by NATO Secretary General Jens Stoltenberg at the first annual NATO Cyber Defence Conference

  • 09 Nov. 2023 -
  • |
  • Last updated: 10 Nov. 2023 08:17

(As delivered)

Ministers, Excellences,
Ladies and gentlemen.

It’s really a great pleasure to welcome you all to this first NATO Cyber Defence Conference.
And to do so alongside Minister Baerbock.

And dear Annalena,
It’s great to see you again,
And thank you so much for your personal commitment to NATO,
For your strong message and also your leadership in providing support to Ukraine,
And not least your leadership on cyber,
Demonstrated by the fact that Germany, the foreign ministry, is hosting this cyber defence conference here in Berlin today.

Germany has always been a highly valued and very important Ally for NATO.

Germany makes important contributions to our shared security in many different ways.
You lead one of our battlegroups in the Baltic region, in Lithuania.
You have a presence in many different NATO missions and operations, including in Kosovo.

And you invest more in defence.
And of course we welcome the Zeitenwende, the 100 billion extra for defence,
And the very clear commitment to spend 2% of GDP on defence from next year,
And to sustain that commitment.

That will really strengthen our collective defence and make Germany an even more important Ally.

And then we also welcome that Germany demonstrates leadership and takes new initiatives,
Not only in addressing cyber threats and cyber defence,
But also, for instance, on how to protect critical undersea infrastructure,
Where Germany took initiative a year ago, which we have followed up in NATO to further strengthen what we do to protect critical undersea infrastructure.

So Germany is a very important Ally for this Alliance.

Then on cyber:
The fact is that it is impossible to imagine any conflict without a cyber dimension today.
And cyber attacks can be as damaging and as dangerous as kinetic attacks.

So that’s the reason why NATO for many years has taken cyber threats very seriously.

Before we had actually only three domains: air, sea and land.
And then we added cyber as an independent military domain to demonstrate how important we now assess that cyber threats are,
And the importance of strengthening what we do to defend against cyber threats.

We also agreed some years ago, as was referred to in the introduction, that cyber-attacks can trigger Article 5,
Which is the promise at the heart of our Alliance, that an attack on one will be regarded as an attack on all.
One for all and all for one.
Because cyber attacks can be as damaging as kinetic attacks.

There are many things that NATO has to do to be vigilant,
To be ready,
And to continue to adapt to an evolving and changing security environment in cyberspace.

But today, I will focus on three things.
First, rising strategic competition in cyberspace.
Second, better protecting our people and networks.
And third, working more closely with the private sector.

So first, strategic competition.
Authoritarian regimes, including China and Russia, are challenging our interests, our values and our security.
Including in cyberspace.

While China is not our adversary, it does not share our values.
And it is determined to shape the future of cyber space in its own image.
With little transparency and no regard for human rights.

Beijing uses new technologies as tools for repression at home.
And it is exporting its technologies, including facial recognition, as instruments of state control to countries around the world.
It is also proposing new internet protocols at the United Nations, to challenge the very notion of a free and open cyberspace.

When Russia mounted its full-scale invasion of Ukraine last year,
their tanks and troops were supported by massive cyber-attacks.
Including one that took out communications for Ukraine’s police, military and intelligence services.

Ukraine was able to weather many of these attacks,
Not least because it has worked closely with NATO Allies for many years to strengthen its cyber defences.
We share real-time information on malign activities.
We train and exercise together.
And Ukraine is a member of the NATO Centre of Excellence for Cyber Security.

So cyber is driving strategic competition.
And is part and parcel of modern warfare.

This leads me to my second point.
We need to better deter and, if necessary, defend against cyber-attacks.

Often these attacks are hard to detect and even harder to attribute.
But the absence of evidence is not evidence of absence.

At the NATO Summit in Vilnius, Allies agreed a new concept to enhance our cyber defence.

Politically, it means sending a strong message to potential adversaries that there will be consequences if they attack us.
And giving SACEUR the authority to respond when he needs to.

Militarily, it means having the required capabilities for defensive and offensive cyber operations.
And actively defending our share of cyberspace, including NATO’s own networks.

It also means showing our strength through exercises, such as Cyber Coalition,
one of the largest cyber exercises in the world.

Technically, it means building resilience across our societies.
In particular, we need reliable and secure communications systems, including 5G networks.

This means that we must avoid relying on equipment supplied by authoritarian regimes to build our digital backbone for the future.
We have seen the results of relying on Russia for our energy supply.
We should not repeat this mistake by relying on China to provide the technology for our critical networks.

Indeed, we need to work with every level of the private sector to make our systems harder to damage, more resilient, and quicker to bounce back.

And this brings me to my third point today. The private sector.

As we have seen in Ukraine, private companies, such as Microsoft, Amazon and Starlink, have become critical actors in their own right.

They have responded to direct requests from Kyiv for help,
Uploaded whole government departments to the cloud,
And used satellite networks for secure communications.

It is not possible to keep our nations safe without the private sector.
So we need to talk, to plan and exercise more together.

I know there are some in the private sector and private companies who think that cooperating with the military is somehow unethical.
But there is nothing unethical about helping Ukraine defend its country,
Nothing unethical about defending our own nations,
And nothing unethical about defending our freedom.

Without industry, there is no defence, no deterrence and no security.
So we need to get better at working together.

That is why this conference is so important.
Because it brings together governments and the private sector to discuss and address how we can work more closely together.

NATO is a unique transatlantic institution that brings together 31 – soon 32 – nations.
Every single day.

NATO is perfectly positioned to share information,
To spread innovation,
And to coordinate our collective defence in cyberspace.

So ladies and gentlemen,
We live in a more dangerous world.
And those dangers exist in the cyber-world as much as in the physical world.

Through NATO, we can work together to strengthen our own cyber-security,
Build a secure cyberspace for all,
And keep our one billion people safe.

So thank you so much for joining us here today.
And I wish you a productive conference.
Thank you so much.