NATO Defense Spending Should Privilege Cyber

The acting Pentagon chief’s visit to NATO headquarters recently hardly reassured allies rattled by President Trump’s talk of quitting the alliance. But while Trump’s rhetoric is less than encouraging, his criticism of allies who put less than the agreed-upon 2 percent of national economic output toward defense should prompt us to rethink how we define “defense spending” in today’s fast-changing world. 

Of NATO 28’s member states, only five meet the goal; German defense spending is just 1.2 percent of GDP. In this way, at least, Trump has a point: NATO’s economics are clearly not working out, and this disorganization is undermining the alliance. But the crucial adjustment that is needed is not the amount of spending, but what it seeks to fund. 

The face of war is changing dramatically as cyber and electronic attacks become increasingly commonplace, and so must our allies’ understanding of defense. 

Over the past year, state-sponsored Russian hackers have targeted both US elections and critical components of the country’s infrastructure. Chinese hackers appear to be equal, if not more, alarming. The number of data breaches at US companies rose 27 percent in 2017. Yet the most recent NATO document to outline financial expectations remains the Wales Summit Declaration of 2014, which dedicates only two paragraphs to cyber defense and focuses on conventional defense expenditures, including the “deployability and sustainability” of “land, air and maritime forces.” 

Over the last few years, NATO’s member-states have started to acknowledge this oversight and have taken steps to jumpstart the development of cyber capabilities. The alliance has recently announced the imminent release of its first holistic cyber-operations doctrine and the construction of a new cyber command center expected to be fully staffed and operational by 2023. 

The United States, Britain, Denmark, Estonia, and the Netherlands have pledged to use their digital defense systems to respond to a serious cyber-attack on a fellow member-state. 

The alliance has launched Locked Shields and other exercises to fine-tune digital battle tactics. And in the communiqués that followed last year’s summit, “cyber” appeared more often than “terrorism.” 

Yet NATO remains woefully unprepared for digital warfare, as highlighted in a Belfer Center report published last week. One example: only a fraction of a $3 billion fund for satellite communications and computer systems, around $100 million has been used to strengthen critical cyber-defenses. We need to be spending differently rather than simply more.

Instead of pressing fellow member-states for greater financial contributions in general, Trump should launch the development of a more precise economic strategy based on the nature, likelihood, and danger of the threats we currently face. This starts by working with our allies to revise and broaden the current understanding of what defense spending entails. An updated definition would focus on the categories that are most critical to transatlantic security given recent Russian and Chinese activities, but that are not currently included within the scope of the 2-percent target, such as the cyber-defense of electoral processes and of civilian infrastructure. 

Digital defense is cheaper and more easily deployable than its more traditional, asset-heavy counterparts. Thus, revising NATO’s current spending requirements to encourage member-states to spend even a fraction of GDP on bolstering their most vulnerable cyber-fronts would likely be more effective and achievable than current objectives. 

Most importantly for the successful implementation of such changes, recent developments have shown that NATO member-states are indeed willing to spend more on cyber-defense. 

Recently, the Italian defense minister Elisabetta Trenta, a member of Italy’s populist Five Star Movement and a known critic of military spending, demonstrated interest in boosting her country’s defenses in the digital arena. 

“Spending money to develop cyber security defenses should count the same as spending money to buy tanks,” she argued. 
While this view may prove a bit extreme for most NATO leaders, it does suggest a path forward for productive compromise, improved security, and a healthier alliance. 

DefenseOne

You Might Also Read: 

Cyber Attribution Could Tear Apart NATO:

 


 

 

« Hackers Are Focused On Hijacking Payment Data
Falling Returns Mean Cyberecriminals Are Turning To Unconventional Methods »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CORDIS

CORDIS

CORDIS is the European Commission's primary public repository and portal to disseminate information on all EU-funded research projects and their results.

CSL Group

CSL Group

CSL solutions provide complete end-to-end connectivity services for Security, Fire, Telecare and other mission critical M2M/IoT applications.

Ritz

Ritz

Ritz is the largest holistic pure-play cyber security solutions provider in Myanmar.

S2S Group

S2S Group

S2S Group specialise in the destruction and management of IT assets at the end of the lifecycle.

Austrian Institute of Technology (AIT)

Austrian Institute of Technology (AIT)

AIT is Austria's largest research and technology organisation and a specialist in the key infrastructure issues of the future including data science and cybersecurity.

Pinpoint Search Group

Pinpoint Search Group

Pinpoint Search Group's recruiters specialize in Information Management, Cyber Security, Cloud and Robotic Process Automation (RPA).

CertiPath

CertiPath

CertiPath create products and services that ensure the highest levels of validation for digital identities that attempt to access customers’ networks.

ITTAS

ITTAS

ITTAS is a multidisciplinary company specializing in information security and software and hardware protection software.

AML Global Solutions (AMLGS)

AML Global Solutions (AMLGS)

AMLGS delivers Financial Crime prevention training programmes and consultancy services encompassing Anti-Money Laundering (AML), Counter Terrorism Financing (CTF), Bribery & Corruption and Fraud.

Globant

Globant

Globant is an It and software development company. We leverage the latest technologies and methodologies to help organizations transform in every aspect, including software security.

Firmus

Firmus

As the leading penetration testing services provider in Malaysia, Firmus evaluates the ability of your internal or external information assets to withstand attacks.

Wazuh

Wazuh

Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.

Cider Security

Cider Security

Cider Security - It’s time to revolutionize the way Security, Dev and DevOps teams work together to supercharge security at the speed of engineering.

Transparity Cyber

Transparity Cyber

Transparity Cyber is dedicated to cybersecurity. As part of the Transparity Group we’re an established name in the Microsoft Cloud landscape, with a focus on cybersecurity excellence.

Avalor

Avalor

Avalor are on a mission to help security teams make faster, more accurate decisions by making sense of their data. With Avalor you can bring in data from anywhere, normalize it and analyze it.

Confidencial

Confidencial

Confidencial is a provider of solutions that help organizations secure their most sensitive information, regardless if that information exists inside or is shared outside the organization.