The North Atlantic Treaty Organization (NATO) has a key role to play in improving member states' and partners' overall cyber defense posture. To achieve this objective, NATO must ensure it is not imposing overlapping or conflicting requirements that may make national cyber security programs less effective, and must drive efforts to improve national incident response and international coordination. Developing these capabilities will require coordinated planning, implementation, and performance management of mature national cyber security strategies across NATO countries. Understanding all layers of the NATO cyber ecosystem, including the stakeholders' priorities, maturity levels of current guidance on cyber security, and NATO's own ability to influence and add value to each layer of its ecosystem is essential to ensure NATO can issue effective guidance.