NITECH: NATO Innovation and Technology – Issue 6, December 2021

Page 1


ACCS designed by ThalesRaytheonSystems is the only system of systems to fulfil NATO AIR C2 requirements ranging from air policing through complex air operations to ballistic missile defence.

DATA-CENTRIC, PLATFORMAGNOSTIC SOLUTIONS FOR GLOBAL MULTI-DOMAIN OPERATIONS A proven data-centric provider of multi-domain connectivity, L3Harris’ heritage of systemof-systems integration and open architecture includes decades of architecting and delivering critical mission systems on compressed schedules to address evolving threats around the globe. We provide near real-time, battlefield intelligence collection, analysis and dissemination. L3Harris continually develops new capability concepts to meet everchanging mission needs and requirements. Our open-system design and platform-agnostic principles allow for rapid capability insertion to meet evolving mission requirements, keeping systems relevant for the fights of today and tomorrow. With increasing commercial congestion and enemy exploitation and denial of the electromagnetic spectrum, L3Harris’ broad array of products provide today’s militaries the most advanced secure spectrum superior technologies. Our open-architecture mission systems enable agile, data-centric network solutions for the future.

NITECH NATO Innovation and Technology


Editors Adelina Campos de Carvalho, Simon Michell Project Manager Andrew Howard Editorial Director Barry Davies Art Direction Dorena Timm Layout Andre van Herk, Andrea Grammling, Sonia Theodoridou, Andrew Metcalfe Contributing Photographers Marcos Fernandez Marin, Conrad Dijkstra, Michael Linennen Cover Former NCI Agency intern, now Cyber Security Scientist at the NATO Cyber Security Centre (Photo by Marcos Fernandez Marin)

Printed by Pensord Press Limited Images: unless otherwise stated, all images have been sourced from Getty Images

Published by

On behalf of

Chantry House, Suite 10a High Street, Billericay, Essex CM12 9BQ United Kingdom Tel: +44 (0) 1277 655100

NATO Communications and Information (NCI) Agency Oude Waalsdorperweg 61, 2597 AK The Hague, Netherlands

© 2021. The views and opinions, expressed by independent (non-NATO) authors, contributors and commentators in this publication, are provided in their personal capacities and are their sole responsibility. Publication thereof, does not imply that they represent the views or opinions of the NCI Agency, NATO or Global Media Partners (GMP) and must neither be regarded as constituting advice on any matter whatsoever, nor be interpreted as such. References in this publication to any company or organization, as well as their products and services, do not constitute or imply any direct or indirect endorsement, recommendation or preference by the NCI Agency, NATO or GMP. Furthermore, the reproduction of advertisements in this publication does not in any way imply endorsement by the NCI Agency, NATO or GMP of products or services referred to therein.



P. 41

Forewords and introduction 13 17

Building an Alliance fit for the future

Ludwig Decamps NCI Agency General Manager

24 Meeting tomorrow’s challenges

Mircea Geoană

30 View from the Nations: the establishment of Germany’s Space Command

Deputy Secretary General, NATO

20 Education is key Adelina Campos de Carvalho and Simon Michell, Editors, NITECH – NATO Innovation and Technology

34 View from the Nations: Montenegro – keeping pace with tech-based innovation

Adopting new practices and technologies 38 Delivering strategic thinking education 41

Educating NATO – The NATO School Oberammergau

46 Enhancing NATO’s technological edge through excellence in C4ISR and cyber training 8

P. 52

52 5G in deployed operations


P. 62

Supporting NATO and the Nations 58 Maintaining the NCI Agency’s tech edge 62 The future of NATO air policing 66 Inside the CIO’s office 69 NATO’s cyber security priorities 74 Smarter procurement 77 Innovating NATO’s digital future 82 The NCI Agency’s sandbox AI project 86 NCI Agency support to NATO cyber exercises

P. 82

Fostering tomorrow’s leaders 89 How to thrive under pressure – the human capital innovation concept 94 The NATO Executive Development Programme 97 NATO Young Leaders Group P. 100

100 Young talent at the NCI Agency



FUTURE-PROOFING THE ALLIANCE NCI Agency General Manager Ludwig Decamps I am pleased to present to you the latest edition of the NATO Innovation and Technology (NITECH) magazine. This is our sixth edition of our magazine, and my first as General Manager of the NCI Agency. This issue is centred on future-proofing the Alliance. We will discuss how we are working together to build an Alliance that is fit for the future, one that can adopt new practices and technologies at the speed of relevance. At the 2021 NATO Summit, leaders agreed to an ambitious agenda through the NATO 2030 initiative, which calls for strengthening NATO’s resilience and sharpening its technological edge. The NCI Agency continues to play a vital role in this work, driving NATO’s digital transformation and securing its networks. In this edition, we are focusing on some of the areas that are key to NATO’s future: digital transformation, cyber security, smarter procurement and training, just to name a few. For the NCI Agency to continue to deliver on NATO’s ambition, we must also deepen our partnerships with industry and academia – and make new ones. They are at the cutting edge of research in areas such as artificial intelligence, quantum computing and machine learning, and these technologies will play a big part in protecting NATO’s nearly one billion citizens in the future. This magazine is an important opportunity for us to explain a bit more about our direction of travel to our partners, so that they can prepare accordingly. We are pleased to feature an introduction by NATO Deputy Secretary General Mircea Geoană, as well as a lead article by the Chair of the NATO Military Committee, Admiral Rob Bauer, on meeting tomorrow’s challenges. And be sure to read the article by NATO Assistant Secretary General for Executive Management, Giedrimas Jeglinskas, who plays a critical role in talent attraction, selection and development. I am also delighted that the newly appointed NATO Chief Information Officer, Manfred Boudreaux-Dehmer, has contributed a fascinating insight into his ambitious plans. Finally, don’t miss the column by the German Minister of Defence, Annegret Kramp-Karrenbauer, on the establishment of Germany’s Space Command, which will further strengthen NATO’s position in this operational domain. There are too many excellent contributions in this edition to name, so I’ll just say ‘happy reading’. And thank you for continuing to support the NCI Agency.





© Safran - ESO / L.Calçada / Daniel Linares - PEMA 2M


SAFRAN ELECTRONICS & DEFENSE, INTELLIGENCE ONBOARD Day after day, you face critical challenges. The products and services developed by Safran Electronics & Defense, whether civil or military, deliver the technological superiority, effectiveness, reliability and competitiveness you expect. We’re with you every step of the way, building in the intelligence that gives you a critical advantage in observation, decision-making and guidance. You can count on Safran Electronics & Defense, your strategic partner on land, at sea, in the air and in space.

safran_IntelEmbarque210x286_VA_2020.indd 1 : @SafranElecDef

14/12/2021 10:22


NATO 2030: AN ALLIANCE FIT FOR THE FUTURE Deputy Secretary General, NATO, Mircea Geoană At the Brussels Summit in June 2021, NATO Heads of State and Government endorsed NATO 2030 – an ambitious agenda aimed at ensuring our Alliance is ready for today’s challenges and fit for those that tomorrow will bring. Future-proofing is not only about minimizing the negative effects of unforeseen events, but also ensuring we are ready to harness opportunities in a dynamic security environment. Technological innovations are vital to ensuring readiness, but are also at the centre of ongoing changes to the nature of peace, crisis and competition. China and Russia are racing to develop new technologies, from artificial intelligence (AI) and autonomous systems to hypersonic weapons and robotics. It is imperative that NATO strives to maintain the technological edge that has helped keep us safe for over 70 years. We have taken significant decisions to that effect, with tangible progress already achieved. Allies previously identified seven key emerging and disruptive technology areas: AI, data, autonomy, quantumenabled technologies, biotechnology and human enhancements, hypersonic technologies and space. At the June Summit, NATO leaders also took a decision to establish a Defence Innovation Accelerator for the North Atlantic – DIANA. Working with start-ups, industry and academia, DIANA will promote transatlantic cooperation, foster and protect these key technologies and strengthen Allied industrial bases. It will have headquarters in both Europe and North America, and include a network of test centres, affording innovators access to world-class facilities. It will also offer opportunities to integrate technologies into operational experimentation, ultimately delivering cutting-edge capability for Allied Armed Forces that will keep our populations safe. In addition to DIANA’s establishment, 17 Allied Defence Ministers confirmed their participation in a NATO Innovation Fund at their meeting in October.

The fund will support the development of dual-use emerging and disruptive technologies, with a focus on deep tech. This will enable early engagement with innovators, and bridge the gap between technological development in the commercial world and applications to defence and security problem-sets. Together, DIANA and the Innovation Fund mark a major step forward in NATO’s enhanced engagement with industry, including new ways of financing our defence, in tandem with the private sector. Also in October, Defence Ministers approved NATO’s first-ever AI Strategy, outlining applications of AI to defence and security, and setting out principles of safe and responsible use. Ministers also approved NATO’s first-ever policy for data exploitation, with individual strategies for quantum-enabled technologies, data and computing, autonomy, biotechnology and human enhancements, hypersonic technologies and space also to be developed.



The NATO 2030 agenda was endorsed by NATO Heads of State and Government at the 2021 Brussels Summit (PHOTO: NATO)

Investment in human capital – a vital component of safeguarding our future – will be critical to achieving our potential in all of these areas. Modernizing our education, training the next generation and upskilling our existing workforces is imperative to futureproofing our Alliance. That is why NATO’s Emerging and Disruptive Technologies Strategy highlighted steps needed to establish a culture of innovation across NATO, and amongst Allies, including through dedicated engagement with the private sector and academia.


Finally, one of the most significant ways we are preparing our Alliance for the future is by developing NATO’s next Strategic Concept – the document that reaffirms NATO’s values, purpose and core tasks. The current Strategic Concept dates back to 2010: it refers to Russia as a strategic partner, does not mention China, and only alludes to climate change and technology. The new document will provide a collective assessment of our changed security environment, including recognition of China’s more assertive behaviour and the impact of climate change on our security. The Secretary General has now begun consultations with Allies on NATO’s evolving strategic environment, approach and priorities, and will also engage the private sector, civil society, international organizations, expert communities

“Investment in human capital... will be critical to achieving our potential” and youth. Heads of State and Government will be invited to approve the new Strategic Concept at the Madrid Summit in June 2022. Delivering on NATO 2030 depends on modern, secure and reliable Information Technology systems and capabilities. The NCI Agency is a key partner for all these endeavours, ultimately helping ensure we implement this vision, and the digital transformation that will get us there. In more ways than one, future-proofing our Alliance will depend on strong delivery and support from the Agency, and its partners.

NIAP Protection Profile 4.0certified peripheral sharing

c y b e r s e c u rit y

The latest Common Criteria certified Belkin Secure KVM are designed to the maintain air-gap isolation at the desktop whilst improving operator efficiency and effectiveness. Equipped with advanced cybersecurity provisions including: • Optical data diodes assuring unidirectional data flow from each peripheral. • Device emulation and filtering of connected USB devices. • Secured EDID emulation ensuring protection of connected monitors.

Free up your desk Barely larger than a modern smartphone our Modular Secure KVMs meet all critical security constructs to ensure air-gap isolation & system security.

Modular Secure KVMs • Available in 2- & 4-channel for single & dual screen. • Smallest Form factor for any secure KVM. • Optional VESA and under-desk mounts. • Universal video compatibility. • Remote control included. • 4K @ 30Hz.

Second Generation Universal Secure KVM • • • •

Available in 2-, 4-, 8- and 16-channel for single screen, and 2-, 4- and 8-channels for dual screen. Ports on the front panel customisable to glow in ‘admin defined’ colours. CAC and non CAC versions available. 4K @ 60Hz on all video input.

