organisation, it is therefore natural to respond with offensive capabilities as well as defensive ones, and it may have already been considered.
It also referred to the possibility that the Obama administration and military commanders may have considered a cyber offensive attack to disrupt Qaddafi’s air-defence system during the Libyan conflict.
‘Cyber capabilities may be able to provide military commanders the capability not only to limit the risk to their own forces but also to limit civilian casualties and damage to critical infrastructure,’ the report read.
‘If cyber capabilities could disable Libyan air defences from afar, then a military commander would be reckless to rule out cyber capabilities without even considering them.’
The report concluded that threats will continue to increase as budgets decrease, and the council aims to ensure that NATO’s cyberspace success matches that of its air, land, maritime and space.
‘None of these recommendations embody new capabilities, but reflect the realities of modern military missions combined with smart defence for a smarter Alliance,’ it concluded.
ACUS partnered with IBM to create the smarter allegiance initiative, which is a ‘unique platform’ that provides NATO and the security community with a combination of think tank and industry insights.
It was established in response to the NATO secretary general’s call for European allies ‘to adopt a smarter approach to leveraging scarce defence resources’, in order to develop and sustain present and future threats.
Email this to a friend.