At the time of writing, the author was Assistant Legal Advisor Operational Law, Headquarters, Supreme Allied Commander Transformation (NATO HQ SACT). The views expressed herein are the author's own and to not necessarily reflect the official position or policy of NATO and/or HQ SACT. Abstract: At its Lisbon Summit (November 2010), NATO has adopted its Strategic Concept. The U. S. may soon adopt its Cyberstrategy 3.0 (originally expected for December 2010). Both strategy documents will contribute to a growing policy consensus regarding cyber security and defence as well as provide better policy insights regarding cyber offence. In doing so, they will contribute to a better understanding of how NATO and the U. S. want to prepare for, and conduct cyber warfare in a manner congruent with the law of armed conflict. In addition, they will determine to what extent this branch of the law needs to be better understood, developed, or reformed. Accordingly, this paper indicates how the existing legal and policy frameworks intersect with practical aspects of cyber warfare and associated intelligence activities, analyses how the new strategy documents develop and change the existing policy framework, and what repercussions this may have for the interpretation and application of the law of armed conflict. It also demonstrates how the new strategy documents inform the policy and legal discourse and hence help confirm that NATO and U. S. as well as other NATO Nations' cyber activities are, and will continue to be, lawful and legitimate.