Compatible with a unique Keyboard with integrated remote control in matching channel colours • Full control of the Secure KVM, enabling off-desk placement. • LED keyboard backlighting & status indicators mimic Secure KVM’s, reinforcing the security enclave.

Download the brochure

Find out more about our Cybersecurity solutions at:


Editor – NATO Communications and Information Agency

Adelina Campos de Carvalho Editor – Global Media Partners

Simon Michell

Education is key Simon: Future-proofing NATO against threats is a bit like painting the Forth Bridge or the Eiffel Tower – it is a never-ending task. The threats that Admiral Bauer alludes to in his leading article are constantly moving and evolving. Adelina: Exactly, as the Deputy General Secretary, Mircea Geoană, says, the need to be forever vigilant and relentlessly evolving is vital. Simon: Events always change the dynamic. There are threats both physical and technological constantly probing the Alliance looking for weak spots. Adelina: Obviously, cyber-attacks are one of the most prevalent threats. Just look at Erik Esselaar and Sarah Brown’s article about the Agency’s NATO Cyber Security Centre (NCSC). As they both point out, it’s not just about technology, it also relates to human behaviours and being careful. Simon: Always... Adelina: That’s why the NCSC will work closely with the new NATO Chief Information Officer to strengthen NATO’s overall cyber security. Simon: It’s fantastic that the NATO CIO has been able to contribute an article on how he plans to ensure NATO is able to keep the cyber threat at bay, and the role of his Digital Transformation Action Plan. 20

Adelina: As the digital transformation is proving, dual-use technologies are critical not just for cyber security, but also for the whole digitalization process. Innovation from the commercial sector is shaping the future of both commercial and military organizations. Simon: It will be fascinating to see how the Defence Innovation Accelerator for the North Atlantic – DIANA helps to accelerate this process. And how that shift in R&D focus impacts on other parts of the Alliance – the NCI Agency, for example. Adelina: It is very early days and there is a lot to take into consideration, but yes, DIANA will affect the R&D focus in the future. Don’t forget in his feature, the Chief Technology Officer, Antonio Calderon, calls for a change in the acquisition process as well to keep pace with innovation. Plus the Director of Acquisition, Jennifer Upton, explains how strategic sourcing will help bring in a smarter procurement system. Simon: It’s not just about the technology itself though. That is why this issue focuses on education and training (E&T). Adelina: Education and training have a vital part to play in ensuring that the Alliance is fit to meet future challenges. We are fortunate to have contributions from the Dean of the NATO Defense College and the Commandant of the NATO School Oberammergau (NSO), as well as the Head of the NCI Academy’s Learning Innovation and Development department.


Simon: They all agree that this is also about culture and mindset. Dr Stephen Mariano of the NDC is absolutely clear in his piece that the E&T effort has to keep pace with not only the technology, but also geopolitical and even environmental trends. The NDC will soon be delivering classes on the impact of climate change, for example. It has come a long way in its 70 years. Happy 70th anniversary by the way. Adelina: Yes, happy anniversary! It’s exciting to see how learning has evolved in the last 70 years, and Covid has accelerated all that . The way E&T is delivered is changing with the move to a more generalized remote working capability. Colonel Michael A Davis of the NSO offers figures that show

online courses not only help maintain resilience, but they can also increase student numbers. This allows the participation of a wider range of students, including those who might not have been able to attend on site. And we can learn from them too. Simon: As you say, these students need to be more diverse and reflect an evolving Alliance demographic. Adelina: I think the piece on NCI Agency ‘Young Talent’ shows how we are making great strides in this, as did the NATO 2030 Youth Summit which took place this year. I’m confident that 2022 will see even greater participation from young people in the consultative process. We need their inputs to help us protect the future. 21


Reducing cybersecurity stress through planning, training and technology How has the new world of hybrid work impacted this?

Steve Benton Chief Security Officer at BT Security

Can you describe the current threat landscape? Unfortunately, there’s no escaping the barrage of cybersecurity incidents in the news. From cyber attacks impacting critical operations at hospitals, to ransomware taking out fuel-supply infrastructure, there are examples everywhere of cybercriminals’ tactics and techniques getting increasingly sophisticated, organised, and having more of an impact on global economies, societies and civilians. We’ve got a front-row seat to these types of attacks at BT Security. In fact, recent research by our Threat Intelligence team has shown a 50% increase in malware traffic over the past six months. As a result, organizations like NATO need to find effective ways to deal with the increased threat of cyber attacks. With new technologies also being adopted rapidly, especially during the pandemic, collaborating with trusted partners from across the public and private sector is absolutely crucial.

It’s certainly compounded the issue. The widespread shift to cloud in order to support working remotely has, inadvertently, created a much larger attack surface. The sheer number of locations, devices and networks organizations need to manage has exploded. As a result, traditional models of security perimeters around self-managed corporate networks have become inadequate. Hybrid working requires thinking differently about security. Across the globe, we’re seeing organizations resetting their workplace strategy to regain the visibility and control they may have lost when rapid decisions were made to maintain remote business operations.

What does this mean for the CISOs of today? Firstly, we need to accept we are operating in a riskier environment. We’re working in a landscape of new threats and vulnerabilities that many CISOs either haven’t come across before or have little experience of managing. What’s more, the cyber skills shortage is another factor to contend with. We consulted with over 7,000 business leaders and found that 56% of organizations feel they’re at risk due to cybersecurity staff shortages, and a further 22% are planning to further reduce the size of their security team. The very nature of our work – the unpredictability of events and the continuous decision-making process that must be taken by often stretched teams – is, unfortunately, a perfect breeding ground for stress.

So, how can you create calm in a pressurised environment, such as a cyber incident, and reach a solution in the best way possible? First and foremost, set yourself up for the unknown. As we establish new workplace norms, it’s important to adopt security strategies and responses based on uncertainty. Make the best decision you can based on the information you have. Perfect decisions in incident response situations are almost impossible, so don’t wait until you have everything, or it’ll more than likely be too late. Second, security is a team game. It’s important to set your experts up for success, especially when incident response can be such a stress-inducing environment. This should involve dividing up responsibility to avoid overwhelming people and make sure that everyone is comfortable and confident in their role. It goes without saying that contingency planning should be at the very heart of your cybersecurity strategy. Scenario-planning in times of ‘peace’, for the times of ‘war’, is key. The more you prepare and rehearse your teams in advance of these high-pressure situations, the better the outcome. Much like military training, by exposing them to a certain scenario when the stakes are less high, you can challenge individuals to control their emotions and make informed decisions, so when the real thing inevitably happens, they have increased confidence in their own intuition. And, importantly, afterwards you should take time to conduct a


postmortem post-incident. Think about what happened, the decisions you made and the outcome. What could have been done differently? What information didn’t you have that would have made your decisions better or faster? What are the key learnings for next time? Cybersecurity doesn’t stop once the incident happens – it should be a continuous cycle of learning and improvements.

What about new technologies out there? Can security teams take advantage of these to further reduce stressful incident response situations? Technologies such as machine learning and artificial intelligence (AI), if implemented properly, can certainly assist with the mounting pressure on security teams. These tools can transform incident response through

not just real-time detection of issues, but also intelligent, automated responses. It can certainly be a daunting topic for many CISOs. The idea of giving up control and handing over responsibility to ‘machines’ might add more stress in the short term – but for long-term gain. Modern cyber attacks are increasingly automated, so if the ‘enemy’ is doing it, you need to join them. Automation can help with everything from making sense of data to implementing updates and patching to protect networks faster than an attack spreads, and even predicting behaviours so that security teams can react to new threats faster – removing a number of contributors to security teams’ stress.

like-minded partner that can take away some of the headache of managing the time-consuming, often repetitive, day-to-day activities and integrate your security solutions in one place, giving you a single, holistic view of security across your whole business. Of course, we can never fully eliminate risks, but we can plan for them and invest in the right tools to reduce the burden on security teams and set them up for success in this brave new world of security.

That said, it isn’t just about adding more security tools and technologies into the mix. Look for a trusted,




MEETING TOMORROW’S CHALLENGES Admiral Rob Bauer, Chairman of NATO’s Military Committee, highlights the need to expect the unexpected and how, as the Alliance tilts away from crisis management towards enhanced collective defence, the NCI Agency is helping NATO prepare for this future challenge NATO’s job is to always expect the unexpected. In today’s security climate, our adversaries increasingly perpetrate hybrid actions that fall under the established threshold of war, but still present significant challenges to our security. From the use of ‘little green men’ during the illegal annexation of Crimea by Russia in 2014 to the targeted cyber-attacks on critical infrastructure, and the instrumentalization of migration… the distinct phases of peace, crisis and war are becoming increasingly blurred. To address these modern-day challenges, NATO must constantly adapt itself to be able to fulfil the mission founded during its inception: to guarantee the freedom and security of its members. Time is no longer our friend. Not only because we are dealing with hybrid threats, but also because we are shifting our focus more towards collective defence.



For several years now, the Alliance has undertaken its biggest military adaptation since the Cold War. At the Brussels Summit last June, NATO committed to strengthening its collective defence against all threats. This means: – fully implementing our plans to strengthen our military posture; – continuing to increase the readiness of our forces; – modernizing our capabilities; and – investing more in our collective defence. In crisis management, we were often involved in asymmetrical warfare, whereas in collective defence we are dealing with a near-peer adversary. The timelines for collective defence are very different to those for crisis management. This makes a common situational awareness for the strategic political and military-level and quick digital decision-making systems and procedures all the more important. And this is where the NATO Communications and Information Agency (NCI Agency) comes to the fore.

Data is the new oil. In a world where information is currency, the ability to collect and process data is what sets you apart from your competitors. Big Data has not only transformed our societies, it also has a profound impact on our warfare development. The battlefield is becoming more and more digitalized and informationdriven. Today’s weapon systems, such as F-35s, Reapers or modern naval radars, collect enormous amounts of data. Whoever is able to store this data, analyse it intelligently, and then quickly and regularly relay the relevant information to the commander in the field, at sea or in the air... holds a battle-winning advantage.

POLARIS – ESTABLISHING NATO’S DIGITAL BACKBONE As NATO, we are acutely aware of the challenges and opportunities offered by data superiority, and we are actively engaged in a digital transformation of our ways of working, our equipment and our human resources. For years, the NCI Agency has played, and is playing, a crucial role in this. From our

desktops to our missile defences, the Agency has worked side-by-side with Allies to acquire, deploy and defend communications systems. Through the Polaris programme, the NCI Agency is transforming and modernizing the Alliance’s technological infrastructure. This programme will establish the first NATO private cloud infrastructure, increasing the security of NATO networks. This is a huge task to undertake, as the NCI Agency is responsible across 44 sites: from operational and tactical headquarters, through to NATO’s Supreme Headquarters Allied Powers Europe and up to NATO Headquarters. The NATO Command Structure increasingly relies on technology to deliver its key objectives. So, to be fully effective, we must be able to collect, prioritize, process and share data; and then fuse it into a continuously updated display of information for joint forces. And the NCI Agency’s role in this is critical. The Polaris programme is a building block in NATO’s so-called ‘digital backbone’, which is needed for the

The NCI Agency has long played a crucial role in enabling NATO’s digital transformation (PHOTO: NCI AGENCY)



At NATO’s Brussels Summit in June 2021, leaders committed to strengthening the Alliance’s collective defence against all threats (PHOTO: NATO)

“We need our systems to ensure data integrity. Not all data is good data” Alliance to execute effective command and control (C2). This backbone will grow over time, to allow us to maximize our common situational awareness for both political and military decisionmakers. It will increase the speed, as well as the accuracy, of the strategic decision-making process. Both these qualities are indispensable because NATO is faced with a fundamentally changed global security environment.

