T-Minus Space Daily – “Cyber without Borders: The Human Side of Cyber Defense”

Special Edition | Part 2: A Day at NATO’s Cyber Coalition Exercise
February 23, 2026 | Host: N2K Networks

Episode Overview

This episode takes listeners inside a day at NATO’s 2025 Cyber Coalition exercise in Tallinn, Estonia. Focusing on the essential, often overlooked human dimension of cyber defense, the episode explores how multinational defense teams collaborate, communicate, and build trust to tackle evolving cyber threats. With first-hand field reporting and insights from military and legal experts, host Maria Varmazes and producer Liz Stokes spotlight the complex, high-stakes coordination between nations, agencies, and civilian partners during one of the world’s largest cybersecurity exercises. Key themes include the challenge of information sharing, legal and operational frameworks, and the ongoing shift from a purely technical approach to one that centers on people and cooperation.

Key Discussion Points & Insights

1. Context and Purpose of the Exercise

• Setting & Geo-Political Tension

  • Maria Varmazes sets the stage amid late January 2026 political upheaval in the US, noting its potential impact on NATO and global alliances. She frames the episode as a “time capsule,” documenting events just before recent turmoil.
    • Notable Quote: “All of that upheaval will undoubtedly influence how we and you interpret what we’re about to share here.” (02:29)

• What is NATO Cyber Coalition?

  • Liz Stokes recaps: It’s a major NATO cybersecurity exercise focused on “cooperation, trust, and mutual defense between allies,” unfolding largely out of public sight.
    • “We’re going to treat this episode as a time capsule of what we saw and learned in one day, where we were a guest of NATO at their cyber headquarters in Tallinn.” (03:37)

2. A Day at the Exercise – Scenes and Scenarios

• Morning Walk & Atmosphere in Tallinn

  • The symbolic presence of Estonian and Ukrainian flags underscores ongoing geopolitical tension (04:12).

• Opening Briefing: Key Themes and Scenarios

  • The core repeated phrase: Collaboration, Cooperation, Coordination (05:08).
  • Exercises based on real-world “ripped from the headlines” scenarios:
    • Network compromises, critical infrastructure attacks, hacked backups, and a special focus on cyber resilience in space.
    • “And there was an exercise entirely for cyber legal teams to hash out.” (06:08)

• Legal and Policy Complexity

  • Major Tyler Smith (US 16th Air Force) on Legal Scenarios:
    • (07:31) “Information sharing is one of the key things that we focus on…there’s not an overriding international law basis to share that information. That’s domestic policy, domestic law.”
    • The legal exercise pushes national teams to examine how, and under what laws, they share information across borders—pivotal in cross-national cyber defense.

• Customizable Participation

  • Nations pick from among seven scenario “storylines” (including the legal one), testing and refining their tactics, tools, and procedures in collaboration with both military and civilian industries (08:36).

3. The Human Factor: Cooperation & Trust

• Operational Challenges in Sharing Information

  • US Navy Commander Bryan Caplan on Hesitation and Trust-Building:
    • (11:19) “We would love the nations to, you know, jump right in and share stuff, but it's never the case...Some of the newer nations...are more timid to really either ask questions to other nations or provide information...The key...is to have mechanisms in place that steer the nations...to coordinate and work...to get further along.”

• Importance of Repeated Personal Connections

  • Icebreakers, pre-event planning, and relationship-building are crucial for enabling smoother information flow during the exercise and real-world incidents.

• Boundaries of the Exercise

  • The exercise is strictly defensive: “Detection, deferment, defense”—no offensive operations or red teaming (10:55, 20:38).

4. NATO’s Legal & Operational Framework

• Article 3 over Article 5

  • Irene Gibson (NATO Cyber and Digital Transformation Division):
    • (13:58) “Article 3...specifically says that allies may...separately and jointly, by means of continuous and effective self-help and mutual aid, maintain and develop their individual and collective capacity to resist an armed attack.”
    • The exercise focuses on self-preparedness and mutual aid, not just on the mutual defense clause (Article 5), highlighting the need for “continuous and effective self-help”—reinterpreted for cyber.

