Fusion on paper or in practice? Making the cloud work for ISR and NATO

Executive summary

NATO’s eastern flank faces a transformed operational environment defined by persistent hybrid threats that expose critical gaps in intelligence fusion and response timelines. Airspace incursions, undersea-cable sabotage, cyber intrusions, information campaigns, and targeted GPS jamming are not just isolated events, but elements of a sustained Russian strategy to probe defenses, test resolve, and impose continuous strain on a NATO systems architecture designed for episodic crises rather than persistent, multi-domain competition below the threshold of armed conflict.

The Alliance’s core challenge is not sensing capacity. NATO and its members field capable Intelligence, Surveillance, and Reconnaissance (ISR) platforms across all domains. The problem lies in speed, integration, and trust. Data remains fragmented across national systems, shared selectively, and processed through architectures ill-suited for today’s tempo of operations. Without corresponding investments in shared infrastructure, paired with clear standards, adopting emerging technologies and modernizing systems risk amplifying friction rather than reducing it.

The June 2025 NATO commitment to invest 5 percent of gross domestic product (GDP) annually in defense and security-related spending by 2035 could address some of these issues. However, absent deliberate guidance, new resources may be absorbed by legacy platforms and approaches, producing fragmentation at greater scale.

This paper argues that cloud-enabled ISR aligns with NATO’s federated political reality, enabling infrastructure for effective modernization. Rather than attempting to centralize intelligence collection, investments in cloud infrastructure could match desires for interoperability with technical reality, while enabling allies to retain data ownership and facilitating shared processing, fusion, and controlled dissemination. By the 2029 NATO-wide reassessment of the trajectory and balance of spending,¹NATO, “The Hague Summit Declaration,” June 25, 2025, paras. 2–3, https://www.nato.int/cps/en/natohq/official_texts_236705.htm (“The trajectory and balance of spending under this plan will be reviewed in 2029, in light of the strategic environment and updated Capability Targets”). as outlined in the June 2025 Hague Summit Declaration, NATO should mandate interoperability standards for all new ISR acquisitions. It also should articulate firm requirements for all cloud vendors, allocate meaningful portions of increased defense spending toward shared digital infrastructure, and rely on rigorous trust frameworks based on verifiable technical measures.

I. A persistent threat environment on NATO’s eastern flank

NATO’s eastern flank is under persistent pressure across multiple domains. Airspace incursions, maritime sabotage, cyber intrusions, and deliberate information operations all occurred last year and have become routine. These are not isolated incidents, but part of a sustained Russian strategy to probe Alliance defenses, test political resolve, and impose continuous operational and cognitive strain on NATO and its member states.