DIANA – DEFENCE INNOVATION ACCELERATOR OF THE NORTH ATLANTIC NATO cannot achieve this alone. We need to work side-by-side with

national industries to harness their innovations for the good of the Alliance. This is one of the reasons why NATO is increasing its focus on innovation and has approved the Defence Innovation Accelerator of the North Atlantic (DIANA). It will provide a network of technology test centres and accelerator sites to better harness civilian innovation for our security. NATO has also agreed an Innovation Fund, worth one billion euros, that will enable us to retain our technological edge. In order for this to be truly effective, we need to increase interoperability between Allies. This was one of the topics I raised at the NATO Industry Forum in Rome this November.

Data is a strategic resource. And if we do not make sure our systems are able to connect and exchange information, we will never be able to stay one step ahead of our adversaries. We also need our systems to ensure data integrity. Not all data is good data. Just like oil, data is only useful when it is refined. And unlike oil, data exists in abundance. If we are not careful, we will be drowning in data. I have every faith that our Alliance has the ability to make a successful shift to digitalization and to create a digital backbone for its C2. As NATO Secretary General Jens Stoltenberg said recently, “NATO is the most successful alliance in history. Mainly because of two things: our ability to unite and our ability to change”. Together with excellent partners, such as the NCI Agency, we will be ready to expect the unexpected.



INDUSTRY PERSPECTIVE EMDYN Platform, that brings together the most up-to-date information, drawing together layers of data from the broadest range of sources and providing a comprehensive analysis tool. It can be securely hosted externally or in-house and is specifically designed to be easily integrated with clients’ own data.

Tim Van Renterghem Chief Executive Officer, EMDYN (Emerging Dynamics)

What does EMDYN bring to the security landscape? EMDYN seeks to provide advanced intelligence-led solutions to a broad range of security issues. Using visionary technology, we maximise insights and situational awareness from huge data sets, which lead to better-informed decisions and positive outcomes, helping you to stay ahead of the curve. The threats faced across a globally connected planet are increasing in complexity and, to protect key operations and infrastructure, deeper, sharper and faster methods of data exploration need to be deployed. This is what EMDYN focuses on. Our strategic services – intelligence monitoring, secure data fusion, data analytics, location intelligence and biometrics – are all driven by a raft of cutting-edge products, unique to EMDYN.

How does EMDYN integrate its location intelligence services? Accurate and timely location intelligence is the key to solving so many security challenges. EMDYN has developed a software solution,

Forming a key part of EMDYN Platform, EMDYN Geo Module is a geospatial intelligence fusion platform/application. It draws on a massive bank of location intelligence data to provide unparalleled insights into situations, events or patterns of movement. The data is drawn from sources ranging from vehicles to vessels, flights to cell towers, among other exclusive channels. EMDYN can query over a trillion records and visualise 10 million data points in one go. Any area of interest can be specified, from an individual building in a city to the whole city or an entire country, creating fresh insights into human activity and situational awareness.

Why is satellite imagery a key component within EMDYN Platform? Satellite imagery is central to monitoring change in so many defence situations, from activity around military bases to the buildup of forces and military hardware around sensitive country borders. It is vital that the images deployed are high quality and up-to-date. To achieve this, EMDYN has subscribed to Maxar’s SecureWatch service, which provides on-demand access to over 125 petabytes of the company’s high-resolution satellite imagery, and has fully integrated it into its Geo Module. EMDYN’s intelligence data overlays help analysts to tip and cue satellite images more efficiently, enhancing

the meaning of an image and a location’s activities and associations Maxar SecureWatch provides global coverage of the highest resolution satellite imagery commercially available. Its world-class constellation collects more than three million square kilometres of new imagery every day. Employing global coverage in intelligence gathering via satellites means personnel on the ground are not exposed to danger. It is equally applicable in border security and emergency or disaster scenarios. The ability to detect changes by comparing images before and after an event provides a rapid means of accurately assessing its impact.

How is the future shaping up? EMDYN makes large data sets intuitive, understandable and actionable, providing exceptional analytic and artificial intelligence capabilities. Data, though, is not an end in itself, but a means to drive much more accurate and faster decision-making in the future. Our modular approach ensures that there is a tool to solve different data problems, along with an integrated toolset to provide platform-wide functionality. Alongside the Geo Module, EMDYN Platform includes a bespoke biometric detection and validation module, targeted to address physical security issues, and a powerful new search exploration and visualization tool. Looking ahead, EMDYN is committed to further innovation in data exploration to help shape a better, more secure future.

MAKING SENSE OF THE DATA Data is a precious commodity. It is vital to make sense of it. EMDYN Platform compiles layers of data from the broadest range of sources and provides a comprehensive analysis tool that gives unparalleled insights into the security landscape. Taking Big Data geospatial intelligence to the next level, EMDYN Platform can be securely hosted or deployed on premises and is easily amalgamated with your own data. Access to Maxar's world class, high-resolution satellite imagery is fully integrated along with our geospatial intelligence fusion centre, EMDYN Geo. EMDYN provides advanced intelligence-led solutions to a range of security issues, using visionary technology to help you stay ahead of the curve. Find out how EMDYN Platform can work for your organization.




THE ESTABLISHMENT OF GERMANY’S SPACE COMMAND Annegret Kramp-Karrenbauer, Germany’s Minister of Defence, explains how the country’s new Space Command will extend its interaction with both domestic and international partners cover commercial applications, like communication or Earth observation. The Bundeswehr currently utilizes a number of military satellites, primarily for reconnaissance and communications purposes.

On 13 July 2021, I had the great pleasure of inaugurating the Bundeswehr Space Command, located in Uedem in Germany’s north-west. Our new Space Command builds on the German Space Situation Awareness Centre founded in 2009. It will extend Germany’s military space capabilities and will continue our wellestablished interagency approach to maximize space security.


As every modern nation, Germany significantly depends on space in both the military and civil domains. While utilizing Space services in almost every part of our society, Germany operates satellites mostly to

The newly-founded Bundeswehr Space Command will be the focal point for all military Space affairs in Germany. Its mission reflects the national and international importance of space security and encompasses Space Domain Awareness, Space Operations, coordination of Space Support to

Operations and support of Space Systems Operations. Moreover, it consequently integrates Space Operations into Joint All Domain and Combined Operations. In this capacity, the Bundeswehr Space Command will continue to extend its interaction with partners within the military, the German civil administration and commercial partners, predominantly satellite operators. In addition, the Command will lift our international partnerships and cooperation to a new level. It will offer to our partners a platform for

Inside the Bundeswehr Space Command at Uedem, north-west Germany (PHOTO: CHRISTIAN TIMMIG/BUNDESWEHR)


Dr Gerald Braun, Head of the German Space Situation Awareness Centre, in conversation with German Minister of Defence, Annegret Kramp-Karrenbauer, at the inauguration of the new Space Command (PHOTO: CHRISTIAN TIMMIG/BUNDESWEHR)

consultations and management of space-related incidents and a node to connect to the various layers of the German system. Starting from 2022, the Bundeswehr Space Command will follow a phased approach to build its capabilities and capacities. While the Air Force and our Cyber and Information Service are the two main military stakeholders in this new joint endeavour, the armed forces as a whole will support it. In addition to the concrete establishment of the Command, Germany will focus intensively on developing strategies and concepts for enhancing space security. The system is built to evolve over time and adapt to new developments.

With our new Bundeswehr Space Command, Germany continues to take responsibility for its share of Operational Space Support to allies. Concerning space as an operational domain, NATO will be Germany’s focal point to ensure peace and stability. In particular, the Bundeswehr Space Command will support NATO via the newlyestablished NATO Space Centre. In addition to our national responsibilities in supporting NATO, cooperation and collaboration in the Combined Space Operations Initiative is another focus area. In support of this initiative, we will improve our data-exchange mechanisms to

ramp up future collaborations between Space Operation Centres. With the Bundeswehr Space Command, Germany has established a robust structure for space security that will ensure interoperability and contributions on national, joint and combined levels and towards other nations’ Space Commands. The comprehensive approach will pave the way for the next decades as space will become even more important. I am well aware that the pace and proposed timelines for space capability development are challenging. However, Germany will demonstrate its reliability as a partner in the global security environment, which, for sure, includes space.



A trusted partner with secure, resilient architectures and infrastructure

John Reeves Managing Director, Viasat UK

Can you describe Viasat’s relationship with NATO? We have been engaging with NATO for decades helping the Alliance with its secure communications and Ultra High Frequency (UHF) satellite communication (SATCOM) requirements. Throughout that time our focus has been on partnering with defence to solve challenging communications problems and deliver greater interoperability, scalability, flexibility, and security across legacy and next-generation platforms. That is why our government customers, like NATO, are now asking for access to our satellite, Link-16 and radio network infrastructures, especially as they are integrated with our encryption technologies and bound together with smart network-management capabilities in the background.

How can Viasat help solve military communications challenges for NATO? There are several challenges, but achieving resilience is a critical one.

As an example, we benefit from resilience in our daily lives when we make a phone call from our home or office over our smartphone. Smartphones have the ability to connect over the local cellular network, or your home/office wifi network, which means you have an alternate communications path in the event either that the connections are not working properly or if you are on the move (eg going from home to the office). Further, this technology operates in a zero-touch fashion – the smartphone allows the user to complete the necessary task, a phone call in this case, in a resilient manner that happens seamlessly from the user’s perspective. We are taking that same resilient networking approach to creating and delivering capabilities that can be leveraged by NATO for missions everywhere, from a headquarters office environment to the front lines of the battlespace. In a NATO-specific context, the communications architecture could still use cellular and wifi, but adds valuable layers through tactical data links such as Link-16, UHF SATCOM, broadband SATCOM, MANET radios, or a combination thereof. Ultimately, building and maintaining this resilient, seamless communications architecture is about enabling our users to achieve their mission requirement in a way that is secure, flexible and capable of supporting modern joint operations across domains. Historically, we have engaged with NATO around specific technologies – UHF tactical communications

programme or Eclypt® encryption drives, for example. However, we can’t be stovepiped in how we deliver capabilities into NATO if we want to serve modern military communications needs. Instead, we need to change our approach and address how we can create interoperability across technology areas and networks, stitching together the seamless architecture that can meet the wide range of NATO’s current and emerging mission requirements.

Is Viasat integrating 5G solutions into its architecture and infrastructure? To us, 5G is more than just spectrum or the waveform mobile (cell) phone carriers are using. That is a piece of it, but what we’re interested in is the potential of 5G as an extensible network architecture. This extensibility could be an important asset in bringing networks together under these standards, creating the interoperability to enable that seamless network experience we discussed. So we are working on integrating 5G into the areas where it makes most sense. For example, Viasat was awarded two 5G tactical networking feasibility contracts by the US DoD through the Information Warfare Research Project. This work will look at how 5G can best be integrated to support multidomain operations, command and control, and network deployments in contested areas. We have been working on solutions for tactical networking for some time, so it’s important to collaborate with defence


partners, as well as other 5G providers and developers, to explore new capabilities and use cases.

