Cyber Threat Intelligence: The Need for Coherence and Coordination
Regarding cyber threats as a key challenge to their core security interests, NATO and the EU jointly declared at the NATO Warsaw Summit in 2016 that cooperating in countering cyber threats will be of strategic priority. Both actors also have recognized that the provision of relevant intelligence is vital in response to these threats. The current EU Global Strategy underlines the necessity of timely information sharing and situational awareness: “In security terms, terrorism, hybrid threats and organized crime know no borders. Member State efforts should […] be more joined-up: cooperation between our law enforcement, judicial and intelligence services must be strengthened.” Simultaneously, NATO and the EU are in ongoing efforts toward the improvement of intelligence (sharing) capacities. What is needed though, is a clear strategic concept of tasks, competences, and fields of cooperation between the two.
At the EU level, there is a complex set of mandates shared between institutions regarding cyber security activities. Three quasi-intelligence bodies exist within the EU framework: the European Union Military Staff Intelligence Directorate (EUMS INT), the European Union Intelligence and Situation Centre (IntCen), and the European Union Satellite Centre (SatCen). They all play a significant role in the EU Common Foreign and Security Policy, including cyber security. Other bodies, such as the Hybrid Threat Centre of Excellence in Helsinki, explicitly aim at a closer cooperation between EU and NATO by sharing classified information and cooperating on analysis, prevention, and early detection, complete the cyber security landscape within the EU.
Within NATO this year, a fundamental reform has been put into place, with its new Joint Intelligence and Security Division (JISD) at NATO Headquarters, including a Terrorism Intelligence Cell and a special branch for hybrid analysis. Its mandate is to monitor and analyze all sorts of hybrid actions, drawing from military and civilian, classified, and open sources. However, JISD only complements existing NATO intelligence structures: established in 2006 NATO holds a military led Intelligence Fusion Centre in the United Kingdom and several committees (military, civilian, security) representing national member states’ intelligence services.
The present framework of NATO and EU intelligence has grown naturally without a common concept. While this has led to substantial progress in building up intelligence capacity, joint planning, coherent cooperation, and coordination are still required. This includes a clear definition of the various institutions and their responsibilities, especially with regard to a blurred space such as the cyber sphere.
The EU and NATO have twenty-two members in common. Facing identical security challenges, both should make an effort to plan intelligence cooperation strategically, based on commonly defined priorities. Intelligence, though remaining national sovereignty, will be the key to handling a large spectrum of threats and counter measures, requiring time and investments in financial and human resources. The transatlantic community should address this multifaceted issue and make it a priority of the NATO Summit in 2018.