In the final months of 2025, there were at least thirteen days marked by distinct, attributable airspace incursions across NATO’s eastern flank.²See, e.g., Emma Burrows, “NATO’s first drone battle pits million-dollar jets against cheap drones, exposing vulnerabilities,” AP News, September 2025, https://apnews.com/article/poland-russia-drones-jamming-ukraine-incursion-nato-27b1aeed542604c91386df1fbe4463c7; Stine Jacobsen, “Denmark links drones at Copenhagen airport to hybrid attacks across Europe,” Reuters, September 23, 2025, https://www.reuters.com/world/europe/drones-that-shut-copenhagen-airport-flown-by-capable-operator-danish-police-say-2025-09-23/; Gavin Blackburn, “Two Russian military aircraft enter NATO member Lithuania’s airspace, military says,” Euronews, October 23, 2025, https://www.euronews.com/2025/10/23/two-russian-military-aircraft-enter-nato-member-lithuanias-airspace-military-says; Gavin Blackburn, “NATO member Romania finds drone fragments after Russian strikes on Ukrainian ports,” Euronews, November 11, 2025, https://www.euronews.com/2025/11/11/nato-member-romania-finds-drone-fragments-after-russian-strikes-on-ukrainian-ports; “Dutch military opens fire at drones over Volkel Air Base,” AP News, November 2025, https://apnews.com/article/netherlands-air-base-drones-volkel-3ed1cca6b65f463fee34c60b15565fe0. Additional developments have included the November 2024 to January 2025 wave of subsea cable incidents in the Baltics³Katharina Buchholz, “Baltic Sea Cable Incidents Pile Up,” Statista, February 6, 2025, https://www.statista.com/chart/33892/damage-to-underwater-cables-and-pipelines-in-the-baltic-sea/., with at least seven cable cuts in three months, combined with sustained GPS jamming affecting 85 percent of flights into and out of Estonia⁴Kristi Talving (Director General, Estonian TTJA), quoted in ERR News, “Damage from Russia’s GPS jamming amounts to over €500,000, Estonia says,” July 2025, https://news.err.ee/1609759581/damage-from-russia-s-gps-jamming-amounts-to-over-500-000-estonia-says. See also: Euronews, “What can Europe do to better defend against GPS interference from Russia?,” September 2, 2025, https://www.euronews.com/my-europe/2025/09/02/what-can-europe-do-to-better-defend-against-gps-interference-from-russia., along with 2,732 recorded incidents in Poland⁵Council of the European Union, General Secretariat, “Call for Common Actions in Response to GNSS Jamming and Spoofing Threats,” ST-9198-2025-INIT, May 22, 2025, https://data.consilium.europa.eu/doc/document/ST-9198-2025-INIT/en/pdf (“In Poland: 1908 cases in October 2024 to 2732 cases in January 2025, according to unique ICAO ID per month”). during January 2025. While NATO has responded, most notably through Operations Baltic Sentry⁶NATO, “NATO launches ‘Baltic Sentry’ to increase critical infrastructure security,” January 14, 2025, https://www.nato.int/en/news-and-events/articles/news/2025/01/14/nato-launches-baltic-sentry-to-increase-critical-infrastructure-security. and Eastern Sentry⁷NATO, “NATO launches ‘Eastern Sentry’ to bolster posture along eastern flank,” September 12, 2025, https://www.nato.int/cps/en/natohq/news_237601.htm. See also: SHAPE, “Eastern Sentry to enhance NATO’s presence along its eastern flank,” https://shape.nato.int/news-releases/eastern-sentry-to-enhance-natos-presence-along-its-eastern-flank., recent incidents have exposed weaknesses in the Alliance’s ability to rapidly integrate forces and information in order to quickly respond to the evolving nature of warfare.

These incursions have triggered airport closures⁸Jordyn Dahl, “Poland closes airspace, scrambles jets amid ‘massive’ Russian attack on Ukraine,” Politico, September 28, 2025, https://www.politico.eu/article/poland-closes-airspace-after-russian-attack-on-kyiv/. and fighter aircraft sorties, while stress-testing and revealing inefficiencies in NATO’s ISR architecture. More consequentially, beyond their immediate operational impact and response, these incursions reinforce the hybrid nature of modern warfare, in which shaping public perception and societal resilience is as strategically significant as military effects. NATO’s ability to defend and respond in the future will be defined as much by processing power and systems design as by F-35 sortie speed. 

The core challenge is not a lack of sensing capacity. NATO and its members field a wide array of advanced ISR platforms across all domains. Rather, the problem lies in speed, integration, and trust. Rather, the problem lies in speed, integration, and trust. This challenge extends beyond the Alliance level. Even national militaries struggle to integrate data from diverse sensing platforms into unified observation capabilities—as recent efforts to track submarine activity in the Baltic demonstrate.⁹Allied Maritime Command, “NATO’s Playbook Merlin 25 Enhances Baltic Sea Anti-Submarine Capabilities,” NATO MARCOM, November 11, 2025, https://mc.nato.int/media-centre/news/2025/nato-playbook-merlin-25-enhances-baltic-sea-antisubmarine-capabilities. Alliance data remains fragmented across national systems, shared selectively, and processed through architectures that are ill-suited for persistent, multi-domain competition below the threshold of armed conflict. Enhancing interoperability through advanced computing technologies is central to NATO’s ability to counter not only airborne and maritime incursions, but also increasingly sophisticated cyber and cognitive attacks. Equally important, cloud infrastructure offers resilience that traditional architectures cannot match, such as distributed storage and redundant processing to ensure that critical intelligence remains available even when individual nodes are compromised.¹⁰NATO, “Strengthening NATO’s Eastern Flank,” NATO, https://www.nato.int/en/what-we-do/deterrence-and-defence/strengthening-natos-eastern-flank, accessed January 28, 2026.