Why are dual-use technologies important to organizations like NATO? Commercial companies like Viasat are helping to lead the way with dual-use technologies. We were one of the first to realise that there was huge pent-up demand in the commercial market, as well as in the government space, for airborne interactive broadband connectivity. So we designed and developed technologies and infrastructure to satisfy that demand. The key thing to consider in terms of dual-use technology is that the innovation trajectory in the commercial sector can accelerate exponentially – at a rate that governments can’t realistically match. For example, could a government develop a search engine to compete with Google? Never, and there is a good reason for that. Once the commercial business case gets

unlocked, public and private investment flows in at a rate that far outstrips government resource allocations. In addition, a byproduct of this surge in activity and investment is that talent and skill sets tend to gravitate toward those digital organizations that are on a steep innovation trajectory and away from governments and traditional Defence industry players. This is where we are at with SATCOM at the moment. Inevitably, some SATCOM ownership and development will remain in the government sphere, but there is an enormous opportunity for governments to leverage commercial capabilities to accelerate their adoption of technology and stay ahead of their adversaries. This is the opportunity that a company like Viasat provides, because we are constantly looking at how innovations in our commercial business could be applied to support government needs. We started as a small defence contractor with three people. Now we are a 6,000-strong international company focused on

developing unique commercial and government technologies and new services and capabilities. With Viasat, governments can get the benefit of riding this innovation trajectory, while reducing programme cost and allowing resources to be reallocated to programmes that truly require bespoke government development. Moreover, they get to work with an entity that has been a trusted defence partner for more than 35 years. That is what makes Viasat unique – the fact that we started as a defence contractor. At our foundation, we are about helping governments address unique challenges that require a focus on data security and trust. Once you have that trust, you can bring your other commercial technologies and partners into the equation.




Professor Dr Milica Pejanović-Đjurišić, former Minister of Defence for Montenegro, discusses the impact of new technologies on the defence and security sector

important for the wellbeing of the country and its citizens.


The world is in the middle of an unprecedented technological revolution, one that is already demonstrating far-reaching social, economic and geostrategic consequences. In that context, one of the necessary reforms Montenegro has been facing is the need to prioritize and mainstream a digital transformation in our national policy, so that digital skills are improved, new e-services introduced, public authorities made more transparent and accountable, and costs reduced. That would be the optimal way to transform the economy and address the inclusivity and social cohesion, which is so

Being an ICT scholar and researcher, I’ve always approached digital transformation in a holistic manner. I adopted the same approach when I was responsible for the defence sector in Montenegro. Together with my team, I focused on strengthening innovation and implementing new solutions, while building new military capabilities and capacities for operations in conflict zones, as well as homeland security and disaster recovery operations. Thus, IT capacities were increased. Air, land and sea surveillance systems were implemented, together with new digital communication backbone and access networks to support the introduction of specific services and the creation of the conditions for improving cyber readiness and network-system resilience. In order to be able to develop and

implement these and other solutions, based on new technologies, new partnerships with other actors within the ICT ecosystem were established, and a more encouraging atmosphere for ideas in the sector’s own ranks was promoted. Just like other countries, Montenegro increasingly recognises that to be secure and prosperous we must keep pace with tech-based innovation. In our societies, political, economic, social and cultural activities depend to a large degree on digital connectivity. The same applies for the military sector, particularly as new technologies have changed the nature of conflicts and those who prosecute them. The core of the current development and security environment is information. Communications continue to be the key to any advancement and progress. An example of the unprecedented change militaries and governments across the world are undergoing is


Future military platforms will be based on technologies primarily developed for commercial use (PHOTO: U.S. ARMY EUROPE IMAGES)

their move towards a networkcentric approach, where new technologies like 5G and 6G will be playing an important role. 5G, with its higher speeds, lower latency, greater reliability and lower power consumption, has already found a place in the military sector. Thanks to being software-based and having no hardware constraints, 5G and 6G are set to be real game-changers for the military sector. This development is particularly important with regard to cyber risks and threats, and the need to ensure data and asset security at every level of operation. Together with the need for security and interoperability with disparate systems, including legacy systems and those of partners/Allies, it is necessary to improve the ability of the military to deter and defend against any potential adversary and to respond effectively to emerging crises through maintaining a technological edge. That is where new system and network design paradigms,

“5G and 6G are set to be real game-changers for the military sector” including software-defined radio and networks, big data, machine learning (ML) and artificial intelligence (AI) play an important role. They will undoubtedly improve the feasibility of military applications as the next generation of military platforms will be based on modern communications technologies that have primarily been developed for commercial use. That said, the challenge of maintaining some of the critical differences while, at the same time, closing the gap between military and commercial communications systems remains to be addressed. New NATO initiatives related to the AI strategy and the Innovation

Fund represent a positive sign from the point of creating the right conditions for dual-use technology solutions and the reinforcement of partnerships with a wider innovation ecosystem. Such a coordinated, agile innovation system is key for providing the necessary changes to the technical architecture and underpinnings of military ICT infrastructures. This would enable them to be defended and it would also assure mission-critical networks, as well as provide high-quality cyberspace situational awareness and the development of policies designed with the practical tools created to integrate particular cyber effects.



Cyberwarfare requires integrated technologies and bold decisions What advice do you have for military organizations to get ahead of cyber adversaries?

Chris Parker Director for Defence & Government, Fortinet

What are the major challenges facing a 21st-century military? Cyberspace has become a crucial battlefield for today’s military, whether dealing directly with cyber adversaries or having to address cyber attacks as a component of more traditional engagements. Part of the challenge is that technology and resources are in a nearly constant state of flux in today’s evolving digital environments. Devices move, fields of operation change, and the threat landscape constantly evolves. Agility and adaptability are essential for successfully staying ahead of cyber adversaries, and organizations that rely on complex and ageing networks and security infrastructures are at a distinct disadvantage. Creating and maintaining secure perimeters and ensuring continuous communications between disparate systems to detect and respond to threats can consume a significant volume of resources that could be better spent elsewhere.

Naturally, military organizations such as NATO have a unique environment and complex chains of command that need to be considered. However, as with any large, multinational enterprise, they also face many of the same challenges: distributed systems, limited budgets, a shortage of skilled IT staff and high turnover. Fortunately, much of that can be overcome simply by reducing complexity. Most security infrastructures are a form of accidental architecture with solutions selected and deployed ad hoc. Most large enterprises have nearly 50 different security solutions in place, and responding to a cyber event requires as many as 20 of those solutions to work together. Unfortunately, few solutions are actually designed to interoperate. As a result, many organizations spend as much as 40% of their staffing resources on building and maintaining workarounds and not-so-temporary fixes to get disparate technologies to work together. Even then, trying to identify and resolve cyber events through multiple management consoles is time-consuming, tedious and expensive. Even worse, manual processing is highly prone to human error. Such complexity is part of the reason cyber attacks are so successful. On average, it takes six months or more to detect a network breach, and months more to remove infiltrators from a network. As a result, the advantages

of having multiple solutions running on a single platform and designed to function as a unified system cannot be overemphasized. One of the most significant advantages of this sort of deep integration is that it enables centralized management, allowing security teams to see every device across the network, centralize data collection, ensure consistent configurations, correlate threat intelligence and automatically initiate a coordinated response to a detected threat. Accordingly, risks and overhead costs go down.

What about next-generation technologies? Are advanced solutions, such as artificial intelligence (AI) and machine learning (ML), still too complex to be deployed effectively? Next-generation technology can transform data and device safety. And, theoretically, deploying multiple tools to create defence-in-depth should be the most effective approach to cybersecurity. However, a layered defence system built using tools that don’t natively communicate or interoperate is no match for today’s threats. Instead, a unified platform is crucial to increasing visibility and enabling automation. In my experience, an integrated security platform that includes advanced tools can detect and respond to many of today’s most sophisticated threats, even those currently unknown. It delivers that layered defence that organizations want while eliminating complexity.


And, because its advanced technologies are designed to operate as a unified solution, a platform provides better security than any collection of disconnected devices, no matter what features or functions they may include. In addition to interoperability, in today’s hyper-performance environments automation is vital. Cyber attacks are often measured in microseconds, and security solutions need to detect and respond to such events in real-time. That’s why AI and ML have become crucial for things like threat detection and countermeasures. Fortinet already has these technologies embedded in all its security devices to make interoperability between technologies even more effective by enabling split-second response to active threats.

What about the cloud? Governments around the world have begun to move their unclassified data and applications to the cloud. Military organizations should likewise consider taking advantage of the flexibility, cost efficiency and ease of control provided by cloud services. Like any organization with complex sets of data in use, this will require a hybrid approach that combines public cloud, private cloud and traditional data centres into a single solution. And that’s where hybrid, multi-cloud strategies quickly become complicated. That’s because each cloud environment uses its own devices, hypervisors and operating systems. As

a result, security solutions designed to operate natively in one environment are often unable to easily maintain policies and configurations as data and applications move to another cloud or on-premises environment. Fortinet has solved this problem by building fabric connectors and advanced SD-WAN technologies that allow disparate cloud environments to operate as a single, integrated system. Data, workflows, and applications can move seamlessly between environments without compromising security.

time, international policies must reflect the reality that cyber crime does not recognize or respect political boundaries.

At the same time, strict segmentation and zero trust protocols ensure that users and devices can only access those resources to which they have been explicitly granted access. Such technologies allow cloud environments to be combined with on-premises security solutions to protect sensitive data.

Because network infrastructures are evolving rapidly, networking and security must work as a single system, allowing connectivity, access control, deep inspection, and advanced routing and switching to operate in unison. This securitydriven networking approach allows security policies, enforcement and visibility to follow data and applications end-to-end, regardless of where users, devices and applications are located.

Should a new defensive approach be considered to move effectively and securely into the next era of digital innovation? Indeed! Cyber threats are rising in complexity and sophistication. Neither the largest and most capable government nor any single private sector firm has enough data or analysts to have complete visibility and contextual understanding of all threats. Closing this gap requires close public/private partnerships if we want to address the growing rate of cyber crime, cyber terrorism, state-sponsored cyber espionage and electronic warfare. At the same

Combining cybersecurity awareness training with AI-powered prevention, detection and response technologies integrated across endpoints, networks and the cloud is essential in the fight against our cyber adversaries. And, going forward, the best integrated security systems must go well beyond just getting solutions to work together.

This sort of fresh, technology-driven approach would allow NATO – or any large, complex, international organization – to operate more safely and securely, swiftly reduce new risks, maximize resources and enhance operational capabilities.


The celebration for the 70th anniversary of the NATO Defense College took place in Rome in November (PHOTO: NATO)



Christina Mackenzie asks Dr Stephen J Mariano, Dean of the NATO Defense College, what sort of critical training the college delivers and how the syllabus has been adapted to address the changes in the geopolitical climate 38


In the 70 years since General Dwight D Eisenhower had the idea of creating a NATO Defense College (NDC) in Paris, “we have stayed open the whole time,” even during the Covid pandemic when “we managed to keep the Senior Course going,” Dr Stephen J Mariano, Dean of the NDC, is proud to say. Over that 70-year period “we have educated more than 15,000 people,” he adds, and created a research division that publishes 30 publications a year and holds workshops open to the public. “We’ve also shaken off our reputation of being a bit stodgy!” he laughs. “We are modern, contemporary and fit for purpose.” The College moved to Rome in 1966, after General Charles de Gaulle pulled France out of the Alliance’s integrated command structure, and in 1999 relocated to a military base in Cecchignola, a neighbourhood in the south of the city. The NDC’s missions is to ensure the cohesion and effectiveness of the Alliance, and its three tasks are to provide education, research and engagement to government officials (both civilian and military) from 30 NATO Member States and nearly 40 strategic partnership nations. “They constitute 99% of our student body. The remaining 1% is made up of the occasional applicant from non-NATO entities, such as the International Committee of the Red Cross, and by officials about to take up senior positions in international organizations,” Dr Mariano explains.

