NATO’s Hybrid Strategy: Lessons from Ukraine [Interview]

PhD Aleksander Olech, Defence24.com: How do you assess the current level of the United Kingdom’s military and cyber readiness in light of global instability, technological competition and hybrid threats targeting Europe?

Sarah Armstrong-Smith, former Microsoft Chief Security Advisor and Board Member: The UK’s security posture must be defined by relentless adaptation and technological innovation in the face of global instability and hybrid threats.

Investments in cyber defence and intelligence sharing have strengthened the UK’s readiness, but the true measure of resilience lies in agility. The nation must continue to prioritise large-scale exercises and leverage emerging technologies to stay ahead of evolving adversarial tactics.

By integrating intelligence sharing frameworks and fostering collaboration with allies, the UK can build a more unified defence ecosystem. This approach not only enhances operational readiness but also supports the anticipation and countering of hybrid threats that blend cyber, information, and kinetic warfare.

To prevent miscalculated escalation and unintended consequences, diplomatic engagement and confidence-building measures must complement technical readiness. Maintaining open channels for dialogue and establishing mutual restraint in offensive cyber operations, especially those targeting critical infrastructure and citizens are essential for reducing the likelihood of a sustained crisis.

From your perspective, how can closer collaboration between the private and public sectors enhance collective resilience against large-scale cyber incidents and hybrid operations?

Resilience against large-scale cyber-attacks demands seamless collaboration between the private and public sectors.

The private sector’s stewardship of critical infrastructure makes its involvement in threat detection and incident response indispensable. Trusted frameworks for intelligence sharing and joint crisis management protocols accelerate response times and minimise the impact of attacks.

Beyond immediate response, shared risk reduction strategies must explicitly include de-escalation protocols alongside traditional measures, to prevent unintended consequences. Industry-led initiatives that promote responsible disclosure and transparency further reduce incentives for aggressive cyber postures, building trust and accountability among stakeholders.

This collaborative approach not only strengthens collective resilience but also supports the development of leading practices and secure-by-default countermeasures, enabling both sectors to stay ahead of emerging threats.

NATO continues to strengthen its eastern flank while facing constant cyber and information pressure from Russia. Do you believe the Alliance is ready for a hybrid confrontation that combines digital and military aggression?

While NATO has made significant progress in strengthening its eastern flank and enhancing cyber capabilities, readiness for hybrid confrontation requires a multidisciplinary approach.

The Alliance must ensure seamless integration of cyber defence with conventional operations, robust information warfare strategies, and rapid decision-making processes. Systematic removal of legacy infrastructure and building redundancy are vital steps towards sustained resilience.

Conflict prevention and mediation mechanisms should be embedded within NATO’s hybrid strategy to proactively address sources of tension before they escalate. Joint exercises that simulate both escalation and de-escalation prepare stakeholders to manage crises effectively, ensuring that peace-building processes are as well understood as escalation scenarios.

Public awareness campaigns that highlight the inherent risks of hybrid conflict foster a culture of restraint. By informing organisations and citizens of the broader threat and consequential impact, these initiatives encourage responsible behaviour and collective efforts to prevent unnecessary escalation.

The ongoing war in Ukraine has demonstrated the strategic importance of digital defence. What lessons should Western nations draw to ensure that cyber capabilities effectively support kinetic operations in future conflicts?

The war in Ukraine has demonstrated that digital defence is a decisive factor in modern conflict, shaping the outcome of kinetic operations.

Real-time situational awareness, rapid response, and resilient communication networks have proven critical in supporting government and military objectives. Robust contingency planning and international cooperation are essential for countering sustained attacks that target both military and civilian spheres.

Agility and innovation, supported by strong partnerships between military and industry, are mission critical. The ability to defend, pivot, and recover from cyberattacks while maintaining operational tempo can determine success in future conflicts. Horizon scanning and proactive planning must be prioritised to anticipate disruptive and destructive attacks.

Hybrid confrontation readiness is not solely about advancing digital and military capabilities; it also requires peacekeeping, and rapid ceasefire measures to protect citizens and essential services. Incorporating conflict prevention and mediation strategies into defence planning helps safeguard lives and maintain stability across the Alliance.

Artificial intelligence is transforming both attack and defence capabilities. How can responsible AI deployment improve crisis response and strategic decision-making without compromising security or ethics?

Agentic AI is already revolutionising hybrid conflict, but responsible deployment is essential to maintaining ethical integrity.

AI provides unprecedented speed, scale, and agility in both attack and defence strategies. Responsible and ethical deployment enhances crisis response and strategic decision-making through faster threat detection and predictive analytics. However, these benefits must be balanced with safeguards to prevent misuse, manipulation and disinformation, especially in active combat situations.

Governments and industry should establish clear guidelines for AI use, focusing on accountability, transparency, and human oversight in high-stakes decision-making. Collaborative research and open dialogue on AI ethics will help mitigate risks and build trust. International standards governing AI deployment should emphasise that the aim is conflict prevention, not just competitive advantage.

Joint initiatives between governments, industry, and international organisations can foster innovation in AI tools that support active dialogue, and peaceful resolution of disputes. Promoting public trust in AI as a tool for good is essential for its wider acceptance and responsible use

Looking ahead, what strategic priorities should define cooperation between governments, technology companies and international organisations to maintain an advantage over hostile cyber actors and ensure long-term stability?

Maintaining an advantage over hostile cyber actors and ensuring long-term stability requires strategic cooperation and proactive risk reduction measures.

Governments, technology companies, and organisations must align on interoperable security standards, invest in joint threat intelligence platforms, and foster innovation in cyber defence technologies. Proactive risk reduction measures built for longevity are central to building a robust defence ecosystem capable of countering tomorrow’s threats.

Long-term stability depends on cultivating a global community committed to reducing geopolitical tensions, establishing international norms, whilst enabling effective resilience. By prioritising proactive measures and mutual restraint, stakeholders can move beyond defensive postures and contribute to a more stable future.

Thank you for interview.

Sarah Armstrong-Smith is one of the UK’s leading cyber security speakers, working with The Champions Speakers Agency.