II. Cloud-enabled warfare: Lessons from Ukraine and the limits of the Alliance

Ukraine has become the most consequential laboratory for cloud-enabled warfare, and its experience offers critical lessons for NATO. The central lesson is that the tempo, scale, and character of modern conflict is changing. The country’s Delta battlefield management system, which integrates satellite imagery, radar, and drone reconnaissance into a unified operational picture, has decreased detect-to-engage timelines from approximately seventy-two hours to roughly two minutes.¹¹Jake Epstein, “Ukraine’s Digital War Tool Cut the Time Between Finding and Striking Russian Targets from Days to Minutes,” Business Insider, November 24, 2025, https://www.businessinsider.com/ukraine-delta-battlefield-tool-slashed-strike-times-on-russian-targets-2025-11 (Lt. Col. Yurii Myronenko, Ukraine’s deputy minister of defense for innovation, noted that “short-range tactical systems provide the fastest response near the front line, whereas long-range systems operate within a longer but more complex and meticulously planned cycle”). This compression has altered battlefield decision-making by enabling near-real-time sensing to become accessible on the battlefield across dispersed units. The effect was driven by the fusion of data from different sources rather than by a single exquisite platform.¹²NATO ACT, “CWIX 2024,” https://www.act.nato.int/activities/cwix/ (Delta system tested for NATO interoperability). See also: NATO NCIA, “NATO Edge 24,” December 2024, https://www.ncia.nato.int/nato-edge-24-comes-to-a-close-. The lesson for NATO is not Delta’s technical configuration, but its implementation and architecture.

The commercial technology ecosystem has also proven operationally useful. AI-driven targeting technology that further enables integration¹³David Ignatius, “How the algorithm tipped the balance in Ukraine,” Washington Post, December 19, 2022, https://www.washingtonpost.com/opinions/2022/12/19/algorithm-eli-berman-ukraine-war/., commercial synthetic aperture radar (SAR) constellations, and low-cost AI vision modules improving first-person view (FPV) drone accuracy¹⁴Kateryna Bondar, “Ukraine’s Future Vision and Current Capabilities for Waging AI-Enabled Autonomous Warfare,” Center for Strategic and International Studies, March 6, 2025, https://www.csis.org/analysis/ukraines-future-vision-and-current-capabilities-waging-ai-enabled-autonomous-warfare (“drones enabled with autonomous navigation raise the target engagement success rate from around 10 to 20 percent to around 70 to 80 percent”). all demonstrate the changing possibilities in ISR. As proof, Ukraine’s military leadership attributes much of its defensive success to a similar technology stack.¹⁵RBC-Ukraine, “Ukraine Must Constantly Prepare for War: Syrskyi Interview,” August 18, 2025, https://newsukraine.rbc.ua/interview/ukraine-must-constantly-prepare-for-war-with-1755497973.html (“Virtually all of Ukraine’s advanced weaponry contains elements of artificial intelligence, including air defense systems”).

NATO should not replicate Ukraine’s model wholesale. Ukraine operates as a unitary command with existential urgency and accepts commercial dependencies that Alliance governance structure would constrain. Their approach prioritized operational speed over security hardening—a rational choice under existential threat, but one that has left aspects of its cloud infrastructure vulnerable. The Alliance requires federated architectures that respect national classification authorities while achieving comparable fusion speeds, while still prioritizing data security and availability. NATO’s Multi-Domain Operations concept recognizes this reality, calling for “converging effects at the speed of relevance,”¹⁶NATO, “Multi-Domain Operations and Digital Transformation: Enabling Converged Effects in the Modern Battlespace,” May 2, 2025, https://www.act.nato.int/article/mdo-dt-enabling-converging-effects/. but achieving that tempo within such a federated structure requires investment in architectures explicitly designed for selective sharing, distributed control, and verifiable trust.¹⁷Sara Ann Brackett, “Cloudbusting: Policy for Evaluating Trust in Compute Infrastructure,” Atlantic Council, December 2025, https://www.atlanticcouncil.org/in-depth-research-reports/issue-brief/cloudbusting-policy-for-evaluating-trust-in-compute-infrastructure/; see also NIST Special Publication 800-207: Zero Trust Architecture, https://csrc.nist.gov/publications/detail/sp/800-207/final.

NATO must strive to find convergence in shared and trustworthy infrastructure. No single vendor will be able to provide all that each member of the Alliance requires, but NATO can articulate clear and common technical standards which, in turn, will enforce meaningful interoperability. Cloud-enabled warfare is not only a technical transformation, but an institutional one that requires NATO to reconcile operational speed with collective governance, and technological advantage with political reality.