General Dwight D Eisenhower had the idea of creating a NATO Defense College (PHOTO: PUBLIC DOMAIN)

NDC CURRICULUM Most of the courses (the Senior Course, NATO Regional Cooperation Course, Senior Executive Regional Conference, Modular Short Courses and Modular Short Course Partners Integrated) are for students typically in their 40s, in the mid to upper range of their careers. But the ‘GFOAC’ is for Generals, Flag Officers and Ambassadors. Most courses last one week, except the core Senior Course, which lasts six months, and the Regional Cooperation Course that lasts 10 weeks. It is neither entirely up to the individual to apply for a course, nor their employer. “It’s a little bit of both,” remarks the Dean. The NDC announces the dates for the courses via the human resource (HR) departments at the ministries of defence and NATO’s own HR department, and then accepts candidacies from individuals, “but only if they have the support of their country and supervisor.” Each course is limited in numbers, so nations negotiate for places on each one. If nations want more places than are available on a particular course then they might be offered seats on an alternative or later course. “We need to have both an equitable national distribution and a balance between the military and the civilians,” Dr Mariano explains.

NATO Secretary General Jens Stoltenberg gave an address at the NATO Defense College 70th anniversary event (PHOTO: NATO)

The Senior Course, which is the course that has been going non-stop for 70 years, is held twice a year: from February to July and from August to January. It aims to better prepare the 80 or so students of each intake for the senior appointments they are likely to hold in NATO or in NATO-related duties in their own countries.



The NATO Defense College in Rome, where representatives from Italy’s military (below) received recognition for their support during the 70th anniversary celebrations (PHOTOS: NATO DEFENSE COLLEGE)

THE FACULTY AND STAFF Among the 50 or 60 academic staff at the NDC, 20 are faculty advisors who design the curriculum and lead the discussions inside the committees to which each student is assigned. The College also relies heavily on adjunct professors or guest speakers, who are paid a fee for their services. Dr Mariano explains that the courses are designed to “raise the students’ NATO, strategy and emotional quotients”. The subjects taught are always directly related to NATO, but keep pace with the times. “Five years ago, we didn’t teach anything about China,” he remarks. “Twenty years ago, we didn’t talk about terrorism, and we will soon be talking about climate change because rising sea levels will impact ports and navies.” On the strategic level, the courses allow students to see the big picture, “to raise their aim point from the tactical to the strategic level.” Last, but by no means least, by putting the students in committees where they are forced to reach an agreement, so that their committee can submit its study project, “we raise their emotional quotient: they learn to negotiate and reach agreement.”


For Dr Mariano, the NDC has a vital role to play in securing NATO’s future amongst the Member States “because the courses provide a unique opportunity

for the students to network, but also to connect with faculty advisors. The ’Anciens’ (alumni) association is very strong.” The year 2021 also marked the 50th anniversary of the Conference of Commandants, where leaders of institutions of professional military education meet. “It has built cohesion. It’s where leaders share their best practices. Before Covid, we were already talking about digital transformation and holding classes via video link,” he smiles. The NDC is a mirror of all the strategic issues that face NATO, so the Alliance’s concerns are also those of the College. “We are tackling all the agenda items addressed at the NATO Brussels summit,” Dr Mariano stresses.


The NSO’s resident instructors bring experience and knowledge from more than 20 different NATO Allies and partners (PHOTO: NSO)


OBERAMMERGAU Commandant of the NATO School Oberammergau (NSO) Colonel Michael A Davis tells Simon Michell how the NSO enhances the Alliance’s capability by exposing NATO personnel to strategic insights on key issues and policies

How does the NSO help NATO Members gain insight and understanding of the Alliance strategies, policies and doctrine?


The NSO assists NATO members to gain insights into Alliance strategies, policies and doctrine via the promulgation of more than 115 different courses in nearly every NATO education and training discipline. As one of the Alliance’s largest individual training institutions, the NSO serves a central role providing a weekly forum for up to 300 students, our resident instructors with experience and knowledge from more than 20 different Allies and partners, as well as multiple guest speakers from across the Alliance to exchange information and




The facilities at the NSO also include a conference venue that enables Alliance and national entities to host events (PHOTO: NSO)

ideas on the most relevant NATO topics of the day. The NSO also serves as a conference venue, allowing key Alliance and national entities to use the NSO facilities’ in-house expertise to host their events in the beautiful surroundings of Oberammergau. The International Staff’s Defense Policy Planning Symposium each spring is a wonderful example of the nexus of the NSO and NATO bodies, while the US Army Europe/Africa Combined Training Conference is another instance of the NSO hosting a high-level, multinational event in support of an ally and their aims in the transatlantic/ NATO area of responsibility.


What events and courses are key to imparting this knowledge across NATO Member States?

The key events and courses are numerous, but to highlight a few, I would focus on the Operational Planning Courses, which are critical to many of NATO Headquarters (HQs), as well as the NATO Senior Officer Policy Course (SOPC). The SOPC is conducted twice annually and provides officers at levels OF4 to OF7 (Lieutenant Colonel to Major General) strategic insights on key Alliance issues, policies, changes and innovation. It includes guest speakers from throughout the NATO Command and Force Structures, academia and national ministries as well as key partner and regional players.



With which other learning organizations does the NSO collaborate and why?

The NSO collaborates with nearly 120 other organizations in order to provide the most relevant and insightful training for our audience. These include the other NATO Education and Training Facilities (NETFs), such as the NCI Academy, NATO Defense College (NDC) and NATO Special Operations School (NSOS), as well as the totality of the NATO Centres of Excellence (COEs) and Partnership Training and Education Centres (PTECs).



The NSO collaborates with a diverse range of military and civilian education institutions (PHOTO: NSO)

We also build bonds with national military universities and other multinational institutions, such as the Baltic Defense College. By collaborating with a diverse field of military and civilian education institutions we are able


The NSO offers more than 115 different courses in nearly every NATO Education and Training discipline (PHOTO: NSO)

to leverage the vast knowledge available, expose students to other viewpoints, utilize modern technology and focus on the adult learning model for the maximum utility for our students. By introducing our students to NGOs (non-government organizations) and various points of view, we offer them perspectives they might not hear in their NATO or national structures. Also, adhering to Chatham House Rules allows them and their speakers/instructors to exchange and explore ideas and concepts frankly, without their discourses being aired outside of the NSO. How is the NSO evolving its syllabus and knowledge delivery over the next few decades to ensure that they are future-proofed?


Evolution is the key to the success of any long-standing institution. Our entire Alliance is looking at this very question right now. Specific to the NSO, we have leveraged the coronavirus pandemic and see 2021 and beyond as just another opportunity for us to evolve our organization. We have worked diligently to develop a third of our curriculum to be able to be delivered virtually.


2021 saw us provide a more than 150% increase in student throughput online. While we’re quite proud of this accomplishment, each of these courses’ student

“Evolution is the key to the success of any long-standing institution” feedback questionnaires revealed successful course content delivery; however, nearly 100% of those trained desired a physical interaction with their peers. We will continue to maximize technology, enabling course delivery and speaker resilience via virtual training to ensure we are postured to support our Alliance today, tomorrow and beyond. Our efforts today should allow us to provide a 50% higher student throughput in the years to come (with both resident and virtual training), while providing ready and resilient options to our Alliance in times of pandemic, war or austerity. The NSO aspires to remain a reliable and respected NETF for our Alliance, future proofed against shocks and crises.



Digital transformation for a future-ready defence ecosystem as well as the ability to not only disrupt an adversary, but to also disrupt itself. A posture of agility, innovation and readiness in the face of the unknown is what is meant by ‘future-ready,’ and it is a posture that is enabled at the intersection of people, technology, and culture.

Angela Heise CVP Worldwide Defense & Intelligence, Microsoft

To be truly future-ready, we must innovate at the speed of relevance. The NATO Alliance defence ecosystem is not there yet, but I am heartened to see it moving in that direction, with digital transformation and digital engineering playing key roles.

What does it mean for a defence organization to be future-ready?

What is the role of Digital Engineering in a future-ready defence ecosystem?

The world is moving incredibly fast. Allied defence organizations face an extraordinarily complex global security environment, with growing global disorder and threats from both established nations and non-state actors. National security is challenged not only by traditional military postures, but also by geopolitical and civil unrest, terrorism, extremism, cyber/disinformation campaigns, climate change and population expansion, as well as migration and public health crises.

Every organization on the planet is becoming a digital organization, with software playing a central role. Defence organizations around the world are modernizing the way in which they build new mission capability, with Digital Engineering serving as the foundation. Digital Engineering includes all digital processes, methodologies and development models across the full system lifecycle, with focus on building and deploying new mission capability better, faster and in closer alignment with end-user needs.

Given this broad and rapidly evolving security landscape, defence organizations must maintain readiness in the face of traditional threats, while also preparing to defend against future threats and actors, many of which are still emerging or unknown. That requires a defence organization to demonstrate a great deal of agility,

Traditional defence development methods were (and in many cases, still are) very waterfall-centric, with emphasis on upfront requirements gathering and a ‘design-build-test’ sequence. When paired with traditional defence acquisition methods, it results in long lead times

where, by the time a system or capability is ready to be fielded, the requirements may no longer be relevant. Digital Engineering seeks to resolve that issue. The combination of Digital Engineering, modern software development methods like Agile and DevSecOps, and a strong digital backbone supporting modular, open architectures is critical. This ‘Digital Trinity’, as defined by some forwardleaning NATO Member States, helps accelerate innovation and transforms the way we design, develop, test and deploy new mission capability at speed. It is that innovation at speed that will enable Alliance defence forces to achieve a future-ready state.

What can defence organizations such as NATO do to support these future-ready initiatives? Governments and defence organizations are leaning into digital transformation as a key enabler of a future-ready force. However, technology and digital engineering are only part of the answer. Organizations such as NATO must also work to put the right culture, policies and processes in place such that future-ready initiatives can be successful. These activities include: • Reforming defence acquisition methods and contracting vehicles Traditional acquisition methods are antiquated and cumbersome, and they lack the agility and speed needed to procure the software-centric capabilities required by a modern,


future-ready force. They are also not conducive to a diverse and rapidly innovative vendor base, as they have a high barrier to entry that often precludes start-ups and non-traditional vendors from competing for opportunities.

commercial and non-traditional vendors. It also requires a common digital backbone, data and security standards and open, modular architectures to level the playing field and reduce integration time and challenges.

Factory or Allied Maritime Command’s (MARCOM’s) Maritime Information Exchange are great examples of this, demonstrating how commercial technology can be used to enable collaboration and new missioncapability development at speed.

• Encouraging and incentivizing healthy risk postures Many defence organizations incentivize their workforce and contractors to focus on the near-term, and to minimize risk at all costs. Incentives drive behaviour. To enable future-readiness, we need to position the Alliance defence ecosystem to disrupt and transform at speed and scale. That requires a healthy riskmanagement posture and a failforward mentality – not only in R&D arenas, but also while on-contract and during programme execution.

• Modernizing and improving defence culture The ultimate enabler of a future-ready defence ecosystem is people. Considering that, we must put greater emphasis on the defence-worker experience and put the right digital tools in their hands to foster increased collaboration, productivity, psychological safety and well-being in the hybrid defence workplace. Not only will that help attract and retain the best and brightest talent to this global defence ecosystem, but it will also help ensure their mental fitness, job satisfaction and ability to innovate the mission across the long term.

