Manfred Boudreaux-Dehmer
Image: MCSC

NATO's chief information officer on what Ukraine did right in its cyberwar with Russia

Russia’s war in Ukraine has set an unprecedented example of how cyber and kinetic operations can be combined to help nations achieve their military goals. And there are numerous lessons that other countries can learn from this experience, according to NATO's chief information officer, Manfred Boudreaux-Dehmer.

One practical takeaway for NATO countries is to adopt “the speed and agility with which Ukraine has responded to the situation," Boudreaux-Dehmer told Recorded Future News during a cybersecurity conference in Munich last week.

“For those working in large public organizations where decisions take time, it is essential to learn how to adjust our policies and procedures to move as fast as possible,” he said.

Among the things that Ukraine managed to implement quickly was bringing together people from the government, the military, industry, and society to confront Russia in cyberspace, according to Boudreaux-Dehmer. “They came together in a way I've never seen before anywhere else.”

Another decision that proved beneficial for Ukraine was transitioning its major systems to the cloud. Speaking at the Munich Cyber Security Conference, Boudreaux-Dehmer said that Ukrainians accomplished this with “remarkable” speed — within two weeks.”

This shift was crucial since the physical tech infrastructure in Ukraine was continuously subjected to shelling and missile strikes, making the virtual environment the only safe space.

This digital “fortification” was highly successful and is one of the reasons why we haven't witnessed the major cyberattacks on Ukraine that everyone expected, Boudreaux-Dehmer said.

Since the start of the war in Ukraine, cyberattacks on Ukrainian allies, including Poland, Latvia, Finland and Denmark, have also increased.

In traditional warfare, an attack on one NATO member state is regarded as an attack on all members. Article 5 of the North Atlantic Treaty allows the countries to invoke their right to individual or collective self-defense. However, these norms haven't been adapted for cyberwarfare.

“So far we haven’t seen the attack that can trigger Article 5,” Boudreaux-Dehmer said. But if there’s one, NATO can consider different options in how to respond to it — not only in the manner that it was attacked but also in a different way. “There’s a lot of flexibility when it comes to Article 5,” he added. As for how to respond to such attacks, different countries can have their own opinions. Given the ongoing war, Ukraine — not a NATO member — is leaning more toward a cyber offensive stance. The U.S. is famous for its proactive “defend forward” approach, seeking and countering potential threats at their source or in the early stages of an attack.

The European Union is considering creating a new EU cybersecurity reserve, consisting of incident response services from private sector providers ready to intervene at the request of a member state in case of a significant or large-scale cybersecurity incident.

NATO, however, focuses entirely on defensive cyber operations. “That is what NATO is about — we defend,” Boudreaux-Dehmer said.

Read More: Complete coverage from the 2024 Munich Cyber Security and Security Conferences

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Daryna Antoniuk

Daryna Antoniuk

is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.