Rose Gottemoeller, deputy secretary general of NATO, has said she believes cybersecurity attacks could undermine the international alliance’s missions and hamper collective defense initiatives with its allies.

Gottemoeller offered her insights on the importance of cybersecurity efforts at the NATO Information Assurance Symposium that took place in Mons, Belgium, the organization said Thursday.

“We have to be just as effective in the cyber domain as we are in the physical world,” she told event audience.

She also delivered remarks during a workshop about gender gap in the cybersecurity field.

The alliance estimates that women currently account for 10 percent of the global cyber workforce.

NATO’s Communications and Information Agency hosts a cyber symposium annually as part of efforts to generate discussions of emerging cyber trends and threats.

The Defense Department is in talks with heads of cloud service providers on how to streamline cloud security requirements in a rulebook the Defense Information Systems Agency issued in 2015, Federal News Radio reported Thursday.

DoD’s Cloud Security Requirements Guide offers information on security controls that should be adopted by cloud vendors in order to process or host defense data at several security levels.

“We have not made a decision that we will redo the SRG, but I think we are taking into consideration feedback from our industry partners on where we need to adjust,” said Essye Miller, deputy chief information officer for cybersecurity at DoD.

Miller told reporters the DoD CIO’s office conducted two separate meetings with cloud service vendors in the last two months in order to determine how to make security requirements less prescriptive and specific.

“The discussion was really, truly to the point: What are those things that industry can provide for us and where do we need to adjust, not only in terms of requirements, but to shift our language from specifically what we’re looking for in terms of solutions to expected outcomes,” she added.

DoD’s move to simplify cloud security rules came a month after Deputy Defense Secretary Patrick Shanahan issued a memo that details the agency’s plan to form a new steering group that will work to develop and oversee the implementation of a strategy to advance the adoption of commercial cloud platforms and services.

Defense Secretary James Mattis has asked Congress to remove a language in the proposed fiscal 2018 National Defense Authorization Act that would pressure the U.S. to notify foreign governments of cyber attacks in the event that the Defense Department has decided to counter such breaches, Reuters reported Thursday.

“The nature of cyber attacks is ever evolving, and we need to maintain our ability to take decisive action against this increasingly dangerous threat,” Mattis wrote in a Tuesday letter to Congress.

His letter comes as House and Senate conference members start to reconcile the two NDAA versions.

The Washington Examiner reported that Mattis also expressed his concerns about the potential impact of budget caps set in the 2011 Budget Control Act on the country’s military readiness.

“Current caps continue to unnecessarily defer critical maintenance, limit aviation availability, delay modernization, and strain our men and women in uniform,” he wrote.

Mattis also asked Congress to authorize another round of base realignment and closures and raised objections to several provisions in defense policy bills, such as the establishment of a new space corps and proposed reforms to the military health system.

The Office of Management and Budget has released a memorandum that requires federal civilian agencies to submit their annual Federal Information Security Modernization Act reports to OMB and the Department of Homeland Security by March 1, 2018, MeriTalk reported Wednesday.

Agencies should also file their FISMA reports with the Government Accountability Office and Congress, OMB Director Mick Mulvaney wrote in the memo published Monday.

The document directs agency heads to submit to OMB chief and DHS secretary letters that include a detailed assessment of their organization’s data security policies and practices; number of cyber incidents reported through DHS’ U.S. Computer Emergency Readiness Team Incident Reporting System; and each incident’s description that includes vulnerabilities and threats.

Agencies should also report through the CyberScope online platform their breach response plans; privacy plans; continuous monitoring strategies for privacy; and written policies to justify that any new effort to collect Social Security numbers is needed.

The memo also requires agencies to inform inspector generals and Congress of any cyber breach within seven days through reports that contain information on threat actors, risk assessments performed on affected data infrastructure and remediation measures.