III. Intelligence sharing, trust, and NATO’s structural constraints

The NATO alliance of thirty-two countries does not possess an organic, centralized intelligence agency. Instead, the Alliance relies on thirty-two different intelligence production cycles and voluntary sharing. Each state determines what intelligence to share, when to share it, and with whom. While this federated model has many benefits, such as protection of sources and methods, it also presents challenges to conglomerate timely, actionable intelligence that can then be acted upon. Any effort to modernize NATO’s ISR capabilities therefore must be nested in the current structure of existing intelligence sourcing, which also defines the boundaries within which any cloud-enabled ISR solutions must operate.  

Perhaps the Alliance’s most developed effort to aggregate and analyze intelligence is the NATO Intelligence Fusion Centre (NIFC). Established following operations in the Balkans and the War on Terror, the NIFC was created “to facilitate the sharing and fusion of intelligence, contribute to filling intelligence gaps within Allied Command Operations, and to support the planning and execution of operations.”¹⁸NATO Intelligence Fusion Centre, “Who We Are,” NATO Intelligence Fusion Centre, https://web.ifc.bices.org/about-us/who-we-are, accessed January 28, 2026. While the NIFC has certainly improved coordination and situational awareness, its effectiveness has remained constrained by national caveats and trust dynamics within the Alliance.

In practice, intelligence sharing within the Alliance remains uneven and selective. NATO has recognized this problem and has taken marginal steps to improve intelligence sharing through the Joint Intelligence, Surveillance, and Reconnaissance (JISR) system, which stresses a “responsibility to share” relevant information over only sharing information on a “need to know” basis.¹⁹NATO, “Joint Intelligence, Surveillance and Reconnaissance,” NATO, https://www.nato.int/en/what-we-do/deterrence-and-defence/joint-intelligence-surveillance-and-reconnaissance, accessed January 28, 2026. While JISR has attempted to establish common procedures and a shared vocabulary for intelligence cooperation, its implementation remains voluntary. While NATO continues to lack the authority to compel allies to contribute sensitive intelligence, it is taking steps in the right direction to promote data standardization and information assurance. Additionally, internal timelines targeting 2030 for full cloud transition risk misalignment with both the threat trajectory and the pace of technological evolution.

These structural limitations are particularly consequential in today’s operational environment on NATO’s eastern flank, where the threat is defined by both persistent gray-zone activity and episodic crises. Airspace incursions, maritime sabotage, cyber operations, and information campaigns often unfold simultaneously and below the threshold of armed conflict. Responding effectively, often in multiple domains simultaneously, requires that decision makers and operational forces have rapid access to the best intelligence. Yet NATO’s underlying intelligence architecture remains ill-suited to respond to continuous competition, leaving the Alliance with less decision space in times of elevated activity.

IV. Cloud and AI in ISR

NATO’s existing ISR architecture was largely designed for episodic crises involving significant force movements, not for persistent, multi-domain competition below the threshold of armed conflict. NATO allies have no shortage of specialized platforms, but the Alliance struggles to ingest, fuse, and analyze streams of information from multiple countries and across multiple domains. Rather than attempting to centralize organic capability, cloud-enabled ISR supports a federated approach uniquely suited for NATO. Allies would retain ownership and control of their data and platforms, while NATO infrastructure would enable conglomeration, shared processing, a standardized tagging system, and controlled selective dissemination. NATO would need to enable this functionality with updated and secure cross-domain solutions and policies. This cloud-computing model would acknowledge the political reality of the Alliance and would operate inside that space to improve the speed and utility of intelligence sharing. 