• Virtual Cyber Incident Support Capability (VSISC)

  • Described as “a fancy phone a friend.” Allows nations to request and coordinate support with all 31 NATO allies at once during crises. Elevates the concept that “cyber” is core to modern collective defense.
    • Notable Quote: “In cyber, to stand still is to be left behind.” (16:02)

5. Inside the Cyber Range: Human Stories and Culture

• Security & Physical Layout

  • CR14 (the NATO cyber range) operates under strict rules—akin to a military SCIF (Sensitive Compartmented Information Facility).
  • The atmosphere is functional, not flashy; cubicles marked by national flags.
    • “I was relieved to not see anything flashy, because...complex dashboards and threat maps...are the kind of thing you show to try and impress people who don't know any better. The real work of cybersecurity is decidedly unglamorous…” (17:44)

• Building Personal Connections: Thanksgiving Moment

  • Candice Sanchez (US 16th Air Force) shares about fostering relationships via shared meals:
    • (20:08) “There's a number of Americans out here. We're like, hey, let's just have Thanksgiving together. And then we started inviting our partners...a lot of them, this was their first time experiencing Thanksgiving. We learned just recently...they like deviled eggs.”

6. Reflections: Evolution and The Human Challenge

• Maturity of the Exercise

  • Major Tobias Malm (Swedish Armed Forces):
    • (23:21) “When I started like 13 years ago, it was very focused on the technical part...it has developed to what it is today...much more complex system of sharing information. It’s emphasis[ed] the importance of the cooperation within the alliance.”
    • Sweden’s participation illustrates how teams have grown from singularly technical to multi-agency, multi-disciplinary efforts.

• The Ongoing “Human Problem”

  • The biggest challenge is not tech but people: facilitating communication, clarifying what to share, how to package information, and making systems usable across cultures and bureaucracies.
    • Notable Quote: “We are usually not that good at communication as a human so we need to train that and, and this is an excellent opportunity to do that.” (24:54)

Notable Quotes & Memorable Moments

• On Legal Complexity:

  • Major Tyler Smith (07:31):
    • “We're putting out questions that are requiring our legal audience to look at their nation and look at their national laws and look at their domestic policy...there's not an overriding international law basis to share that information.”

• On Reluctance and Growth:

  • Commander Bryan Caplan (11:19):
    • “Some of the newer nations that are participating, they're more timid...So it, it is a challenge. And the key for us...is to have mechanisms in place that...get them to...go outside their comfort zone.”

• On Importance of Article 3:

  • Irene Gibson (13:58):
    • “Article 3...maintain and develop their individual and collective capacity to resist an armed attack.”

• On the Modern Cyber Paradigm:

  • Irene Gibson (16:19):
    • “In cyber, to stand still is to be left behind.”

• On Cultural Exchange:

  • Candice Sanchez (20:08):
    • “We gave them the experience of...cranberry sauce in a can...Some enjoyed it, some didn't, but it was definitely a staple we had to have.”

• On Evolving Approach:

  • Major Tobias Malm (23:21):
    • “...it was very focused on the technical part...now...it's more focused on operations and sharing of information, how do we do it, which system we use and etc.”

• On Why Communication Needs Practice:

  • Major Tobias Malm (24:54):
    • “We are usually not that good at communication as a human so we need to train that and, and this is an excellent opportunity to do that.”

Timestamps for Important Segments

• 02:16 – Maria Varmazes introduces context and reflects on real-world political turbulence
• 03:27 – Recap and framing as a “time capsule”
• 04:12–07:31 – Opening briefing, exercise scenarios, and legal exercise intro
• 07:31 – Major Tyler Smith on legal scenario challenges
• 11:19 – Commander Bryan Caplan on nation-level information sharing reluctance
• 13:58 – Irene Gibson explains NATO Article 3 and its relevance to cyber defense
• 14:52 – Introduction and role of the Virtual Cyber Incident Support Capability
• 17:13–20:08 – Inside the cyber range: physical security, room description, Thanksgiving anecdote
• 23:21 – Major Tobias Malm reflects on how the exercise and alliance have matured
• 24:54 – Malm emphasizes the importance—and challenge—of communication

Concluding Insights

This episode powerfully demonstrates that cyber defense is not merely a technical challenge—it is inherently about people, trust, and collaboration across borders and cultures. The evolution of NATO’s Cyber Coalition exercise from a technical drill to a sophisticated, multi-layered operation, with ever-increasing emphasis on legal frameworks, human relationships, and information sharing, mirrors the broader trajectory of global cybersecurity. The episode closes with the promise that the next and final part will reflect on the wider meaning of these experiences in today’s turbulent world.

Produced by Maria Varmazes, Liz Stokes, Trey Hester, Jennifer Ibin, Mayan Plout, and Peter Kilby.