NUPI Policy Brief

Upholding the NATO cyber pledge Cyber Deterrence and Resilience: Dilemmas in NATO defence and security politics

Published: 15 May 2017
Summary:

This Policy Brief clarifies the key concepts of traditional deterrence and explores how these apply to cyber deterrence for the NATO alliance. Firstly a range of problems inherent to cyberspace itself and to the translation of existing deterrence models to this domain are identified. Secondly a range of alternative and complementary approaches to deterrence are proposes that can assist in developing a new framework for conceptualizing NATO Alliance cyber deterrence. A rethinking cyber deterrence as a condition of success or failure is argued for: cyber deterrence must be reframed as an ongoing process, utilizing national and Alliance resources from multiple domains as a means to establish deterrence and resilience.

It is argued that traditional models of deterrence, drawn from the nuclear and conventional deterrence thinking of many decades’ standing, are inadequate for addressing the challenge of deterring cyber threats in the 21st century. The dynamism of the environment, the range of threats, the multiplicity of state and non-state actors, and the technical challenges of attribution – all require a reorientation of deterrence posture and practice. This reconceptualization must focus on cyberspace itself in an intensification of attention to its idiosyncrasies, but should also be open to a relaxation of orthodoxy in its incorporation of new outlooks and ideas, some of which may strain the established boundaries of deterrence theory.

Full text Policy Brief online version:
http://www.nupi.no/en/About-NUPI/Projects-centres-and-programmes/Cyber-Security-Centre/Upholding-the-NATO-cyber-pledge