NATO
THREAT ANALYSIS AND OPERATIONS
Head of the CERT-EU Freddy Dezeure and Chief of NATO Cyber Security Ian West sign the Technical Arrangement on Cyber Defence
however, is that it is such a huge and all-encompassing task. NATO cyber expert Alex Vandurme, who helped to set up the NCIRC, says: “Our greatest challenge is a bit like defending a skyscraper. We have to close each door and window, while hackers only need to find one open to get in.” And it is true that hackers are always trying to intrude on NATO networks. The Alliance has to deal with an eye-watering 200,000 cyber events every day. Although not all of these are serious, on average at least 10 of them turn out to be sophisticated attacks requiring remedial action. Some of these attacks require high levels of cyber expertise that are not always available where the cyber intrusion has been detected. Therefore, the NCIRC keeps a special six-man team of cyber technicians, known as the Rapid Reaction Team, on alert. It is their job to go out at short notice to deal with an attack that affects the operational capability of a NATO system. They can also be deployed to assist a member state in the event of a significant cyber attack, should the affected nation request help.
Response Teams (CERTS), are not the only ones to be involved in this type of reinforcement effort. In February 2016, the Alliance signed the NATO-EU Technical Arrangement on Cyber Defence between the NCIRC and the EU Computer Emergency Response Team (CERT-EU). Increasingly, a number of industry players are also being brought into the fold to share information and expertise through the NATO Industry Cyber Partnership (NICP), which was endorsed at the 2014 Wales Summit. The NICP acts as a hub for a mixture of large and small commercial organisations. Household names such as Cisco are involved,
The Alliance has to deal with 200,000 cyber events every day. On average, 10 of them turn out to be sophisticated attacks
STRATEGIC CAPABILITIES The Rapid Reaction Team is a relatively modest resource, but one that constitutes a strategic core capability that, according to Suleyman Anil, Head of the Cyber Defence Section of the Emerging Security Challenges Division at NATO HQ in Brussels, would be reinforced, as required, by experts from the member states. These experts, who are typically drawn from national Computer Emergency
98 3.6 Cybersecurity-v2.indd 98
NATO SUMMIT 2016
as are less-well-known organisations such as Fortinet, which signed a partnership agreement with NATO in March 2016 – a month after Cisco signed its own agreement. Cyber defence has now become an integral and integrated everyday NATO task. According to Jamie Shea, Deputy Assistant Secretary General for Emerging Security Challenges at NATO: “the number of cyber attacks is rising every day, whether they be against NATO systems or against the vital systems of our member nations. NATO must be able to offer cyber defence assistance to its members to help them guard against these attacks, to detect them, and – once they have happened – to react swiftly to limit the damage.”
STRENGTHENING PEACE AND SECURIT Y
24/06/2016 16:40