Leading the Digital Charge: Insights from NATO’s Inaugural Chief Information Officer
In an era defined by rapid technological advancements and evolving geopolitical landscapes, NATO is at the forefront of digital transformation. Dr. Manfred Boudreaux-Dehmer, NATO’s inaugural Chief Information Officer, is spearheading this initiative, integrating cutting-edge technologies and enhancing operational readiness across member nations. In this interview, Dr. Boudreaux-Dehmer shares his career journey, NATO’s strategic approach to digital innovation, and the critical role of cybersecurity in safeguarding the Alliance’s mission to ensure global security. Join us as we explore how NATO is leveraging technology to navigate the complexities of modern defence and prepare for the challenges of tomorrow.
Click below to access the digital brochure version
Career Journey: Can you share your career journey and what led you to your current role as NATO’s inaugural Chief Information Officer?
I started my career in Germany, where I was a data entry clerk, computer operator, and then a programmer on an IBM midrange system. From there, I joined the international headquarters of Compaq Computer Corporation in Munich and later transferred to their Latin American headquarters in Houston, Texas. I spent nine years there, taking on increasing responsibilities in IT for Latin America—at one point, I even had a second office in Brazil. Compaq and HP merged in 2002, and I joined HP’s IT group for the Americas. At that time, I got into the nascent field of data analytics and later moved into strategy and planning for supply chain systems, as well as offshore development and support in Asia.
I left HP and took on global IT leadership at Sierra Wireless, a 5G and Internet of Things pioneer, in Vancouver, Canada. After eleven years of integrating several acquired companies and divesting non-strategic parts of our business, it was time to do something else.
This brings us to 2021 when I came to NATO as the first CIO, with the mandate to provide coherence for our large and diverse systems footprint, advancing our digital transformation journey and overseeing cybersecurity.
NATO’s Digital Transformation: How is NATO driving digital transformation across its operations, and what are the key initiatives enhancing communication, collaboration, and defence capabilities?
Our member nations, now 32 with the recent addition of Sweden and Finland, approved our Digital Transformation Strategy in 2022. We then converted this into an implementation strategy and subsequently into an action plan that steers the work we have to do within the NATO Enterprise. The NATO Enterprise covers 50+ organisations spanning strategic commands, agencies, headquarters, schools, training centres, and several research facilities that we operate to conduct the business of the Alliance.
NATO’s purpose is to guarantee safety and security for our member nations, which amounts to about one billion people—the approximate population count of all Allied nations. We fulfil this purpose through deterrence and defence, where the latter is a prerequisite for the former. The “business at hand” is, therefore, a strong military that is technologically advanced and able to defend the Alliance when needed. Our Digital Transformation focuses heavily on defence capabilities, particularly in Multi-Domain Operations. In addition to the traditional military domains of Air, Land, and Sea, NATO added two more in recent years: Space and Cyber. We work diligently on our systems landscape to integrate all five domains so that our military commanders have the combined range at their disposal.
Naturally, the North Atlantic Treaty (also referred to as the Washington Treaty) is the “north star” in everything we do. After all, NATO is named after our founding document, which recently celebrated its 75th birthday. Article 4 of the treaty specifically discusses consultation among Allies, which underlines the importance of communication and collaboration in our daily work. From an IT perspective, we consistently improve our communication capabilities, allowing Allies to meet virtually to discuss and decide on issues together. The emphasis here is to guarantee the availability, confidentiality, and integrity of our networks, especially in adverse situations, through multiple redundancy mechanisms.
Cybersecurity Strategy: Given the growing threats of cyber warfare, how does NATO ensure the security and resilience of its IT infrastructure and protect sensitive information?
There is a people, processes, and technology component to your question.
For the first component, people, we aim to hire the very best. We all know that talented cybersecurity specialists are hard to find, but NATO has a unique value proposition that is firmly rooted in our purpose of guaranteeing the safety and security of Allies. If you have cyber skills and want to help defend freedom and the rules-based international order, take a close look at NATO. What we do is truly remarkable!
