It's Time to Establish the NATO of Cybersecurity

Cybercriminals already operate across borders. Nations must do the same to protect their critical infrastructure, people, and technology from threats foreign and domestic.

Asaf Kochan, Co-Founder and President, Sentra, and Former Commander of Unit 8200

October 24, 2023

4 Min Read
NATO flag
Source: iliya Mitskovets via Alamy Stock Photo

Despite an onslaught of media coverage on cyberattacks and the impact of cybercrime on businesses and governments around the world, most people and, worse, most countries still don't view cybercrime as a national security issue.

Unlike some other areas of organized crime, cybercrime poses a direct threat to national security and the everyday lives of citizens. These malicious actors can target critical infrastructure like hospitals, pipelines, the financial system, energy facilities, shipping ports, and airports. One of the most well-known examples of the impact cybercrime can have on critical infrastructure and how quickly things can go wrong is the Colonial Pipeline ransomware attack and its aftermath, which disrupted economic activity.

National Intelligence Agencies Are Focused Elsewhere

However, even as the damages inflicted by cybercrime increase every year, national intelligence agencies remain focused on other national entities and terrorist groups. This leaves private organizations on their own, unarmed and incapable of dealing with malicious actors' growing sophistication and resources.

This is a colossal mistake that could lead to catastrophic consequences. Cybercrime is the central threat in cyberspace. To effectively combat it, nation-states must recognize the harm it can do and take proactive steps to lay the foundation for an international alliance for cybersecurity. Picture it as the NATO of cybersecurity. By coming together as a group, these nation-states can better protect their people, critical infrastructure, and proprietary technology from cyber threats, while also strengthening international relations.

To date, countries have failed to rise to the occasion. Some would even venture to say that we're moving backward, as international tensions rise as a result of the war in Ukraine and other conflicts. Additionally, the ever-growing patchwork of data privacy laws has created new roadblocks for information sharing and response times. In order to shift the narrative and get on the right course to establishing a new international organization geared to the mitigation of, protection against, and punishment of cybercriminals, we first must establish three overarching branches of enforcement.

  1. The intelligence branch: Whether you're in Asia, Europe, Latin America, or North America, cybercriminals use the same methods and tactics to conduct attacks. However, today, each country deals with cybercriminal activities independently, negatively impacting information sharing, resources, and expertise. Establishing an intelligence branch would serve as a hub that collects and centralizes information on malicious actors, and their methods, tools, and attacks. By developing a comprehensive database on cybercriminals, each member of this international cyber alliance would benefit from shared knowledge, enabling them to enhance their ability to prevent and respond to cyber threats effectively.

  2. The policy and strategy branch: Using the information and data collected by the intelligence branch, a policy and strategy team would be able to develop best practices, guidelines, and regulations that serve as the bedrock for a robust national cyber environment. By sharing and implementing these policies, the alliance can create a common framework that enhances cybersecurity measures and minimizes vulnerabilities across borders.

  3. The operations branch: Lastly, any new international cybersecurity alliance will need an operations branch. This branch would be responsible for implementing, executing, and enforcing laws, as well as taking actions to deter cybercriminals and legally pursuing them. By collectively responding to cyber threats, the alliance can demonstrate a unified front against cybercriminals, making it more challenging for them to exploit vulnerabilities across member countries.

In addition to establishing the three branches of the alliance, there are several other key components that are necessary. These include infrastructure, a host country, and like-minded member countries:

  • Infrastructure: An undertaking on this scale would require a robust physical and virtual presence to facilitate seamless information sharing, collaboration, and coordinated responses. Without this, nations and industries would continue to struggle with information sharing, mitigation, and enforcement.

  • Host country: Similar to other international organizations, it is advisable for the alliance to have a host country that can facilitate the organization's operations. The United States is the most obvious choice. Given the country's technological capabilities, innovative culture, and history of leadership in cybersecurity, it would be the ideal candidate for hosting the international alliance for cybersecurity.

  • Like-minded member countries: The success of the international alliance depends on member countries sharing common values such as liberal principles, a free market, democratic governance, and the protection of human rights. As in other military alliances, the member countries would form a unified attack surface, and operate together to fight attacks.

Cybercriminals already operate across borders, sharing knowledge and collaborating on a global scale. It's time for nations to do the same to protect their critical infrastructure, people, and technology from threats foreign and domestic.

About the Author

Asaf Kochan

Co-Founder and President, Sentra, and Former Commander of Unit 8200

Asaf Kochan is a leading practitioner of state-level cybersecurity, and has actively engaged in planning, coordinating, and implementing national policy in cyberspace. He is a respected and sought-after speaker on global cybersecurity issues, and he has presented at major technology and security events throughout the world. Sentra, a cybersecurity startup that enables cloud-driven organizations to regain control and secure their data, was founded in 2021 with a seed funding round of $23 million.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights