Planning for Cyber in the North Atlantic Treaty Organization

US Department of State

Report Chapter, NATO Road to Cybersecurity, pages 43-50

July 8, 2016

Author:Kate Miller, Research and Project Assistant, Cyber Security Project

Belfer Center Programs or Projects: Cyber Security Project


While the issue of cyber operations beyond NATO’s own networks is a politically difficult one given the complex mosaic of national, transnational (EU), and international law; the role of national intelligence efforts in certain types of operations; and ever-present disputes over burden-sharing, the Alliance already has invaluable experience in developing policies and procedures for contentious and sensitive tools in the form of the Nuclear Planning Group (NPG). This article begins with a brief overview of actions NATO has already taken to address cyberthreats. It will then explore why these, while important, are insufficient for the present and any imaginable future geopolitical threat environment. Next, it will address the history of the NPG, highlighting some parallels with the present situation regarding cyber and drawing out the challenges faced by, and activities and mechanisms of, the NPG. Finally, it will make the case that a group modeled on the NPG can not only significantly enhance the Alliance’s posture in cyberspace, but can serve as an invaluable space for fostering entente and reconciling differences on key aspects of cyber policy. It concludes that the Alliance needs to consider offensive cyber capabilities and planning, and it needs a Cyber Planning Group to do it.


For more information about this publication please contact the Cyber Security Project Director at 617-495-1343.

Full text of this publication is available at:

For Academic Citation:

Miller, Kate. "Planning for Cyber in the North Atlantic Treaty Organization." Swiatkowska, Joanna, ed., "NATO Road to Cybersecurity," Kosciuszko Institute, July 8, 2016.