Additionally, what many people do not know, and what I am immensely proud of, is that we have a strong Diversity and Inclusion program. I work in the International Staff of NATO, and there are five staff resource groups, led by volunteers, who work hard to consistently advance our collective understanding and embrace diversity. These groups do not just exist on paper; they actively focus on racial diversity, young professionals, working parents, staff with disabilities, and the LGBTQIA+ community. I am proud to be involved in the latter as their executive sponsor.
Processes need to be documented, but more importantly, they must be ‘lived’ to ensure consistent improvement. We spend a lot of time exercising different cybersecurity scenarios through various methods. These range from cybersecurity training programs supported by Artificial Intelligence to formal tabletop exercises where dozens of participants attend. Our internal AI-supported training courses are impressive; they measure a learner’s confidence in their answers and adapt subsequent questions. This means that the person taking the training will never be bored by a barrage of questions where the answers are obvious. The system quickly measures what the student knows and how well information sticks in their memory. The tool then pivots to the parts of the training material where the learner is less knowledgeable or less confident in their answers.
Finally, there is technology. In addition to well-known and standard protection mechanisms, we also employ AI and other advanced technologies in areas such as threat assessment, event correlation, and adaptive networks. These tools take over a lot of the routine work, allowing our analysts to truly analyse and think ahead.
Data Analytics in Defense: How is NATO leveraging data analytics and AI to improve decision-making and operational readiness across its member nations?
I touched upon this question previously. Much like any other business, we seek to employ data analytics in a forward-looking fashion. We want answers to questions that we did not know we had! This is an iterative cycle—the more we connect the dots across different data elements, the more we can anticipate what we want to know next.
Moreover, we want data and AI to be used responsibly. We have set up a Data and Artificial Intelligence Review Board (DARB) that defines our strong value framework and puts guardrails around how we look at data and what we do with it. We also carefully examine outcomes to check for unconscious bias or constellations in data that simply do not make sense. Additionally, we have an extensive security ring around our AI tools to protect them from maleficence.
When connecting with member nations, NATO is all about interoperability. If you think about it, interoperability, at all levels, is in the DNA of the Alliance. There are 32 nations that put their capabilities and strengths together, resulting in an outcome that is larger than the sum of its individual parts. This necessitates that everything works together—people, processes, the language and abbreviations that we use, weapon systems, ammunition, and of course, technology. We have large communities and work programs set up to ensure the interoperability of networks and systems between Allies.
Challenges in Defense IT: What are the main challenges you face in managing NATO’s vast IT systems, and how are you addressing them to ensure seamless operations across multiple nations?
NATO completed its 75th birthday this past April, so we are not a new organisation. In addition to that, we are highly federated, which means that we have a heterogeneous system environment that has grown organically over decades. This also means that obsolescence management is a major factor that we constantly keep in mind. If we could set up an environment from scratch, it would look different, but we have an installed base and therefore a path dependency.
When it comes to obsolescence replacement, there are two types: like-for-like replacements and new capabilities. For the former, we recently changed our internal process substantially, treating technology refresh as an ongoing activity.
Then, there are new capabilities where we substantially modernise our technology footprint and drive initiatives forward that we need to successfully transform digitally.
The biggest contributing factor to this is the acceleration of cloud computing. I see this as ‘killing two birds with one stone’—we achieve a level of seamless interoperability that would otherwise be difficult to attain, and we shift obsolescence management to Cloud Service Providers who treat this as their core business.
I talked earlier about the value that comes from 32 nations pulling on the same rope. This applies not only to interoperability but also to knowledge. We have several forums in place where Allies and the NATO Enterprise learn from each other as we progress in our respective cloud and digital transformation journeys.
Cloud Computing and Scalability: How is NATO adopting cloud technologies to enhance its operational flexibility, and what role does scalability play in supporting NATO’s missions?