We work with organizations such as NATO and coalition partner nations to help them understand their data objectives, governance policies and challenges, and support them through their digital transformation journeys to truly harness data as an asset and elevate it to insights. We also work to enable hybrid environments for global defence clients, with two recent examples from the United States (US Department of Defense ‘Commercial Virtual Remote’ environment) and Australia (AUS Department of Defence’s ‘Virtual Environment for Remote Access - VERA’). These hybrid environments are here to stay, and they are a critical element of a future-ready defence workplace.

• Leveraging more commercial/ commoditized tech Modern defence organizations need to be fast adopters of best-in-class technology, and they also need to build their own digital capabilities on top of existing commoditized tech. This requires defence organizations to reduce the barrier to entry for

How can Microsoft help NATO ensure that it is future-ready? Microsoft and the NCI Agency are partnering closely to support NATO’s digital transformation journey. Initiatives like the NATO Software


Enhancing NATO’s technological edge through excellence in C4ISR and cyber training 46

The NATO Communications and Information Academy’s (NCI Academy) aim is to reinforce NATO’s technological edge through excellence in cyber domain learning. With this in mind, we are ramping up our capacity to educate and train the NATO Command Structure and NATO Force Structure for current and future missions. Accelerating technological developments, however, are creating challenges as well as opportunities. In this article, we explore how technology impacts the NCI Academy’s efforts to future-proof the Alliance, by supporting the learning needs of our customers.


The NATO Communications and Information Academy’s Head of Learning Design and Development, Sebastiaan Tampinongkol, outlines the Academy’s efforts to ensure readiness and interoperability of NATO and national personnel, by providing the latest tech and cyber training

HOW TECHNOLOGY IMPACTS LEARNING CONTENT (THE ‘WHAT’) Quick technological changes have a large impact on the environment in which our customers do their work. Whether it is in Ballistic Missile Defence (BMD), the logistics domain or Deployable Communication and Information Systems (DCIS), technology reshapes the way work is conducted on a fundamental level. The area in which this is probably the most obvious is cyberspace operations, in which new threats require a constant offering of counter measures. In general, our customers need to know more, they need to deal with more complexity, and they need to learn new skills more swiftly. The NCI Academy’s core task is to help NATO prepare for that quickly evolving future. This requires us to be completely ‘tuned in’ to potential new requirements for education and individual training. For each new capability or emerging technology, we need to understand how this might impact operations and processes, and where new skills, knowledge or awareness is needed. This means creating strong relations in all the disciplines, other NATO entities and NCI Agency service lines to understand which technologies create immediate challenges for our customers, and which capabilities are coming down the line between now and three to five years out. We are embedding dedicated learning advisors close to the customers to work together on new learning solutions as early in the process as possible. Where new courses are required, we will focus on developing them in short iterations, and deploy them to the training audiences quickly.



HOW TECHNOLOGY IMPACTS LEARNING METHODOLOGY (THE ‘HOW’) In addition to the content of courses (the ‘what’), technology also impacts our training methodologies (the ‘how’). The Covid crisis has, of course, accelerated our move to remote training, but the strategy was already defined before the pandemic hit us. All our new courses are designed with a right balance between face-to-face training and online learning activities. This means we follow a few guiding design principles:

All new courses are designed with a balance between face-to-face training and online learning (PHOTO: NCI AGENCY)

From one size to personalized New courses are designed to cater for individual training needs as much as possible. In a classroom approach, where one group of 10 to 15 students follows the same content, this is challenging and mostly dependent on the flexibility of the instructor. As our courses evolve to include interactive digital formats, there are more options to adapt instruction to individual needs. This includes breaking up the course into smaller online chunks, and providing students with options for self-assessment to identify which topics they probably need to devote more attention to. This approach still largely depends on a human instructor, but it is enhanced with online elements and the option of ‘unlimited practice’ in parts students find difficult. Examples are online exercises to practise cyber skills such as threat detection or data recovery, short learning nuggets to explain how basic procedures are performed on a logistical planning tool, or a virtual reality module to practice an antenna setup sequence on a transportable satellite ground terminal, even without access to the actual kit.


Academy, we offer many system courses, but they are not always geared to the specific operational context of our broad range of customers. As emphasized in the previous point, by breaking up large courses into smaller online elements, we are able to create tailored and ‘just enough’ content that instructs students only on the parts of the system that they will use in their role and operational context. A good example of this is the ‘System of Systems’ (SoS) curriculum the NCI Academy is currently developing for the

From system training to ‘system-of-systems’ and role-based training A second design principle is to tailor courses as much as we can to operational roles. As an

BMD domain, with the first courses planned to be delivered in 2022. From simulation to immersion A third design principle pertains to the use of extended reality technologies such as augmented and virtual reality (AR/VR). Where possible and feasible, we aim to ‘immerse’ students as much as possible in the real operational context in which they will work. As it is impossible to do that physically for all students, we see much potential in recreating parts of the students’ work in AR or VR. This offers them a realistic view of the actions they are expected to perform in real life (eg setting up satellite communications in a deployed environment). It also allows them to practise sequences in the virtual world first to familiarize themselves with the equipment, procedures and potential hazards before touching the actual kit. In summary, although technology provides many new options for the NCI Academy to help our customers prepare for a quickly evolving future, it is not a silver bullet. Only by combining a close relationship with our customers to co-create new learning solutions and a new view of learning design will we be able to make significant progress in futureproofing the NATO workforce.

The Tactical Cross Domain Solution. COMP-LAND enables high-assurance unidirectional or bi-directional connectivity in extreme environments for multi-domain operations based on the NATO, EU and German SECRET approved SDoT cross domain solution portfolio.

Scan me for more.

Cybersecurity & Cross Domain Solutions for Defense since 1974 INFODAS GmbH I I +49.221.70912.0


Connecting Space with Passive RF deliver comprehensive solutions to prime contractors, defence ministries and space agencies, as well as to commercial actors in their efforts to develop, launch, operate and maintain these kinds of space assets.

Alexandre Thily Senior VP Sales & Marketing – Space & Communication, Safran Data Systems

How can Safran help military organizations like NATO observe, decide and guide? NATO and the NATO Member States’ military forces already employ Safran Electronics & Defense systems to conduct situational awareness activities and battlefield operations using a range of our products, including Safran visor goggles, guided bombs, navigation systems and the Patroller UAV, for example. However, the inclusion of Space as a battle domain, not only for Space-faring nations, but also for military organizations such as NATO, is a relatively recent phenomenon that has created a demand for new solutions. Space has always been an enabling capability for the warfighter, with the three main pillars of Communication (SATCOM), Navigation (GNSS) and Reconnaissance (imaging, radar and SIGINT satellites). Safran’s extensive space equipment systems and services

In what way can Safran’s extensive space systems solutions help military organizations attain greater space domain situational awareness? The threat that the increasing amounts of space debris already pose to space activities – both existing and planned – has been in the public- and commercial-sector consciousness for many years. However, this threat is now compounded by the recent emergence of Space as an operational domain for the military. Offensive capabilities such as anti-satellite (ASAT) missile systems, alongside the emerging tactic of potential adversaries manoeuvring their satellites into close proximity of western satellites, has increased the overall threat level. Fortunately, Safran Data Systems’ WETRACK space-domain awareness commercial service, which uses Passive RF technology, furnishes operators with a persistent, day/night tracking capability. WETRACK is able to monitor all space-based objects that are using a Radio Frequency. This accounts for practically all satellites being controlled by organizations undertaking space-related activities. This additional ‘awareness layer’ complements other intelligence

gained through alternative means such as optical observation, radar surveillance and in-space inspection. However, thanks to the fact that WETRACK senses via the Radio Frequency spectrum, and not the visible (optical) spectrum, the range of information it can garner is enormous. It includes information gathering on pattern of life and habits of operation, as well as RF signature capture – so-called RF fingerprinting. All this intelligence creates the ability to individually identify each satellite and create an ID card archive of satellites, in addition to the essential information regarding location and manoeuvring. As yet, there is no single ‘magic sensor’ able to deliver high fidelity, comprehensive Space situational awareness. That said, Safran’s passive RF and WETRACK services bring a whole new level of understanding of space objects, and their likely intentions with regard to manoeuvres. These two capabilities also enable users to alter and prioritize the interactions between the different monitoring sensors in use.

How important was winning the NCI Agency’s Pitch Session in June 2021, and why? It was indeed a great honour and achievement for our system to be recognized by NATO as an innovative and readily adoptable solution for tackling the immediate challenges in space. But Space Domain Awareness is a growing challenge – one that is pertinent now. We cannot wait five or seven years to fully assess the threat before we establish a doctrine and


then a major space capacity programme to mitigate the threat. Space forces such as the US Space Force and the French Space Command understand this perfectly well. Winning the Pitch Session is not only a victory for Safran Data Systems, it is a victory for the entire community of commercial sensor data and analytics providers. It clearly demonstrates that commercial services are the most readily available solutions for Space organizations to start building their own awareness capability, so that they can develop their own policy and doctrine in an agile manner, learning as they go while adapting to the challenges. And, from Safran Data Systems’ perspective, it is testimony to the maturity of Passive RF technology as we now have a clear indication as to its utility. The space sector has finally grasped its benefits, and understands it brings value to a collaborative approach of multiple types of sensors. This is a great achievement and a fantastic token of recognition for our technical and business development teams, who have done incredible

things over the past five years. Winning the NATO Pitch Session brings, on the one hand, a lot of visibility for WETRACK among NATO organizations and NATO Member States, and, on the other hand, extends the scope of opportunities for Safran to interact with Space Operations staff and help them meet their challenges.

What exactly did the winning solution consists of, and how does it enhance space situational awareness? Our winning pitch was built around Safran’s mature WETRACK Passive RF space domain awareness solution, which we presented as a cornerstone for going beyond the ability to just monitor object position and movement. We highlighted the significant depth of the level of information available in the RF spectrum for Space objects, and their intentions. It covered things like identifying variations in satcom traffic, geolocating interference emitters and transmission originators. In essence, it is actually about connecting the mission of Space Domain Awareness with the GEOINT mission on the ground. RF is the link that connects

these two physical worlds (Space and Ground). It is also the very foundational technical layer that is common to both domains. We strongly believe in the expansion of Space Domain Awareness to Space & Spectral Domain Awareness. It is why our technology and product team was renamed ‘Satellite Communication & Situational Awareness’ in 2018. While Space Domain Awareness is a relatively young field that needs fresh talent and skills, including DevOps, we have enormous confidence in the GEOINT tradecraft being able to bring plenty of resources (software, information systems, skillsets and talent) to the Space Domain Awareness agenda with minimum effort. We are very much looking forward to connecting these two worlds; after all isn’t Safran Data Systems’ motto: ‘Connecting Space’?





NCI Agency Senior Scientist Germano Capela tells Simon Michell that military organizations such as NATO can benefit from 5G technologies, but they need to be proactive and make their voice heard in order to ensure the technology evolves in a way that doesn’t prevent its use in military operations

IN DEPLOYED OPERATIONS By delivering higher data rates, increased network density and lower latency (less delay) 5G is expected to support a wide range of military use cases and applications. There is no doubt it can significantly contribute to improved situational awareness, enable various command and control (C2) services and contribute to better-informed and faster decision-making. It is no surprise then that the NCI Agency has been assessing and maintaining a technology watch over 5G, having been tasked by NATO Allied Command Transformation to develop technical concepts for two priority application domains – deployed headquarters (HQs) and maritime operations. The NCI Agency is already making significant progress. 53


compatible with transportability, deployability, ease of operation and spectrum supportability requirements of operations.” Even though 5G is primarily designed to maximize efficiency and value for mobile operators, stakeholders in industry and commerce have been able to influence and tailor its development according to their specific requirements. The public safety and automotive sectors are pioneering the use of 5G in non-traditional scenarios for information management technologies (IMT), having already successfully achieved the specification of critical features for their respective fields. “Following an identical approach, NATO can leverage this technology and implement cost-effective and interoperable solutions to suit mission requirements,” explains Capela. “This means making sure that the technology complies with the various infrastructure, communications and security requirements. 5G is a spectrum-dependent technology, therefore it can be leveraged by NATO forces in scenarios where spectrum is available, not contested and where 5G can be made compatible with other radio systems.”