In this cloud computing model, “service providers offer metered, on-demand access to computing resources. Instead of operating their own servers and facilities, customers specify workloads—sets of defined computing tasks, utilizing computing resources—for which cloud providers handle implementation and execution,” according to research by the Atlantic Council.²⁰Sara Ann Brackett, “Cloudbusting: Policy for Evaluating Trust in Compute Infrastructure,”; Peter Mell and Timothy Grance, “NIST Special Publication 800-145: The NIST Definition of Cloud Computing,” National Institute of Standards and Technology, September 2011, https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-145.pdf. While readers may find a variety of terms used by companies marketing cloud services to describe clouds that are “dedicated,” “commercial,” “mission-focused,” and so on, these are largely distinctions in rhetoric or sales intent rather than substance. It is also material to acknowledge that buying and building cloud infrastructure is capital-intensive and the four largest cloud providers, often collectively referred to as the “hyperscalers,” bring in revenues well in excess of their competitors, which can influence where and how they operate.²¹Trey Herr, “Four Myths about the Cloud: The Geopolitics of Cloud Computing,” Atlantic Council, August 31, 2020, https://www.atlanticcouncil.org/in-depth-research-reports/report/four-myths-about-the-cloud-the-geopolitics-of-cloud-computing/#thereisnocloud; Simon Handler, Lily Liu, and Trey Herr, “Dude, Where’s My Cloud? A Guide for Wonks and Users,” Atlantic Council, September 28, 2020, https://www.atlanticcouncil.org/in-depth-research-reports/report/dude-wheres-my-cloud-a-guide-for-wonks-and-users/.

Cloud-enabled ISR architecture also could facilitate the integration of generative AI and commercial-sensing systems that are becoming increasingly proliferated and accurate. When fused with retained allied ISR capabilities and organic NATO feeds in a trusted cloud environment, these commercial sources can reduce costs and enhance redundancy. Generative AI systems can provide more effective machine reasoning over large and rapidly changing datasets. However, integrating these systems presents risks. Commercial and open-source data are vulnerable to manipulation, misinformation, and adversarial deception, reinforcing the need for rigorous data validation and human oversight. Generative AI systems remain in their commercial infancy—and harnessing the effects of a large language model inside a software system takes time, experience, and tolerance for failure. These technologies don’t solve NATO’s ISR challenges, but they do present a cost-effective path that acknowledges the political reality of the Alliance and strengthens collective defense.

As NATO faces growing pressure to adopt emerging commercial technologies, its reliance on cloud services will deepen, and how it procures this capability will be vital. Procurement guidance should specify requirements in operational terms such as latency, throughput, and availability, rather than privileging particular vendors or national frameworks. Conflicting trust regimes risk undermining interoperability across NATO’s thirty-two-nation cloud ecosystem, reducing collaboration without delivering meaningful security gains. Harmonizing verifiable, outcome-based trust criteria would better reflect Alliance realities while preserving flexibility and resilience. When France requires SecNumCloud while Germany applies C5 attestation and the US mandates FedRAMP, interoperability suffers without improving security.

NATO should move toward trust criteria that are verifiable, meaningful, and collaborative rather than imposing unilateral entity-based exclusions.²²Sara Ann Brackett, “Cloudbusting: Policy for Evaluating Trust in Compute Infrastructure,” Atlantic Council, December 2025, https://www.atlanticcouncil.org/in-depth-research-reports/issue-brief/cloudbusting-policy-for-evaluating-trust-in-compute-infrastructure/. On national cloud mandates: Office of Management and Budget, “M-24-15: Modernizing FedRAMP,” July 25, 2024, https://www.whitehouse.gov/wp-content/uploads/2024/07/M-24-15-Modernizing-the-Federal-Risk-and-Authorization-Management-Program.pdf; BSI, Cloud Computing Compliance Criteria Catalogue (C5:2020), https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/CloudComputing/ComplianceControlsCatalogue/2020/C5_2020.pdf, with EVB-IT Cloud procurement terms (March 2022) requiring C5 attestation for German public sector; ANSSI, “SecNumCloud,” https://cyber.gouv.fr/sites/default/files/document/secnumcloud-referentiel-exigences-v3.2.pdf, required under France’s “Cloud au Centre” doctrine per Légifrance circular 45446, https://www.legifrance.gouv.fr/circulaire/id/45446. Waterfall techniques, where many states’ security requirements can reference a common standard or satisfy the same certification, can be useful but should be approached with caution. The interplay of national standards risks conflating related terms without their underlying differentiated meaning or associated compliance mechanisms. How something is being audited and verified in real time is often as important as the requirement itself.

V. NATO, cloud, and ISR amid the digital transformation agenda and 5 percent

NATO’s digital transformation agenda has generated genuine policy momentum, yet implementation continues to lag behind both operational necessity and technological availability. The April 2025 adoption of an AI-enabled, cross-domain technology platform represents a meaningful inflection point.²³NATO, “Harnessing Artificial Intelligence: Allied Command Transformation at the Forefront of NATO Innovation,” April 16, 2025, https://www.act.nato.int/article/harnessing-artificial-intelligence/. For the first time, all thirty-two allies can access a common environment capable of federated data access, handling multiple classification levels. Equally important, the acquisition was framed around capability requirements rather than vendor identity, which is a precedent NATO should preserve.

