NATO’s Designation of Cyber as an Operational Domain of Conflict offers some new and interesting possibilities in need of considering from the collective defense perspective:
Indeed, the designation of cyber as a domain of conflict is significant, and the ability to invoke Article 5 in response to a cyberattack (not all cyberattacks, just some of them. On this particular point, Stolenberg said that “a cyber attack can trigger Article 5, meaning that a cyber attack can trigger collective defence, because we regard cyber attacks as something that can cause a lot of damage and can be very dangerous. . . . but the same time I think it’s also important to understand that cyber is not something that always triggers Article 5.”
But one additional important aspect of designating cyber as a domain of conflict—for the most part, not mentioned in the news articles above—is that it opens the door for NATO to consider the role that offensive cyber operations might play in collective defense. In response to a direct question on this point from a Der Spiegel report who asked “does NATO need to develop also offensive cyber capabilities to possibly attack other, well, any attackers who try to do any harm to NATO countries?”, the official transcript shows that Stolenberg was silent on this matter.