Cyberspace is now established as an important domain of national and international security. Until recently, informed and open discussion on the responsible use of offensive cyber capabilities has been constrained by high levels of secrecy around national strategies for their use.
Insights as to how individual states view the utility of offensive cyber, and how they perceive and manage associated risks of escalation and conflict, have been hard to access. A lack of open debate around the limitations of cyber operations has also led to inaccurate portrayals of cyber capabilities as versatile ‘silver bullet’ solutions which can address a widening variety of security challenges.
This paper offers an in-depth exploration of new or revised national cyber strategies, authorization mechanisms and legislation in nine NATO states, and draws on interviews with national cyber experts. As well as aiming to promote more informed debate on the key issues, it presents important policy recommendations to support the responsible use of offensive cyber and to contribute to the achievement of a secure cyberspace for all.