Certain cloud providers can already meet many, if not most, of the requirements of the technologies discussed here. These requirements are also not the last word in what NATO and its member states need, but rather the best public representation of that use case. One reasonable requirement for NATO’s classified cloud deployments is security protocols that are sufficient to protect NATO workloads from cloud-provider staff viewing them.²⁴The Confidential Computing Consortium, “A Technical Analysis of Confidential Computing”, November 2022, https://confidentialcomputing.io/wp-content/uploads/sites/10/2023/03/CCC-A-Technical-Analysis-of-Confidential-Computing-v1.3_unlocked.pdf Some use cases or specific requirements might only be met by a small handful of providers, and that should be weighed against locality but not held in opposition. As stated in past Atlantic Council research, “Artificially constraining cloud providers, mandating technology transfer, and rewarding regulatory arbitrage do nothing to advance national sovereignty objectives and incentivize lax security practices instead of proactive, systemic monitoring.”²⁵Sara Ann Brackett, “Cloudbusting: Policy for Evaluating Trust in Compute Infrastructure,” Atlantic Council, December 2025, https://www.atlanticcouncil.org/in-depth-research-reports/issue-brief/cloudbusting-policy-for-evaluating-trust-in-compute-infrastructure/.

NATO’s 2022 Digital Transformation Vision articulated the ambition of a shared digital backbone and data ecosystem. The 2024 Digital Transformation Implementation Strategy sought to operationalize that vision.²⁶NATO, “NATO’s Digital Transformation Implementation Strategy,” October 17, 2024, https://www.nato.int/en/about-us/official-texts-and-resources/official-texts/2024/10/17/natos-digital-transformation-implementation-strategy. Progress, however, remains incremental. Given the operational environment on NATO’s eastern flank, incrementalism is no longer sufficient. 2026 should mark the transition from voluntary compliance to mandatory implementation for core digital standards.

This urgency is magnified by the Alliance’s June 2025 commitment to invest 5 percent of GDP annually in defense and security-related spending by 2035. As NATO Secretary General Mark Rutte noted, this decision resolves a transatlantic imbalance that has persisted since the 1950s.²⁷NATO, “Joint press conference: NATO Secretary General Mark Rutte with German Federal Chancellor Friedrich Merz,” December 11, 2025, https://www.nato.int/en/news-and-events/events/transcripts/2025/12/11/joint-press-conference-by-nato-secretary-general-mark-rutte-with-german-federal-chancellor-friedrich-merz. However, this opportunity is not without risk. Absent deliberate guidance and clear standards, new resources will be absorbed by legacy platforms or national stovepipes, producing fragmentation at an even greater scale.

The opportunity is to invest a meaningful portion of this funding in shared civilian/military infrastructure with firm requirements for meaningful Allied interoperability. Dual-use infrastructure amortizes the costs across defense and civilian budgets, making cloud-infrastructure investment (to include data centers, energy-grid upgrades, and telecom improvements) more palatable politically and more resilient. NATO cannot afford slow, uneven implementation while the threat environment continues to accelerate.

VI. Recommendations

This paper has argued that NATO’s core ISR challenge resides not in collection but in fusion, and that the new 5 percent target presents opportunities for collective investment with firm and vendor-agnostic interoperability standards. Whether this produces collective advantage or simply amplifies existing fragmentation depends on the Alliance. Below are some steps that NATO should consider taking:

