Article published on the Atlantic Treaty Association Website: https://bit.ly/2IGPSqQ
Addressing the cyber challenge is a mammoth task that cannot be handled in isolation. Simon Michell reveals how NATO is cooperating with allied and partner nations, industry and other political organisations to shore up its cyber defences
Monitoring and policing cyberspace is, in one respect, a bit like patrolling an ocean. Both are so vast, and the activity taking place within them so varied, that it is impossible for a single nation to do it alone. The Alliance has long understood and recognised the benefits of collaboration and has evolved into the perfect tool for taking on and sharing the cybersecurity burden. It is able to offer reassurance that it can protect not just its own networks, but also those belonging to its member and partner nations’ civilian populations. The process of this burden-sharing is well under way.
Cyber has been assimilated into NATO’s Smart Defence initiatives, which enable multiple countries – both members and partners – to pool resources and collaborate on the development of cyber defence capabilities that may be too expensive for them to develop by themselves. The three most high-profile examples in progress are:
– Malware Information Sharing Platform (MISP);
– Multinational Cyber Defence Capability Development (MN CD2); and
– Multinational Cyber Defence Education and Training (MN CD E&T).
MISP was originally created to support NCIRC (NATO Computer Incident Response Capability) missions by enabling the sharing of malware technical characteristics within a trusted community. Its purpose is to speed up the detection of cyber intrusions and the implementation of appropriate countermeasures. From its early iteration, it is now evolving into a far more powerful toolset than was initially conceived.
MN CD2 pools resources in the development and procurement of cyber defence equipment and capabilities. It has numerous work programmes, overseen by a management board that holds regular meetings to assess progress. CIICS (Cyber Information and Incident Coordination System) is a good example of the type of solutions it is developing.
ADDRESSING SKILLS SHORTAGES
The training and education that emanates from MN CD E&T is a fundamental tool for achieving a level of cybersecurity commensurate with the changing cyber threat. MN CD E&T not only educates uniformly across NATO members and partners, it also helps to plug gaps in national skills shortages and delivers a certification mechanism as skills are acquired by those attending to its outputs. MN CD E&T has a broad membership that benefits from training and education from organisations such as the NATO Communication and Information Systems School in Lisbon and the Cooperative Cyber Defence Centre of Excellence in Tallinn.
In his address to the 2014 NATO Industry Forum in Croatia, former NATO Deputy Secretary General Alexander Vershbow said, “Industry is a key player in cyberspace, since the private sector owns the majority of the world’s information systems and provides technical solutions for cyber defence.” He continued, “Simply put, industry is often our first line of defence; it is industry that has the tanks and the soldiers for cyber defence.”
NATO INDUSTRY CYBER PARTNERSHIP
The NATO Industry Cyber Partnership (NICP) is the tangible consequence of those sentiments. Launched in September 2014, NICP is enthusiastically supported by the former and first General Manager of the NATO Communications and Information Agency (NCIA), Koen Gijsbers, who highlighted the stark need for mutual trust. At the launch of the NICP, Gijsbers said, “This is about building an alliance with industry, and the key is building trust – to share sensitive information in order to respond to threats.” This is not entirely new, as NATO has always worked closely with industry – the difference here is the widespread information-sharing process and the speed of distribution that is anticipated.
One of the best visible representations of the NATO-Industry cyber ‘trusted community’ is the annual NIAS (NATO Information Assurance and Cyber Defence Symposium) that takes place in Mons, Belgium. Everyone who is anyone in cyber security is present – from well-known communications firms such as AT&T, BT and Cisco to newer cybersecurity specialists such as FireEye, Forescout and Fortinet.
However, it is not just industry and other military organisations that NATO is engaging with in its struggle for enhanced cybersecurity. NATO works with the European Union (EU), the OSCE (Organization for Security and Co-operation in Europe) and the United Nations to expand and share their cybersecurity knowledge. In early 2016, NATO and the EU signed a Technical Arrangement on cyber defence to help both organisations improve the way they deal with the cyber threat.