Summary of NATO's Data Exploitation Framework Strategic Plan

1. Introduction

1.1. In October 2021, the Data Exploitation Framework Policy (DEFP) was approved by the North Atlantic Council (NAC) and endorsed by the Defence Ministers, with the following vision to achieve information superiority and data-driven decision making at all levels across the Alliance by fully leveraging the value of NATO generated, national, and publicly available data.

1.2. The DEFP called for the Alliance to develop a Strategic Plan to provide practical steps to implement and achieve its people, process and technology-related strategic objectives, namely to:

• Empower our people to derive maximum value from data through a user-focused and leader driven approach.
• Establish a framework of coherent policies, processes, and simplified implementation guidance for leveraging Alliance, Enterprise, Coalition and public initiatives to enable data exploitation.
• Establish a single logical environment for the Alliance, “secure and governed by design”.

1.3. This Strategic Plan fulfils that task, by setting out priority Alliance data exploitation use cases, strategic level Lines of Effort (LoEs), and Alliance roles & responsibilities to facilitate their coherent implementation. These aim to advance the Alliance’s data exploitation agenda, to move NATO towards a data-centric organisation, and to enhance NATO’s data exploitation maturity by 2024.

1.4. The Data Exploitation Framework (DEF) Strategic Plan has been agreed by the Council and endorsed by the Defence Ministers in October 2022.

2. Alliance data exploitation use cases
 
2.1. Data exploitation efforts both within the Enterprise and the Alliance should be leadership-driven and user-led. NATO’s data exploitation is to be driven by current and future operations and functional requirements organised in use cases.

2.2. These Alliance priority data exploitation use cases help identify opportunities and allow future activities to be prioritised, without inhibiting the potential for data initiatives in non-priority areas. Data exploitation use cases in the following areas are put forward as priority: Cyberspace Situational Awareness, Publicly Available Information Analysis for Situational Awareness, Resilience Assessment, Geospatial Analysis, Archiving and Information Management Automation, Space Analysis, Maritime Situational Awareness and Multi-domain Operations.

3. Lines of effort
 
3.1. In order to implement the Alliance priority data exploitation and AI use cases and to achieve the DEFP objectives, a comprehensive approach is required. LoEs have been identified to address the data governance, data standardisation and connectivity, data architecture, data analytics & AI integration, and data culture challenges. Additionally, these LoEs will rely upon and contribute to the ongoing efforts towards a NATO digital backbone and NATO’s digital transformation.

3.1.1. Data governance provides the roles and responsibilities, principles, policies, processes, frameworks, tools, metrics, and oversight required to effectively manage data throughout the data exploitation lifecycle, from creation to disposition.

3.1.2. Data management and connectivity standardisation involves the employment of commonly recognised approaches for the management, exchanging, and exploitation of data, including proven methods for representing and sharing data. These standards should be applied at the earliest practical point in the data exploitation lifecycle and industry standards for an open data architecture should be used wherever practical.

3.1.3. Data architecture should consider data accessibility enabled by Enterprise cloud and other open-architecture capabilities, allowing for different technology platforms and levels of data classification. This is critical to ensure that data is made available when required by all authorised users.

3.1.4. Data analytics and AI integration into NATO’s digital capabilities, decision-making and operational processes are necessary in order to fully leverage the advantages that data exploitation could provide. These will need to continuously evolve as NATO progressively adopts advance digital technologies and data science capabilities.

3.1.5. Data culture is key in moving NATO to a data-centric organisation, and will require a transformation of the workforce and NATO’s ways of working, as part of the ongoing digital transformation efforts.

4. Approach
 
4.1. The Strategic Plan will help ensure that NATO’s data exploitation will be underpinned by core Alliance values and by principles of responsible development and use reflecting our shared values and consistent with applicable international law. Our efforts will be built in secure, trusted, and reliable environments. These data exploitation efforts will be driven by a strong, collaborative culture which encourages sharing of data.

4.2. This Strategic Plan will be reviewed in Q2 2024.