CyberWire Daily: Cyber Without Borders – The Human Side of Cyber Defense
Special Edition: NATO’s 2025 Cyber Coalition Exercise, Part 2
Date: February 23, 2026
Host: N2K Networks
Reporter: Maria Varmazes
Producer: Liz Stokes
Episode Overview
This episode—the second in a three-part special—takes listeners behind the scenes of NATO’s massive 2025 Cyber Coalition exercise in Tallinn, Estonia. Rather than focusing on technical details, the episode spotlights the crucial human element of cyber defense: trust, cooperation, and coordination among and within NATO allies. Maria Varmazes and Liz Stokes provide a first-hand account of a day at NATO’s cyber range, painting a nuanced portrait of how international cyber defenders train and collaborate under heightened geopolitical stress. The episode explores the intersection of technology, policy, and the human relationships that underpin cyber defense.
Key Discussion Points & Insights
1. The Geopolitical Backdrop (01:29)
- Context Matters: Maria candidly frames the episode against the backdrop of late January 2026—a period of political turmoil in the United States and uncertainty about NATO’s future.
- “This is not something I would normally share about the sausage making of a podcast, but in this case the greater context really matters.” – Maria Varmazes (01:46)
2. What is NATO’s Cyber Coalition? (02:40)
- Exercise Focus: Multinational, collaborative cyber exercises test readiness in responding to real-world scenarios, much of which happens out of the public eye.
- Location: Maria and Liz attended in Tallinn, Estonia—a nation with a pivotal role in NATO’s cyber operations.
3. A Day at NATO’s Cyber Range (03:25)
- Morning Sights: Symbolic displays—Estonian, Ukrainian, and NATO flags flying together—set the tone of solidarity amidst ongoing global tensions (03:33).
- Current Events Interwoven: The impending US-Russia talks over Ukraine and local skepticism about peace prospects color the atmosphere.
4. The Human Core of Cyber Defense (06:44)
- Emphasis on Collaboration: The recurring phrase throughout briefings—collaboration, cooperation, coordination—highlights that defending cyberspace is as much about human connection as technology.
- Realistic Scenarios: Defenders face situations drawn from the headlines, with some exercises extending to cyber-readiness in space and legal dilemmas.
- Legal Complexity: Major Tyler Smith (16th Air Force) explains the challenges of integrating national laws and policies into information sharing:
- "There's not an overriding international law basis to share that information. That's domestic policy, domestic law ... This is a good opportunity to kind of blend that international flavor of what we're doing." (06:44)
5. Civil-Military Interdependence & Non-Technical Focus (07:49)
- Defense Beyond Military Networks: Many exercises center around response coordination among military, civilian, and private sector partners, reinforcing that most infrastructure is not owned by the military.
- No Offense, Only Defense: Strictly non-offensive—no “hackbacks” or red teaming. The focus is on detection, deterrence, and defense.
6. The Challenge of Information Sharing (10:32)
- Reluctance Across Borders: US Navy Commander Bryan Caplan details the cultural hurdles for nations to trust and freely share information:
- "We would love the nations to, you know, jump right in and share stuff, but it's never the case ... So, yes, it's definitely challenging, but it's a good challenge. And that's why we really have the exercise—to kind of push those boundaries and get that flow of information, you know, up and down, left and right. And it really does help out." (10:32)
- Building Trust: Icebreakers and relationship-building are incorporated to foster openness among participants, yet national policies sometimes constrain what can be shared.
7. NATO Charter: Article 3 and Cyber Defense (12:31)
- Emphasis on Article 3: While Article 5 (collective defense) is well-known, Article 3 (self-help and mutual aid) is cited as a guiding doctrine for cyber readiness.
- Irene Gibson, NATO’s Cyber & Digital Transformation Division, reads Article 3:
- "Allies may, separately and jointly, by means of continuous and effective self help and mutual aid, maintain and develop their individual and collective capacity to resist an armed attack." (13:11)
- Irene Gibson, NATO’s Cyber & Digital Transformation Division, reads Article 3:
- Technology as a Force Multiplier: The episode discusses the deployment of the Virtual Cyber Incident Support Capability (VSISC), a “fancy phone a friend,” enabling multi-lateral crisis coordination across 31 allied nations.
- "In cyber, to stand still is to be left behind." – Irene Gibson (14:05)
8. Daily Life Inside the NATO Cyber Range (15:50)
- Security Culture: The cyber range—located in CR14—is a heavily-secured “SCIF” (Sensitive Compartmented Information Facility). No personal electronics allowed; media closely escorted.
- Unremarkable by Design: The workspace appears mundane—cubicle arrangements, curtains for privacy—but is all business, focused on teamwork more than high-tech showpieces.
