TL;DR -NATO formally recognized cyberspace as a domain of operations in 2016, marking a shift from treating cyber as an IT problem to viewing it as a strategic threat requiring collaboration between civilian and military experts across the alliance.
The Birth of NATO’s Cyber Defence
Speaker: ir. Martin De Pauw (NATO CCDCOE)
Date: December 2, 2025
This Tech & Meet provided fascinating historical and strategic context for how NATO has evolved to recognize cyber as a critical operational domain. Rather than a purely technical presentation, Martin De Pauw blended personal anecdotes from his career with insights into NATO’s broader cyber strategy.
His career trajectory from working on F-16 systems to shaping NATO’s cyber defence strategy illustrated how the importance of cybersecurity has grown within military and strategic contexts. The session traced this evolution, showing how cyber operations transformed from niche concerns into a recognized operational domain alongside traditional military domains.
A key historical point was 2016, when NATO formally recognized cyberspace as a domain of operations. This was significant because it acknowledged that cyber threats have real, tangible consequences. They’re not just IT problems but strategic threats to national and alliance security.
The presentation emphasized several important principles:
People, processes, and technology are equally important. NATO’s approach to cyber defence isn’t purely technical, it requires strategic thinking, inter-organizational coordination, and clear decision-making frameworks.
Zero Trust thinking is becoming essential. The assumption that a defended perimeter is sufficient, is outdated. Modern threats require continuous verification and skepticism about what’s happening within networks.
Small actions can cascade. A single misconfigured system or unpatched vulnerability can be an entry point for sophisticated attacks.
The session also addressed AI weaponization, noting that systems like large language models have already been abused in coordinated cyber attacks. This is not theoretical, it’s an emerging threat that defenders need to understand and prepare for.
What stood out most was the emphasis on integration and collaboration. Cyber defence at a national and alliance level requires civilian and military experts working together, understanding different perspectives, and coordinating responses. Critical infrastructure is increasingly mapped by adversaries, and modern threats don’t respect traditional boundaries.
For cybersecurity professionals, this session highlighted the importance of understanding security at scale. Individual organization security matters, but it exists within a larger strategic context where nation-states and alliances are actively defending critical systems and infrastructure.