NATO’s Article 5 has traditionally been a provision that allows for any member state to invoke a collective military response to any land, air or sea military attack against their nation. Effectively, an attack on one is an attack on all, and this rule played a large role in keeping the peace during the Cold War, with the USSR having its own version within the Warsaw Pact.
In June of this year, NATO stated that cyber attacks are now included under Article 5, allowing for a cyber attack on any member state to receive a collective kinetic military response. Hillary Clinton has made similar statements on the campaign trail, indicating that cyber attacks should be treated like any other attack.
What remains to be seen are any sort of solid guidelines for determining what qualifies as an attack and what qualifies simply as traditional espionage. The differentiation between Computer Network Attack (CNA) and Computer Network Exploitation (CNE) are used within the US Government, but many aspects of each overlap.
The rules are in-place, but a precedent must be set before any type of true deterrence can come into play.