This Tallinn Paper concentrates on the political principles related to cyber defence of NATO in the context of the Summit in 2014. NATO adopted its current cyber defence policy and accompanying action plan three years ago. In some areas its implementation has been publicly announced, thereby suggesting that progress has been made; whereas in other areas visible progress is lacking, suggesting that the organisation may be facing challenges. The paper argues that if NATO truly wants to pursue a collective effort within the cyber realm, which could be anticipated as being its natural comfort zone in cyber defence, its new policy will first have to consider the lessons learnt following the adoption and implementation of the present guidance. The steps it will introduce will have to be gradual and realistic, while still increasing NATO’s collective efforts in cyber defence. Against that background, this Tallinn Paper discusses some of the ambitions set out in the 2011 document and certain challenges which NATO and Allies have faced in its execution. It will then offer some realistic avenues for achieving progress. As NATO is renewing its political foundation in cyber defence, the Alliance is hopefully on its way towards creating a comfort zone in cyber defence.