NATO to create cyber rapid response force, increase cyber defense aid to Ukraine

The references the NATO declaration makes to cybersecurity depart from the past and reflect the increasing importance of cyberdefense to overall security, experts said.
U.S. President Joe Biden (L) speaks with NATO Secretary General Jens Stoltenberg during the start of a round table meeting at a NATO summit in Madrid, Spain on Wednesday, June 29, 2022. (Photo by SUSAN WALSH/POOL/AFP via Getty Images)

NATO announced plans Wednesday for a commitment to create a rapid response cyber force and to bolster military partnerships with civil society and industry to respond to cyber threats.

Coming on the heels of a meeting that included leaders from all 30 allied countries, the Madrid summit declaration also said NATO will do more to support Ukraine’s cyber resilience and defense against Russia while also focusing on China as a long-term and mounting cyberthreat.

“We are confronted by cyber, space, and hybrid and other asymmetric threats, and by the malicious use of emerging and disruptive technologies,” the declaration said. “We face systemic competition from those, including the People’s Republic of China, who challenge our interests, security, and values and seek to undermine the rules-based international order.”

The declaration’s mention of more military collaboration with industry is critical, said Jim Lewis, who directs the Strategic Technologies Program at the Center for Strategic and International Studies. 


“Paragraph 10 is the key, since it announces more civil-military cooperation and a rapid reaction force – these were the crucial elements of Ukraine’s successful cyber defense,” said Lewis, who was previously rapporteur and senior adviser for four U.N. Groups of Governmental Experts on Information Security.

Cooperation is a regular theme of the document.

“We will significantly strengthen our cyber defenses through enhanced civil-military cooperation,” the declaration says. “We will also expand partnership with industry. Allies have decided, on a voluntary basis and using national assets, to build and exercise a virtual rapid response cyber capability to respond to significant malicious cyber activities.”

The declaration is a departure from past iterations which have tended to rely on “routine ‘we are concerned about cyber’ add on statements” instead of the substantive focus in the declaration released Wednesday, said Mark Montgomery, senior director of the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies and the former executive director of the Cyberspace Solarium Commission.

“Cyber is now part and parcel of both the threat and the response that NATO looking at — it’s no longer some foreign object. It is something that they have been building steadily since [the] Lisbon [NATO summit] many years ago, and it’s become more and more prominent as time goes on. And that’s appropriate.”

Chris painter, former state department cyber official

Montgomery said the declaration’s increased commitment of cyberdefense support to maintain the resilience of Ukrainian critical infrastructure is significant “since the Russian cyberattacks on Ukraine are persistent and could more effectively impact Ukraine without western support.”

He also said he is heartened to see the alliance confirm the “importance of standing up to China in the gray zone as a unified group, confronting Chinese competition in cyber, information operations and other emerging technologies.” Montgomery noted that several Eastern European countries have contended with “the wrath” of the Chinese in the cyber domain.

The declaration couches its cybersecurity recommendations in what it calls a “radically changed security environment.” A “new baseline” for the alliance’s defense will rely on what the declaration refers to as a 360-degree approach, “across the land, air, maritime, cyber, and space domains, and against all threats and challenges.”

The tone of the declaration is significant for its enhanced focus on cybersecurity, said Chris Painter, the former top cyber official in the President Barack Obama’s State Department.

“Cyber is now part and parcel of both the threat and the response that NATO is looking at — it’s no longer some foreign object,” Painter said. “It is something that they have been building steadily since [the] Lisbon [NATO summit] many years ago, and it’s become more and more prominent as time goes on. And that’s appropriate.”

Russia declared war against Ukraine on Feb. 24., 2022. Before, during and after the military campaign began, the CyberScoop staff has been tracking the cyber dimensions of the conflict.

This story was featured in CyberScoop Special Report: War in Ukraine

Suzanne Smalley

Written by Suzanne Smalley

Suzanne joined CyberScoop from Inside Higher Ed, where she covered educational technology and from Yahoo News, where she worked as an investigative reporter. Prior to Yahoo News, Suzanne worked as a consultant to the economist Raj Chetty as he launched his Harvard-based research institute Opportunity Insights. Earlier in her career Suzanne covered the Boston Police Department for the Boston Globe and covered two presidential campaigns for Newsweek. She holds a masters in journalism from Northwestern and a BA from Georgetown. A Miami native, Suzanne lives in upper Northwest Washington with her family.

Latest Podcasts