Just to clarify one term, Mr. Chair, “active cyber” is a mixture of what we would consider active defence and what we would consider offence. It's the difference between standing on your castle wall waiting till the guys are coming in through your wall and then attacking them or seeing the guys come to your wall and attacking them there. That's active defence. The other is going to the other person's place to actively attack.
What's the intent? If my intent is to defend myself, I can still be active, but it's to defend my own equities. If my intent is to attack another person's networks, that's offensive. “Active” is a component of both. The NATO community and the broader communities at large are working to understand where those lines lie. If you read the output from the Tallinn Manual, for example, you'll see that there are ongoing efforts from the legal community and military forces within our alliance to understand that better.
Are there agreed-upon rules across all of the alliance and all allied nations? I don't think there are, but it's a growing and emerging conversation that is very rich.