- Cultural Exchange: U.S. service members brought Thanksgiving traditions (like canned cranberry sauce) to share with international colleagues, fostering camaraderie in small, memorable ways:
- "We learned just recently this year, they like deviled eggs. We brought cranberry sauce in a can...Some enjoyed it, some didn't, but it was definitely a staple we had to have." – Candice Sanchez (19:20)
9. Tactical Transparency and Strategy (19:51)
- Practicing for the Unknown: NATO remains tight-lipped on operational details for obvious reasons, emphasizing a strategic deterrence message both for listeners and adversaries.
- Growing Maturity: Maria notes how the exercise mirrors the wider cybersecurity industry’s maturation—from tool-centric to process- and people-centric approaches.
10. Human Systems Evolve (22:34)
- Growth Over Thirteen Years: Major Tobias Malm (Swedish Armed Forces) reflects on the program’s evolution from technical training to broad, multi-agency operational complexity:
- "When I started like 13 years ago, it was very focused on the technical part ... then it has developed to what it is today where you have a much more complex system of sharing information, its emphasis, the importance of cooperation within the alliance." (22:34)
- Global, Not Geographically Bound: Malm underscores that cyber defense is borderless; efficient, secure communication and sustained training are crucial:
- "The whole domain with cyber, since it's not geographically locked, we need to share information and work together with others and we need to train that because it's not as easy as you can imagine." (24:06)
Notable Quotes & Memorable Moments
- Maria Varmazes on context:
"This is not something I would normally share about the sausage making of a podcast, but in this case the greater context really matters.” (01:46) - Major Tyler Smith on legal dilemmas:
"There's not an overriding international law basis to share that information. That's domestic policy, domestic law." (06:44) - Cmdr. Bryan Caplan on human challenges:
"We would love the nations to ... jump right in and share stuff, but it's never the case ... So, yes, it's definitely challenging, but it's a good challenge." (10:32) - Irene Gibson on paradigm shifts:
"In cyber, to stand still is to be left behind." (14:43) - Candice Sanchez on Thanksgiving at the cyber range:
"We brought cranberry sauce in a can ... Some enjoyed it, some didn't, but it was definitely a staple we had to have." (19:20) - Major Tobias Malm on the evolution of the exercise:
"When I started like 13 years ago, it was very focused on the technical part ... then it has developed to ... a much more complex system of sharing information ..." (22:34)
"We need to train [communication] because it's not as easy as you can imagine." (24:06)
Important Timestamps
- 01:29 – Maria on the political atmosphere and podcast "time capsule" setting.
- 03:25 – Description of arrival and morning in Tallinn, Estonia; flags and symbolism.
- 06:44 – Major Tyler Smith discusses legal scenario and information sharing.
- 10:32 – Cmdr. Bryan Caplan on cultural and policy hurdles in cooperation.
- 13:11 – Irene Gibson introduces NATO Article 3's relevance to cyber defense.
- 14:05 – Description of the VSISC tool and the paradigm shift in military cyber thinking.
- 15:50 – Inside NATO’s cyber range; security protocols and workplace atmosphere.
- 19:20 – Candice Sanchez on the Thanksgiving tradition at the exercise.
- 22:34 – Major Tobias Malm on the exercise’s progression and complexity.
- 24:06 – Malm on the need to train communication above all.
Summary Takeaways
- Cyber defense is deeply human. Trust, relationship-building, and cross-cultural understanding are as vital as sophisticated tooling and processes.
- NATO’s cyber exercises increasingly stress communication and real-world complexity. The growth from technical tabletop to integrated, multi-agency coordination echoes the maturing cybersecurity landscape.
- Information sharing remains the core challenge. Legal, political, and cultural factors can impede full cooperation, even among allies.
- Readiness depends on constant evolution. The ability to adapt, share, and respond as a community is what defines resilience.
- Personal touches matter in high-stakes environments. Shared meals or small traditions strengthen bonds and bridge international divides.
- Geopolitical uncertainty shapes both the context and the interpretation of alliance readiness. As world events churn, these "time capsules" reveal both progress and persistent vulnerabilities.
Next Episode Preview:
The third installment will move from recounting experiences to analyzing broader implications for global cyber defense in today’s tumultuous world.
![Cyber without borders: The human side of cyber defense. [Special Edition] - CyberWire Daily cover](/_next/image?url=https%3A%2F%2Fmegaphone.imgix.net%2Fpodcasts%2Ff77d4ea2-0ea2-11f1-86b2-17a3b0d34c34%2Fimage%2F0216c9cea15c53e5d2c739964a38623c.png%3Fixlib%3Drails-4.3.1%26max-w%3D3000%26max-h%3D3000%26fit%3Dcrop%26auto%3Dformat%2Ccompress&w=1200&q=75)