New features of 5G include means of countering interference that will make communications more robust (PHOTO: NATO)

NCI Agency Senior Scientist German Capela, an expert in this field, was recently awarded the ‘Best Paper’ citation with fellow authors – Luis Bastos and Warren Low – for a seminal report, ‘5G in Deployed Operations’ at this year’s International Conference on Military Communications and Information Systems (ICMCIS). The award-winning paper proposed novel contributions to the military communications scientific community by developing a proof-of-concept experiment for two scenarios – a small operational deployable HQ and a coastal communications system.


Capela considers 5G as an augmentation technology. “It is not meant to replace an existing military-grade technology, but rather coexist and complement it.” According to Capela, “effective and reliable command and control in deployed operations poses demanding requirements for communication and information systems (CIS). The utilization of wireless systems is essential to enable mobility, but needs to be

Military environments, particularly in threat or combat zones, involve high-tempo activities and the need to operate under contested electromagnetic conditions. In these circumstances, military users need simple-tooperate, reliable, resilient and secure communications systems. 5G is a carrier-class complex technology that is primarily designed to serve commercial mobile cellular applications using licenced spectrum and providing very high traffic densities. However, 5G brings new technical features that can make its use more robust in many military application scenarios. According to Capela, those new enablers help counter interference. It also offers device-to-device modes, which allow standalone operation without background infrastructure. “As such, 5G should be considered an augmentation technology with the potential to address a number of military scenarios – from benign to low-threat scenarios – and provide significant benefits to the military in many cases. 5G also brings new technical features that can be exploited and can make its use more robust in many military settings. Those new enablers are software-based approaches, O-RAN concepts, advanced beam forming, use of millimetre-wave radio frequencies, device-to-device modes, improved security, network slicing and so on. If correctly


Developing technical concepts for maritime operations was among the tasks given to the NCI Agency by NATO Allied Command Transformation (PHOTO: NATO MARCOM)

“[5G] is not meant to replace an existing military-grade technology” exploited, those features could be a very costeffective complement to nominal military-grade communications technologies.”

to raise awareness of military application requirements and specificities; and extensive experimentation, testing, and validation of the technology.

In order to mitigate the risks identified, early and deep involvement of the military communications and information systems security communities is critical. This consists, for instance: in the coordinated involvement of the defence community in the specification processes at standardization bodies, such as the Third Generation Partnership Project (3GPP) organization; permanent engagement with industry,

“Our paper aimed at laying the foundation of the combined 5G testbed hosted by the NCI Agency to support testing of highly deployable and maritime applications sometime in the near future. The development of the Multinational Collaboration on 5G (MN5G) project that the Agency is facilitating can be the enabling vehicle to support a defence vertical in long-term 5G development,” Capela suggests.



Accelerating NATO’s digital transformation with 5G and network automation delivering high-definition video in real time. Autonomous or semiautonomous unmanned systems could be programmed to patrol the perimeter as part of that network.

Philippe Agard

Benoit Leridon

Global Head of Defence Market Segment, Nokia

IP Pre-sales Director for the Enterprise Market, Nokia

How can Nokia support NATO’s digital transformation?

which NATO wants to implement across the Alliance – from the strategic domain of command and control (C2) HQs all the way to the tactical edge – can be achieved with 5G.

Philippe Agard: NATO’s digital transformation is being supported by the very latest ICT equipment and networks to significantly improve its agility and efficiency. This is exactly what Nokia can offer. We have many large-scale IP/optic transport networks (aka WANs – wide area networks) already deployed across the Member Nations. These largescale WANs interconnect Defence ministries and other big bases, and as such are already supporting NATO’s digital transformation. They will also play an important role in the evolution to 5G, as well as the interconnection of datacentres, in which increasing numbers of AI-based applications are run. All these elements will be strong enablers of NATO’s next digital transformation steps. However, they will have to evolve to support Network Automation, using Software Defined Networks (SDN). We believe that many of the digital transformation goals,

Using lessons learned from our civil-sector operations and as a key Industry 4.0 player, we can transfer some of the commercial activities into the defence community. In particular, we can help implement smart bases, smart logistics and immersive training. On the commercial side, we have delivered a private 5G system to Lufthansa to develop table-top inspections, as well as for an Augmented Reality use case, which has helped them maintain MRO (maintenance repair and overhaul) activities during the Covid pandemic. Taking the specific requirements the military have into consideration, this sort of capability could be delivered to 5G-enabled smart bases. These smart bases could also enhance perimeter security with 5G, having different sensor types all connected together on the same network

These themes are regularly discussed within the NATO STO Research Task Group (IST-187), which covers 5G applications for NATO operations, and we expect the pace of 5G adoption for defence to accelerate among Member Nations. A particularly appealing aspect of 5G is the ability to manage on demand, differentiated Quality of Service (QoS) per application, thanks to network slicing.

What is network slicing and why is it beneficial? Benoit Leridon: Different use cases have different network performance requirements. Some require highbandwidth, others need very low latency (response time). If you take the ‘remote maintenance’ example, think of having a subject-matter expert (SME) in a remote base and a mechanic working on a jet fighter engine somewhere else who needs some additional help and expertise. This can be provided using AR goggles with an application running in the private cloud. Obviously, you need to have guaranteed throughput and response time from (and to) the mechanic’s AR goggles. To achieve this, you create a dedicated 5G virtual private network with predefined levels of performance for bandwidth and latency. This is what we call slicing. It is a mechanism to dynamically manage the QoS needed from the network for a given application.


You need to be able to create this virtual end-to-end 5G slice, including through the WAN – through the transport network that connects the two. It is not just at the radio part; it includes all the connectivity between the two sides, and you need to create it at service activation and close it once it’s finished. To be able to do that in such a dynamic fashion you need to automate all your network domains, including the WAN, and orchestrate them so that the required performance is delivered end-to-end. Such 5G slices will be used for services running on private 5G defence networks, but some of them will go through commercial 5G networks as well. So it’s important that the 5G slice can be orchestrated in such a diversified environment. We have already proven some of this capability with the Norwegian Ministry of Defence as part of our role in the EU-funded VINNI project.

Can you explain transport network automation and its benefits? Benoit Leridon: In traditional networks, the intelligence is in the nodes. For example, a router must know all the topology and have all the information about the network, but in very large networks and in some complex scenarios this is not enough. To solve this challenge, Nokia developed an SDN controller to provide a centralised view of the entire transport network (microwave, optics, IP routing and so on). It receives live information from the network, such as specific KPIs for things like load on the links and latency

between points, to monitor its performance in real time. With this centralised brain, your network can now provide a live, dynamic map of itself. It is the first entry point to an SDN where this central tool can start orchestrating the network automatically. So, coming back to our AR-based maintenance service, a path will be defined automatically in the WAN with the required level of performance, to connect the base where the mechanic is with the remote expert. If, for whatever reason, the network speed suddenly drops, this will be detected and another network path will automatically be found to re-route the traffic and maintain the performance level. Another strong benefit is network resilience enhancement. For instance, you can check that your main service is not on the same duct as your back-up, which could result in the complete loss of connectivity. It’s also a way to facilitate the support of legacy TDM-based services. If you are losing expertise in TDM technology, the network manager can compute and establish a network path connecting the two service endpoints. This hides the TDM technology complexities, and eliminates network and traffic engineering efforts, thus allowing operators to confidently carry out a TDM migration.

communications, computers, cyber, intelligence, surveillance and reconnaissance) systems. Increasing numbers of C5ISR applications will be run on distributed private cloud infrastructures, and will need access to data that may be generated and stored in many different locations. This combined central and edge cloud delivery model requires lots of agility from networks, which are becoming more complex. Only WAN automation will allow you to interconnect your different datacentres and applications with the speed and agility expected. The NATO Industry Forum facilitates fantastic discussions on how to embrace innovation and disruptive technologies from civil industry at a greater pace. If a nation’s Defence personnel, bases and assets are all connected via 5G, the ability to increase decision-making speeds, as well as the relevance of those decisions, improves as situational awareness from the edge can reach the central or deployed HQs faster. It also has implications for ground vehicles, vessels and air platforms that are operating alongside unmanned systems. Moreover, access to an almost limitless number of sensors enables the Military Internet of Things (IoT) to cover more elements, providing much more data than before. The more data you have, the richer your analysis and the better your decisions.

What benefits can C5ISR systems achieve with this technology? Philippe Agard: These wide area transport networks are a key piece of NATO’s C5ISR (command, control,







Dr Luis Astorga, Chair of the Agency Supervisory Board, which oversees the NCI Agency, explains to Simon Michell which technology priorities the Agency is addressing in order for NATO to maintain parity with potential adversaries

You took up your functions as Chair of the Agency Supervisory Board (ASB) this year. What do you see as priorities for the NCI Agency?


The current priorities for the NCI Agency were A initially set by the ASB in 2019. In broad terms, the Agency was tasked to focus on four areas: – strengthening core business; – adaptive support to NATO’s core tasks; – strengthening the NATO enterprise’s cyber resilience; and – enhancing NATO’s digital modernization. The new General Manager (GM), Ludwig Decamps, is currently working on his strategic plan, which is aligned with the four priorities I have just mentioned. He will, of course, add his own vision to deliver in those four core areas. But, in principle, the GM is working on helping the Agency improve its service and capability delivery in support of the NATO agenda, as well as establishing and improving partnerships inside NATO so that the Agency is more effective. Naturally, a key contributing factor is the NCI Agency’s ability to hire and retain the best possible staff to enable continued success.


What do you think are NATO’s greatest technological challenges and opportunities?

The greatest challenge NATO has is to stay at the required technological edge to outpace potential adversaries. As you know, the world is changing very fast, not just in defence, but across the whole spectrum of society. We are seeing the introduction of new technologies such as the Internet of Things (IoT) and new ways of working. We need to adapt to this new world, and this is going to be a challenge.


NATO needs to adapt its IT capabilities and services to be able to operate in that very complex interconnected world in a secure, effective and fast way. Meeting that challenge head on is key for the Organization. That said, disruptive technologies such as artificial intelligence (AI) and machine learning (ML) have already begun to offer possibilities to improve our performance by harnessing the power of our data. It is difficult to forecast the future exactly, but NATO will be much more interconnected going forward, and some of the processes that are undertaken predominantly by people, will be done by a mix of



NATO’s challenge is to maintain its technological edge in order to outpace potential adversaries (PHOTO: U.S. AIR FORCE)

How important are emerging and disruptive technologies such as AI and ML to the Agency’s future capabilities?


NATO has already started implementing AI and ML into its working processes. This is not yet at the level that we will see in 20 or 30 years’ time, but nevertheless it is a good start.


people and machines, supported by AI and ML. We are already doing that to some degree, but the extent of this human/machine teaming will increase. What we intend to do is speed up our decision-making capabilities so that they are both faster and better than our adversaries. How will the ASB support the Agency in its work to keep NATO at the forefront of the technological race?


The ASB meets every month and has a very close relationship with the NCI Agency’s GM and his senior supporting staff. We regularly discuss their needs, as well as the concerns of the Alliance Member States. As you might expect, the ASB has a governance action plan, which is closely coordinated with the NCI Agency’s own plans and activities.



