Since the start of Russia’s full-scale invasion in 2022, Ukraine has faced a sustained and evolving wave of cyberattacks aimed at disrupting critical state functions and undermining societal resilience. Russian cyber actors have consistently sought to identify and exploit the digital sphere alongside conventional military strikes as part of a broader strategy designed to weaken Ukraine’s capacity to govern and sustain its war effort.1
After four years of full-scale war, governments, private-sector actors, and research institutions are increasingly attempting to distill lessons from Ukraine’s experience to inform future models of cyber defense assistance (CDA). This report analyzes the CDA provided to Ukraine by foreign governments, the private sector, and coordination mechanisms to better understand the CDA delivery process and structure.
The outcomes of this paper reveal the following:
- Foreign government CDA and private-sector CDA differ in various aspects: the size of CDA delivery, the speed of mobilization and implementation, and the types of assistance delivered.
- Coordination mechanisms could allow for more visibility and efficiency but also have been prone to administrative friction and a lack of consistent transparency practices.
- Hardware remains a high priority, but an emerging focus on training could signal a shift towards longer-term resilience and domestic capabilities.
