We have rules for land, sea, air, and space.

Cyberspace? Not so much.

While international humanitarian law applies in principle, cyber warfare remains structurally different. There is no NATO-specific cyber treaty defining thresholds, proportionality standards, or enforcement mechanisms. Instead, we rely on policy statements, strategic concepts, and political consensus.

This session explores:

• How traditional Just War principles translate, or fail to translate, into cyber operations
• The gap between normative affirmation and enforceable obligation
• The problem of proportionality in non-kinetic attacks
• Escalation risks in ambiguous attribution environments
• Civilian infrastructure as an interconnected digital battlespace
• Whether voluntary norms can sustain deterrence

Rather than arguing that treaties are inherently superior, this talk examines the structural implications of operating without codified cyber warfare agreements.

Key takeaways:

• A clear breakdown of the ethical frameworks currently influencing cyber operations
• An understanding of where governance ambiguity creates strategic risk
• Insight into how alliances navigate escalation without clear treaty thresholds. Practical considerations for security professionals operating in dual-use environments

This is not a policy lecture. It is a practitioner-informed look at what ethical ambiguity means for those building, defending, or securing critical systems.