We are pushing cloud computing very aggressively. We are on an accelerated track to move data and systems into the public cloud for the types of data that are appropriate to be housed there. This is done in a secure fashion where we work extensively with Cloud Service Providers to set up protected environments. Let’s not forget that in addition to supporting NATO’s core competencies of collective defence, crisis management, and cooperative security, we also have a real basic need for regular business applications such as Enterprise Resource Planning, HR, websites, email, collaboration tools, and others. There is no reason why these should not run in the cloud.
Naturally, we are conscious of what we do with our ‘crown jewels,’ and there we opt for highly secure cloud environments that are appropriately air-gapped and protected.
Scalability is another advantage that we gain from cloud computing, in addition to moving obsolescence management to vendors and co-locating data that is then much easier to analyse. The scalability aspect of the cloud is important for us. The past years have shown us again that the geopolitical landscape can change quickly. We need to be ready to support an urgent need, a military mission, with the computing power that is necessary to respond to that need.
Collaboration with Allies and Partners: How does NATO collaborate with member states and external partners to develop and implement cutting-edge IT and cybersecurity solutions?
There are two dimensions to this – the Alliance and industry. For the 32 Allies, we work through the Digital Policy Committee at NATO that sets (and approves) the technological direction regarding IT and cybersecurity solutions. The committee consists of representatives of the IT leadership in each nation; in many cases, these are the CIOs of the national departments of defence. I have a tight link to my colleagues in the capitals, and we commonly determine what IT and cybersecurity technologies we are pursuing.
Then, there is industry. I also maintain a very close relationship with companies that can provide NATO with technology solutions that will move the Alliance forward. This often happens through conferences. We have a significant one coming up that takes place every two years and is organised by the NATO Communications and Information Agency: NATO Edge. It is designed to facilitate collaboration between NATO, political leaders, industry, and academic partners to provide technology and innovation to enhance NATO capabilities.
Digital Innovation in Defense: What emerging technologies, such as AI, machine learning, or blockchain, are you most excited about, and how do you see them shaping the future of NATO’s defence operations?
Everybody talks about AI, and NATO is no different. This is what I am most excited about when looking at the technology’s potential and the use cases that we are working on. We are running a number of interesting pilots in the areas of ChatGPT, language translation services, and cybersecurity. These are just three examples of where we are active now. Whenever we have to make sense of a vast amount of data, where answers build upon themselves – and where knowledge cumulatively adapts – we have an opportunity to apply Artificial Intelligence.
Cybersecurity is a perfect example, as I discussed in a previous answer. We use AI for threat assessment, event correlation, and adaptive networks. This frees up our analysts in the Security Operations Centre to focus on higher-level activities that will make a difference.
What many people may think about is AI-supported Automated Weapon Systems (AWS). This bears a great ethical responsibility, which is front and centre with AI, but it is especially needed when it comes to weapons. Our aim is to always support the commander with the best possible situational awareness to make the right decisions. The decision will still be made by the commander—a human.
Future Vision for NATO IT: What are your future plans for NATO’s IT strategy, and how do you see the role of technology evolving in strengthening defence capabilities and global security?
I already talked about our Digital Transformation effort, which is a galvanising force for many of our plans that we are driving forward. Digital Transformation starts with two fundamental building blocks, with the cloud being one of them. The second one is the development of NATO’s Digital Backbone to enhance and adapt existing services and capabilities. Through this, we ensure universal connectivity and data transport across systems that service the different military domains.
An important end goal in Digital Transformation is Multi-Domain Operations, meaning the seamless interplay of our systems to enhance situational awareness, orchestrate operational effects, embed risk management and digital mission assurance, adopt new capabilities, aggregate data, and bolster security and the protection of personal data.
At the same time, we will also continue the journey of digitally transforming our business and communication systems that we use to run the organisation and enable what is enshrined in Article 4 of our founding treaty: consultation among Allies.
In doing all of the above, we will continuously embed transversal new technologies in the fields of AI and data analytics. We have our work cut out!
About the role of technology: it will become increasingly important in the future for global defence and security. There simply is no defence engagement without it. Or as a former colleague of mine on the military side once said, “a military exercise without sophisticated and connected systems would only be a camping trip.”
