But the scale of cyberespionage and the scale of cyberattacks is growing, and the frequency is very high," said David Cattler, NATO's assistant secretary-general for joint intelligence and security, at the December discussion in Brussels.
"I'd say on balance, except for probably some really big efforts, are not deterred."
Reassessing the relevance of deterrence in cyberspace marks a major shift in military strategic thinking, says Richard Harknett, U.S. Cyber Command's 2016 scholar-in-residence.
A holdover from the Cold War, the idea behind deterrence and escalation, too, is that since there's no defending against a nuclear attack, the key is convincing an opponent that launching one is too costly in the first place.
Until recently, there's been a belief in cyber that "we're not threatening enough.
We don't have the punishment right," Mr. Harknett says.
Strategy as it's currently being pioneered is less about trying to arrest all hacking operations – an unrealistic prospect given the interconnectedness of the internet – as it is to understand and shape them so allies can better protect themselves.
After historically taking "a very defensive approach" to cyber operations, officials are now mulling whether there is "anything from an offensive perspective that this alliance wants to have in its tool kit,"
Ambassador Julianne Smith, U.S. permanent representative to NATO, said at a discussion sponsored by the German Marshall Fund of the United States last month in Brussels.
In crafting NATO's new cyber strategy, senior security and intelligence officials for the alliance say they were informed by a series of "increasingly destructive" cyberattacks by Russian and Chinese actors over the last few years.
When Ukraine was hit by a spate of strikes on its government computer systems in January, as Russian troops massed on its border, NATO officials were watching closely.
They had been working "for years," they noted, to shore up the embattled nation's cyber defenses, though it's not a NATO member entitled to Article 5 protections.
What the incursions had in common was that, though damaging, they fell below the threshold of armed attack.
It was increasingly evident, too, that the alliance needed to be more "proactive" in cyberspace, Mr. van Weel said.
"It's about not limiting our options to just waiting for a massive attack.
It's about recognizing that what happens below that threshold of a massive attack is worthy of our attention."
But NATO doesn't want to be too clear about what the new threshold is, Mr. van Weel added.
"The key to the policy is that there is no set bar, and there is a deterrent effect that will go from that."
Behind the scenes, as cyberattacks were playing out, the U.S. was doing some heavy lobbying for a shift in the alliance's strategic thinking, says Max Smeets, director of the European Cyber Conflict Research Initiative.
This was driven in large part by the Russian meddling in Western elections, and the dawning understanding that a series of cyberattacks can cumulatively tear away at the fabric of democratic society.