NATO’s newly announced cyber operations center will allow the Alliance to “respond more effectively” to cyber attacks by integrating cyber measures with conventional military capabilities, according to an Atlantic Council analyst.
The Alliance has “always had significant conventional capabilities—land, air, and sea—now cyber can be included,” said Franklin D. Kramer, a distinguished fellow in the Atlantic Council’s Brent Scowcroft Center on International Security and an Atlantic Council board member.
“The value of the cyber operations center is that it will integrate the cyber capabilities with all of the rest of NATO’s military capabilities,” he said.
Kramer, who served as the US assistant secretary of defense for international security affairs in the Clinton administration, insisted that it is “key” to NATO’s security “to have all the capabilities of the Alliance able to work in synchronization, and to be able to use each capability as appropriate in the circumstance.” The structure provided by the new operations center will enable that level of coordination among NATO’s different military capabilities, facilitating the Alliance’s rapid response to any threats.
On November 8, NATO Secretary General Jens Stoltenberg announced that the Alliance would establish a new cyber operations center. He spoke at a meeting of the Alliance’s defense ministers to discuss updating NATO’s command structure.
“The adaptation of the NATO command structure will further strengthen our ability to reinforce allies quickly and effectively,” said Stoltenberg. The cyber operations center will be part of NATO’s enhanced command structure, and will be launched alongside a new maritime Atlantic command and a new logistics command. In this way, said Kramerhere will be “a cyber central organization that can work with the rest of the integrated military structure.”
According to Stoltenberg, the new maritime and logistics headquarters are designed to help the Alliance continue to adapt in order to face twenty-first-century threats. Likewise, he said,“We must be just as effective in the cyber domain as we are on land, at sea, and in the air, with real-time understanding of the threats we face and the ability to respond however and whenever we choose,” he said.
The new cyber operations center, part of the command enhancement, “will strengthen our cyber defenses, and help integrate cyber into NATO planning and operations at all levels,” said Stoltenberg.
NATO’s announcement of a new cyber operations center comes in the wake of Russia’s cyberattacks on and interference in the 2016 US and the 2017 French presidential elections, as well as other attacks in Europe.
According to Kramer, the significance of the new operations center is in the structure, which allows for the integration of of different national capabilities. “Especially in today’s world where cyber underlies a great deal of military activities and other activities, it’s crucial [for NATO] to be integrated,” he said.
Kramer said that the cyber capabilities for the new center “are going to be provided by the nations.” However, he noted that the nature of capabilities to be provided would be up to the nationsand that Stoltenberg’s comments in the press conference announcing the command left the matter ambiguous as to how they would fit into the NATO planning process. However, Kramer said, “I expect that NATO, which has always been a defensive alliance, can in its defense proportionately use cyber in an appropriate way.” Stoltenberg did note that “NATO allies have used [cyber] against ISIS in a very effective way.”
Despite the uncertainty surrounding the level of offensive capabilities and how they may be implemented, the new command will facilitate NATO’s responses to cyberattacks, which, as of the 2016 Warsaw Summit, could elicit an Article 5-level response. Article 5 of the NATO charter stipulates that if one ally is attacked, all members of the Alliance will come to its defense.
“The decisions with respect to the cyber center simply allows NATO to respond more effectively [to an attack] if necessary, because there is a structure for it,” said Kramer. Ultimately, he said, the operations center will facilitate a proportionate reaction to a threat, by either conventional or cyber means.