1. NATO should treat digital interoperability as a mandatory condition of future cloud services. By the 2029 reassessment, all new cloud services, in whatever context they are deployed, should be required to meet baseline Alliance standards for data ingestion, tagging, cross-domain processing, customer-defined secrets storage, and selective dissemination. Common identity management, including support for role-based access controls (and ideally an open-standard identity architecture) is important yet often missing from vendor offerings in support of customers operating in multiple clouds. These requirements should be enforced with the same rigor as physical interoperability standards. The Alliance should also require open APIs, containerized deployments, and standardized data formats as conditions of major cloud contracts, alongside tested migration provisions as shared standards reduce fragmentation.
2. The Alliance should define a target share of new defense spending toward shared digital infrastructure. NATO should encourage allies to allocate increased defense spending to shared identity systems, interoperable compute and networking infrastructure, and standardized data architectures. These investments would constitute the connective tissue that makes national capabilities more easily interoperable. Without them, the 5 percent commitment risks producing national modernization that cannot be fused by the Alliance.
3. NATO must harden approaches to trust without defaulting to geography. Location-based requirements should not be the starting point for evaluating risk. Classified cloud implementations should be framed as a spectrum of assurance models, properly tagged, and matched to mission sensitivity and threat tolerance. Technical measures, such as encryption key controls, auditability, remote attestation, and access verification offer more precise and verifiable assurance than server location alone. Risk-based frameworks remain essential, but they must be paired with non-negotiable minimum standards for systems whose failure would have strategic consequences. A blended ecosystem of large- and small-scale providers epitomizes a collective investment in resilience by eliminating single points of failure while preserving access to scale and specialized capability.
4. NATO should prioritize cloud infrastructure that delivers benefits for both civilian and defense use. Cloud infrastructure, secure data platforms, resilient networking, and advanced analytics funded for defense purposes can and should be designed for shared reuse by civilian authorities and critical-infrastructure operators. Shared infrastructure will help cushion the blow of new investments in otherwise defense-only technologies and lower the cost to defense users while simultaneously challenging assumptions about the security of shared systems.
5. NATO should accelerate its 2030 cloud transition target. The Alliance’s current timeline was set before the present threat tempo materialized. Given persistent gray-zone operations on the eastern flank and the rapid evolution of both threats and enabling technologies, NATO should advance initial operating capability for core cloud infrastructure to 2027, with full transition by 2029 coinciding with the reassessment cycle.

Taken together, these recommendations support a principled and pragmatic path toward cloud infrastructure and the potential it supports for adopting AI and other emerging technologies to support NATO’s ISR mission. The paper prioritizes interoperability, which will allow allies to retain control over sensitive assets while enabling faster, more coherent collective action. The threat environment is evolving, and the operational consequences of inaction are already becoming visible on NATO’s eastern flank. The Alliance already possesses the sensing capacity. It must now invest in the connective tissue and shared infrastructure to translate data into actionable shared intelligence at speed.

The Atlantic Council’s Transatlantic Security Initiative and Cyber Statecraft Initiative are grateful to Amazon Web Services (AWS) for its support for this issue brief. AWS is a provider of cloud services—the subject of this issue brief—including to public-sector clients such as NATO.

This issue brief was written and published in accordance with the Atlantic Council’s Intellectual Independence Policy, which requires all donors to agree to the Council maintaining independent control of the content and conclusions of its work.

The analysis and recommendations reflect the authors’ views and do not reflect the views or policy of the US Defense Department, the US Department of the Navy, or the US government.

The Big Story Mar 16, 2026

The coming compute war in Ukraine

For the United States, the coming compute war isn’t just a Ukrainian problem—it’s a preview of US challenges in future conflict.

Defense Industry Defense Technologies

UkraineAlert Mar 12, 2026

Iran war highlights Ukraine’s rapid rise to drone superpower status

By David Kirichenko

The Iran war has sparked a sudden surge in international demand for Kyiv’s unique anti-drone expertise and highlighted Ukraine’s rapid emergence as one of the world’s leading drone warfare superpowers, writes David Kirichenko.

Conflict Defense Technologies

Dispatches Jan 21, 2026

To adapt to today’s security threats, NATO should prioritize the basics of defense innovation

Transatlantic allies must focus on accelerating defense innovation while strengthening their defense industrial bases.

Defense Industry Defense Policy

The Transatlantic Security Initiative aims to reinforce the strong and resilient transatlantic relationship that is prepared to deter and defend, succeed in strategic competition, and harness emerging capabilities to address future threats and opportunities.

Learn more

The Atlantic Council’s Cyber Statecraft Initiative, part of the Atlantic Council Technology Programs, works at the nexus of geopolitics and cybersecurity to craft strategies to help shape the conduct of statecraft and to better inform and secure users of technology.

learn more

Image: Flags flutter as the NATO foreign ministers' meeting takes place at the Alliance's headquarters in Brussels, Belgium April 4, 2023. REUTERS/Johanna Geron