The NATO Emerging Security Challenges Division teamed up with Carnegie Europe to organize the conference The World in 2020 – Can NATO Protect Us? The Challenges to Critical Infrastructure.
Threats to critical infrastructure, such as cyber attacks international terrorism and attacks on energy supply, can be devastating to the livelihoods of modern societies and cannot be met by military means alone. The conference with renowned speakers from NATO, academia and national administrations discussed NATO’s role in meeting security challenges to critical infrastructure.
The conference report can be downloaded here:
When searching for information on this topic, potentially useful keywords to use include :
- cyber defence
- cyber terrorism
- cyber threats
- cyber attacks
- cyber deterrance
- cyber warfare
- cyber battles
- cyber-physical systems
This LibGuide is intended to provide a few starting points to assist you with your research on issues related to cyberspace security, in particular, in the NATO context. Good places to start your research include:
- NATO's Topic page on Defending Against Cyber Attacks
- NATO Cooperative Cyber Defence Centre of Excellence (CCD COE) in Tallinn, Estonia
- NATO Review's articles/videos on cyber attacks as well as the June 2013 edition on Cyber - the good, the bad and the bug-free (includes videos, photos, a timeline, infographics, etc.)
- The article, NATO's Cyber Capabilities: Yesterday, Today, and Tomorrow by Healey and van Bochoven (February 2012) provides a good overview of NATO's cyber capabilities.
- The report On Cyberwarfare (2012) by Fred Schreier includes a glossary and very good selected and thematic bibliographies (Official documents, NATO, OECD, by country, Information Warfare, Cyber Security, Books)
- The Cyber Special Edition (Fall 2012) of Strategic Studies Quarterly (vol. 6, no. 3)
- The Cybersecurity: Shared Risks, Shared Responsibilities (2012) edition of I/S: A Journal of Law and Policy for the Information Society (vol. 8, no. 2)
- the article Cyberspace Is Not a Warfighting Domain (2012) by Martin Libicki
- The Tallinn Manual on the International Law Applicable to Cyber Warfare (2012). The 300-page manual was written by a group of 20 researchers at the invitation of NATO's Cooperative Cyber Defense Center of Excellence in Tallinn, Estonia. In an article of the Washington Times published in March 2013, Michael N. Schmitt, the manual’s lead author, considers this manual as “a starting point for discussions about the law.”
- the NATO CCD COE's e-learning course on Cyber Defence Awareness (available for free but registration is required)
- The Cyber Conflict Bibliography by the Jacob Burns Law Library, George Washington University Law School
- The European Union Institute for Security Studies in a September 2013 paper (Cyber world: site under construction) asks questions about a new cyber world order and governance of cyberspace, stressing the possible future role of the EU in that domain.
In the NATO Bucharest Summit Declaration (April 2008), the Heads of State and Government adopted a Policy on Cyber Defence (see para. 47): "NATO was one of the first to announce a cyber defense policy package in response to cyber attacks against Estonia in 2007" (from a dissertation published by Tartu University Press in 2011, Comprehensive legal approach to cyber security by Eneken Tikk).
In May 2008, seven NATO nations and the Allied Command Transformation signed the documents for the formal establishment of a Cooperative Cyber Defence (CCD) Centre of Excellence (CoE) in Tallinn, Estonia.
On 23 April 2010, NATO concluded a memorandum of understanding with Estonia to facilitate exchange of information and to create a mechanism of assistance in case of cyber attack. This "MoU" is not for public release. Similar agreements have also been signed with Slovakia, Turkey, the United Kingdom and the United States.
On 7 February 2010, NATO nations met to boost cooperation on cyber defence through multinational projects. The session was a follow-up to the Lisbon Summit and a high-level cyber defence meeting held at NATO Headquarters on 25 January 2011. On 27 February 2011 General Stéphane Abrial outlined NATO's cyberdefense efforts since the adoption of the New Strategic Concept in the New York Times op-ed NATO Builds Its Cyberdefenses. Establishing multi-national efforts in Cyber Defence will further enhance their cyber defence capabilities in a collaborative, cost-effective manner.
On June 8, 2011 NATO Defence Ministers adopted a new cyber defence policy. The new policy focuses on prevention of cyber attacks and building resilience. The policy clarifies political and operational mechanisms of NATO’s response to cyber attack and integrates cyber defence into NATO’s Defence Planning Process.
According to Colonel Ilmar Tamm, Director of the NATO Cooperative Cyber Defence Centre of Excellence from 2008-2012:
"...the North Atlantic Treaty Organisation cooperative cyber defence centre of excellence – or NATO CCD COE - is sponsoring and actively participating in the writing of the manual on international law applicable to cyber-warfare – or MILCW. This is expected to be published by the end of 2012. The manual is meant to address all the legal issues under a framework of both international use-of-force law and international humanitarian law. In addition, it examines related problems such as sovereignty, state responsibility and neutrality. We are confident that this manual will help the international community answer many unanswered questions, especially those regarding retaliation." (Source)
By the end of 2012, the NATO Rapid Reaction Team consisting of NATO cyber defence experts will be operational. "The RRT capability will consist of a permanent core of six specialised experts who can coordinate and execute RRT missions. There will also be national or NATO experts in specific areas. Their numbers and profile will be determined on the basis of the mission to be carried out." (Source)
NATO Cooperative Cyber Defence Centre of Excellence in cooperation with its partners is organising an international cyber defence exercise from 26th to 28th of March. The goal of the exercise is to support the Multinational Experiment 7, train IT specialist and legal experts, and learn from the activities of the teams. (Source)
In March 2013, five NATO countries (Canada, Denmark, the Netherlands, Norway and Romania) agreed to collaborate on the “Multinational Cyber Defence Capability Development Project". The countries will "improve the sharing of technical information; shared awareness of threats; and develop advanced cyberdefense sensors." (Source)
In their first-ever meeting dedicated to cyber defence on Tuesday (4 June 2013), NATO Defence Ministers agreed that the Alliance’s cyber-defence capability should be fully operational by the autumn 2013, extending protection to all the networks owned and operated by the Alliance. The NATO Secretary General said: “Cyber attacks do not stop at national borders. Our defences should not, either.” (Source)
"Scholars involved in a project sponsored by NATO’s Cooperative Cyber Defence Centre of Excellence in Tallinn will meet in February 2014 to consider what options governments have, under international law, to respond to cyberattacks from other countries." The project, called the Tallinn Manual 2.0, is due to be published in 2016 and is a follow-up to the 2012 Tallinn Manual. (Source: "NATO-backed Project Explores Legal Options To Respond to Cyberattacks" in Defense News, 23 January 2014).
There is a regular cooperation going on between the EU and NATO experts.
In addition to sources found on the internet (e.g. websites, news & blogs, reports, etc.), a select number of articles and books available from the NATO Multimedia Library have been included in this guide. These sources of information are by no means a comprehensive collection. The selection criteria was based on the sources' currency and relevancy to this topic.
Furthermore, quick search boxes for online databases subscribed by the Library (available to staff working at NATO HQ) as well as links to the library catalog are available for you to locate additional resources.