In June 2011, NATO adopted a new cyber defence policy and the associated Action Plan, which sets out a clear vision of how the Alliance plans to bolster its cyber defence efforts. This policy reiterates that the priority is the protection of the NATO network but that any collective defence response is subject to a decision by the North Atlantic Council, NATO’s principal political decision-making body.
The revised policy offers a coordinated approach to cyber defence across the Alliance. It focuses on the capability to better detect, prevent and respond to cyber threats against NATO’s networks. All NATO structures will be brought under centralised cyber protection to deal with the vast array of cyber threats it currently faces, integrating these defensive requirements into the NATO Defence Planning Process. This way, Allies will ensure that appropriate cyber defence capabilities are included as part of their planning to protect information infrastructures that are connected to the NATO network and critical for core Alliance tasks. The revised cyber defence policy also stipulates NATO’s cooperation with partner countries, international organisations, the private sector and academia.