Securing Cyberspace: NATO’s Cyber Defence Policy As A Security Dispositive

Abstract

Cyberspace is a physically borderless space that challenges the rules and norms of international relations. The cyber attacks on Estonia in 2007, the cyber component of the Russo-Georgian War in 2008, as well as the cyber attacks that accompanied the Russian invasion of Ukrainian Crimea in 2014, are all events that alerted states and international organizations to the role of the cyber domain in interstate conflict and international security. The prospects of cyber war and the cyber attacks in Eastern Europe prompted the North Atlantic Treaty Organization (NATO) to develop norms and regulations to secure the digital infrastructures of its member states. NATO’s Cyber Defence Policy has developed into a security dispositive, a combination of practices and discourses that are meant to respond to the cyber threat in the name of cooperative security and collective defence. NATO’s cyber security dispositive has evolved from a defence policy concerned with the protection of its internal digital infrastructure in 2002 to a security network embedding cyber attacks into existing discourses of deterrence, information warfare and hybrid warfare in order to normalise cyber threats and incorporating them into existing political discourses of warfare and security.