NATO, the North American Treaty Organization, is starting to take cybersecurity a lot more seriously. In 2016, members of NATO—which include America, the United Kingdom, Germany, France and Canada—agreed to a “Cyber Defence Pledge” that outlined how member militaries would prepare for future threats.

Anyone interested in global cybersecurity policies or how military organizations are developing cybersecurity guidelines should learn more about this pledge. So what is it? And what does the NATO Cyber Defence Pledge mean for you?

What Is NATO’s Cyber Defence Pledge?

man in black shirt sitting at desk typing on black laptop with coding on it in a black room

Last decade, members of NATO came together to agree that cyberattacks could be just as harmful as conventional ones. A successful hack could easily knock essential infrastructure offline.

As a result, NATO members came together to adopt a Cyber Defence Pledge, a list of statements on cybersecurity that all signatories agree with. The full text of the Cyber Defence Pledge is available on NATO’s website, along with other important cybersecurity documents—like the NATO cyber defense policy PDF. It’s broken down into six sections and five subsections.

The main sections describe the current NATO purpose related to cybersecurity and beliefs about its importance. For example, section three begins:

“We reaffirm our national responsibility, in line with Article 3 of the Washington Treaty, to enhance the cyber defenses of national infrastructures and networks.”

Subsections I through V fall under section five and describe actions that NATO members will take to improve their cyber defenses. These actions include investing in better cybersecurity training, developing a deeper understanding of cyber threats, and allocating adequate resources to cyber protection.

NATO treaty members regularly hold a summit on the pledge, called the NATO Cyber Defence Pledge Conference. This conference is an opportunity to discuss topics related to cyber defenses and promote cybersecurity cooperation between NATO members.

Why Did NATO Create the Cyber Defence Pledge?

Military organizations worldwide are now taking cybersecurity seriously. As legacy systems are connected to the internet and cyberattackers develop more advanced strategies, civilian and military technology have become much more vulnerable to attack.

Military organizations are creating formal cybersecurity guidelines at the national and international levels.

For example, the U.S. Department of Defense recently adopted the Cybersecurity Maturity Model Certification (CMMC). The guidelines in the CMMC define cybersecurity practices that military contractors need to adopt.

High-profile events like the Colonial Pipeline attack show what can happen when a hack is successful. Hackers stole account credentials from Colonial Pipeline employees. They used them to infect the business’s network with malware, which locks down critical files until the company pays a large ransom.

The ransomware attack shut down the Colonial Pipeline, which supplies a major portion of the East Coast’s gas, for over a week. There was a brief supply shortage in response, and prices rose significantly. The pipeline’s owners eventually paid and were able to restore service.

State actors could use similar tactics to attack critical military and civilian infrastructure. If successful, they may significantly disrupt everyday life and military operations.

These guidelines don't come as a result of any high-profile cyberattacks on NATO specifically; however, as more countries affirm their desire to join, the threat vectors become wider and a uniform approach is needed.

Why Does the NATO Cyber Defence Pledge Matter?

female soldier with a black headset on focusing intently

The average person may not understand the NATO cyber command’s relevance in day-to-day life. However, it’s important for businesses and contractors working with military organizations and people interested in global politics to understand it.

Unlike the CMMC and other cybersecurity regulations, the Defence Pledge is not a list of guidelines that contractors and businesses working with NATO must follow. Instead, it outlines ideals and goals that NATO members have been working toward since the pledge was first adopted in 2016.

Related: Cybersecurity Myths Debunked for the Common Man

Experts and military contractors view the pledge as a useful representation of the current state of cybersecurity internationally. Most organizations believe they need to do more to tackle growing challenges and shore up newly discovered vulnerabilities or exploits.

What Is the Importance of NATO’s Cyber Defence Pledge?

Since 2016, NATO has formally defined its commitment to cyber defenses. The Cyber Defence Pledge outlines the organization’s beliefs about cybersecurity and its actions to share member technology.

Cybersecurity is more important than ever, and ongoing conflicts mean cyber defense is often a national security interest. Familiarity with the Defence Pledge is helpful for anyone whose work relates to NATO or cybersecurity; similarly, it also shows a renewed effort to tighten vulnerabilities, so remains an important document for everyday life.