NATO and its member states are facing an unprecedented threat to their security within the cyberspace. With its defensive and civilian network exposed to the cyberspace, how does NATO, a cold-war era organization, take charge of defense in the 21st Century? The leaders of NATO are well aware of the evolving defense environment. In 2007, NATO was given a wake-up call when banks, online publishers and government websites in Estonia were attacked, allegedly, by hackers attributed to Russia. While the attack did not result in any casualty, it exposed NATO to the stark reality that its united military might cannot stop and did not deter its enemies from embarking on this new type of modern warfare. In 2016, NATO leaders met in Warsaw and elevated cyberspace as another domain of operation equal to the land, sea and air.

During the Cold War, NATO deterred its enemies by a threat of collective retaliation. Article 5, the hallmark of the North Atlantic Treaty, states that an armed attack against one-member state shall be considered an attack against all of them. If the Warsaw Pact members would roll their tanks into NATO soil, it would unarguably trigger this provision. But in this new cyberspace domain, the threshold is blurry and what constitutes an armed attack in the cyberspace remains to be debated. Given this background, the team sought to provide NATO with practical policy recommendations on how it can best respond to the new challenges it faces, specifically addressing the question: what can NATO do to effectively improve its declaratory posture as a deterrence against cyber-attacks targeting member states?