To keep pace with the rapidly changing threat landscape and maintain robust cyber defences, NATO adopted an enhanced policy and action plan, which were endorsed by Allies at the 2014 NATO Summit in Wales. The 2014 policy established that cyber defence is part of the Alliance's core task of collective defence, confirmed that international law applies in cyberspace, set out the further development of NATO's and Allies' capabilities and intensified NATO's cooperation with industry.
The NATO Computer Incident Response Capability (NCIRC), based at SHAPE in Mons, Belgium, protects NATO's own networks by providing centralised and round-the-clock cyber defence support. This capability evolves on a continual basis and maintains pace with the rapidly changing threat and technology environment.
NATO has also established a Cyberspace Operations Centre in Mons, Belgium. The Centre supports military commanders with situational awareness to inform the Alliance's operations and missions. It also coordinates NATO's operational activity in cyberspace, ensuring freedom to act in this domain and making operations more resilient to cyber threats.
To facilitate an Alliance-wide common approach to cyber defence capability development, NATO also defines targets for Allied countries' implementation of national cyber defence capabilities via the NATO Defence Planning Process.
NATO helps Allies to enhance their national cyber defences by facilitating information-sharing, exchange of best practices and by conducting cyber defence exercises to develop national expertise. Similarly, individual Allied countries may, on a voluntary basis and facilitated by NATO, assist other Allies to develop their national cyber defence capabilities.