The ASB provides strategic and operational direction to the Agency. This direction and guidance should focus the

Agency’s capacities on delivering against critical endeavours. The NCI Agency is NATO’s main and most important IT provider and, as such, it has an essential role to play in NATO’s modernization. The ASB needs to focus efforts on these priorities, but also to recognise that this is an enterprise-wide effort, which requires contributions from a host of other Alliance entities, governance bodies and organizations – not least Allied Command Operations, Allied Command Transformation and the International Staff. The Board needs to ensure that the NCI Agency is ready and able to cooperate on key transformative initiatives, such as DIANA – Defence Innovation Accelerator for the North Atlantic. In general, the core entities and organizations of NATO look towards the Agency for its support. So what the ASB needs to do is ensure that the Agency is able to meet the demands made of it by the wider NATO community.

We recognise the potential of quantum computing, but understand that the technology is not yet sufficiently mature to take into our IT processes, probably not before the end of the decade. It is clear that if we are not able to incorporate these technologies into our IT processes we will fall behind our adversaries. That is the challenge. Again, this is an enterprise-wide effort and we need to incorporate industry and the nations. We must make sure that NATO doesn’t reinvent the wheel in this respect. DIANA is going to be a great initiative to hold all of these things together. The political decision to create DIANA, which was recently taken, was an excellent step in the right direction. So, now we need to implement it and ensure it works. The Agency will need to work closely with DIANA in many areas. That said, DIANA will have a wider scope of focus than just IT.

Connect Classified Domains Transfer, share and control any data with NATO SECRET approved Cross Domain Solutions

Data Diode Patchmanagement Security Gateway / Guard Data Classification / Labelling

Scan me. Learn more.

Cybersecurity & Cross Domain Solutions for Defense since 1974 INFODAS GmbH I I +49.221.70912.0

infodas_Anzeige_NITECH - I - 210415.indd 1

20.05.2021 10:01:35



In 2021, the NCI Agency began a project to upgrade NATO’s recognised air picture exchange by building a brand new platform. Simon Michell asks NCI Agency Principal Project Manager Pablo Moreno what this will entail and how it will improve NATO readiness

According to Pablo Moreno, NCI Agency Principal Project Manager, the long-term vision for NATO’s recognised air picture (RAP) exchange is to support the Alliance’s air policing mission with a secure and fully interoperable Link 16 network: “The goal is to replace the Link 1 Tactical Data Link (TDL) standard with Link 16 over Joint Range Extension Applications “C” Protocol (JREAP-C).” 62

Funded by the NATO Security Investment Programme, the new network will be used by operators to exchange information in order to contribute to NATO’s real-time RAP, which is essentially a listing of all the aircraft in flight within a particular airspace. “This is an important step for NATO, not only at a technical level, but at the operational level too,” explains Moreno.




A formation of NATO fighter jets made up of F-16s from Norway and Eurofighters from Italy carries out air policing over Lithuania (PHOTO: NATO)

It is a complex project requiring the coordinated efforts of not just NATO itself, but also individual Alliance Member States. The reason for the international dimension is because the NATO Integrated Air and Missile Defence System (NATINAMDS), into which the RAP feeds, includes sites from both the NATO Command Structure (NCS), which is managed by the Alliance, and the NATO

Force Structure (NFS), which is managed by the Member States. “In total, we are talking about 54 Air Command and Control (AirC2) units, located in 46 sites, spread across 27 nations,” explains Moreno. “Most of these sites are managed by the respective Nations, and have different systems and interconnections in place. We need to make sure that the NATO enterprise 63


The upgraded network will enable increased communications security and the ability to exchange more information (PHOTO: NCI AGENCY)

footprint and security levels are the same in all of them. In simple terms, all the sites will access the platform the same way,” Moreno confirms. Another reason for the upgrade is the fact that the existing NATO RAP exchange is based on legacy point-to-point circuits, which require very expensive leased lines. In addition to the main modernization effort, some national capabilities at these sites may also require upgrades in order to ensure full interoperability with the Link 16 RAP network. However, according to Moreno, this would be the responsibility of the individual countries.

THE BENEFITS Once in place, the new platform will enable a smooth transition to a modern mesh-topology logical network, which will provide the flexibility to tailor the system to different scenarios, covering the permanent ‘overwatch’ mission, as well as specific exercises and missions. NATO will also be able to manage the end-to-end quality of service, which is so essential for guaranteeing the network performance required by real-time operations. Moreover, it will prevent the RAP exchange from being affected by other types of data traffic transiting critical segments of the network, such as heavy file transfers or video streaming.


In short, the new network will ensure that communications are more secure, while allowing operators to exchange more information than ever before. It will not only be more flexible, but will also have the ability to share more detailed information than the current network does.

As one would expect, the existing management rules and procedures are being revisited to take advantage of the new capability. Concepts like the Reporting Responsibility (R2) will evolve with the change in technology, moving from an environment that is currently organized by geographical areas to a more sophisticated one, based on position-quality of the aircraft sensor tracks.

THE NCI AGENCY’S ROLE The NCI Agency is currently supporting this endeavour from two different perspectives. Firstly, as IT service provider, building the new platform at all the sites, and secondly, by providing support to Allied Command Operations (ACO) and Allied Air Command (AIRCOM) in the development of the procedures required to operate with the future Link 16 network. So, when is the new system due to enter service? “The implementation phase started in March 2021 with the installation of some of the core capabilities. It will continue non-stop throughout 2022 and 2023,” says Moreno. During this time, the new equipment will run in parallel with the current Link 1 infrastructure. It will also facilitate the Operational Testing and Evaluation (OT&E) phase, including the new procedures. Initial Operational Capability (IOC) is currently planned for the end of 2023. After IOC and the formalization of the sunset date of Link 1, the existing legacy infrastructure will be fully decommissioned. “There is a lot to be done by all the stakeholders. But, so far, and despite the Covid-19 crisis, everything is progressing on schedule,” Moreno is proud to confirm.

Solving to get more pilots cleared for takeoff. Google Cloud is helping the US Department of Defense to modernize their flight training and make it more efficient, dramatically increasing access for flight personnel.

What are you solving for?

DOA_Ad 5.27.indd 1

5/27/21 10:20 AM


INSIDE THE CIO’S OFFICE Manfred Boudreaux-Dehmer, NATO’s newly appointed Chief Information Officer (CIO), outlines his priorities and highlights his intention to lean into education and training to expand ICT career paths at NATO Q

What are your main priorities for your tenure as NATO Chief Information Officer?

First, let me preface my answer with the disclaimer that I only recently started in my position and that my vision for ICT at the NATO enterprise is still evolving. The landscape is incredibly complex in that it extends over 41 civilian and military bodies with 25,000 users. From my current vantage point, I see our guiding star to be synergy across two plains:


Internally – with people, processes and technology. We have incredible ICT talent at NATO and our continued ability to attract and nurture the very best professionals is paramount. One of our lines of work will be training and education with a goal to expand and optimize ICT career paths within the organization. Many processes across the enterprise have grown organically, and adjusting existing structures is no small task. The North Atlantic Council (NAC) only recently approved the creation of the Office of the CIO (OCIO) and this puts the onus on us to quickly create new interfaces and to establish productive working 66

relationships with existing committees and boards. This includes the Consultation, Command and Control Board (C3B); the Cyber Defence Committee (CDC); the Security Committee (SC); the NATO Communications and Information Agency Supervisory Board (ASB); and others. We also have strong linkages with the financial community via the Resource Policy and Planning Board (RPPB) and the Budget Committee (BC). From a technology perspective, we intend to further the conversation of how to responsibly gain advantages through artificial intelligence (AI) and data exploitation. We are weighing in on the ‘cloud versus on-premise’ question, which is heavily influenced by security, national sovereignty and general commercial concerns. Externally, we need to ‘deepen the well’ of knowledge and available resources that comes from the triple-helix of innovation: government, industry and academia. The recent establishment of the Defence Innovation Accelerator of the North Atlantic (DIANA) and the creation of the NATO Innovation Fund are quantum leaps forward in engaging with private-sector innovators as enablers for emerging and disruptive technologies.


Industry can help us deal with the demand fluctuations resulting from project-driven workforce planning. We look to the private sector for expertise and help with process execution, in addition to capability development. This will get us closer to implementing the NATO 2030 agenda, which strengthens the Alliance’s ability to face tomorrow’s challenges. The OCIO is a champion for synergy in the ICT realm to help contribute to NATO 2030.


What sort of ICT cohesion imperatives will you pursue?

On the strategy front, we are advising and coordinating activities across the 41 entities of the NATO enterprise relating to AI, cloud computing, data exploitation and Information Knowledge Management (IKM). Specifically, AI and Cloud Computing will be in our Digital Transformation Action Plan, which we intend to finalize soon. We are in ongoing discussions about the Data Exploitation strategy, where we see its coalescence in the first half of 2022. Our agenda includes redefining roles, responsibilities and authorities with our Allied Command Operations (ACO) partners.


For capabilities, we see ourselves advising decisionmakers on enterprise requirements, working closely with Allied Command Transformation (ACT), driving ICT coherence across the enterprise portfolio of capabilities and services, and advancing our digital workplace efforts. From a process perspective, we advise on and manage Service Level Agreements (SLAs) for the enterprise, while continuously monitoring enterprise ICT risks.


What are your priorities in terms of cybersecurity?

The NAC tasked me to be the single point of authority for cyber security across the NATO enterprise, and we are calibrating our activities to fulfil this mandate. We are currently constructing the plan as to what we believe should happen in the mid- to long-term timeframe, and expect to present it to the NAC in January 2022.


In the short term, and in tight cooperation with the NCI Agency, we kicked-off an initiative to streamline the management of asset, configuration, patching and 67


The new Chief Information Officer’s remit extends over 41 NATO sites and 25,000 ICT users (PHOTOS: NCI AGENCY)

NATO Chief Information Officer Manfred Boudreaux-Dehmer (above left) meets with NCI Agency General Manager Ludwig Decamps (above centre) (PHOTO: NCI AGENCY)


vulnerability (ACPV). This will help us alleviate issues that are rooted in dealing with this subject matter through more manual means. We are orchestrating a test of our Cyber Incidence Response Plan (CIRP). Practice makes perfect and we look forward to incorporating the lessons we have learned into future revisions for continual improvements.


Over what sort of timeframes are you looking to make an impact?

This is a multifaceted question – some results, such as the outcome of the CIRP test, will be visible quickly. We will roll out other initiatives over the next few calendar quarters and intense items that require ‘heavy lifting’ are scheduled further into the future. Much will depend on the speed of creating technical capabilities and the organization’s ability to absorb these changes.



It is important to note that the OCIO is not the entity (Host Nation) that constructs the actual technical solutions. This is where our excellent partnership with the NCI Agency comes into play: Ludwig Decamps, the General Manager of the NCI Agency, and I joke about the notion that we are “joined at the hip”.

How have your previous roles prepared you for this position?

If you look at my resume, you will notice that I have no public sector knowledge. Therefore, I have much to learn at NATO. What I bring to the organization is extensive private industry experience in various companies: a start-up in Latin America, a mid-size Canadian technology player, and a large multinational corporation (Hewlett-Packard – HP), which had 344,000 employees when I worked there. The size of HP was excellent preparation for the complexities I face at NATO. My work at smaller companies instilled a sense of urgency and pragmatism that I intend to keep in my ‘toolbox’ as NATO’s inaugural CIO. In going back to the triple helix of innovation, one important dimension to consider is academia. My insight here comes from being a Research Associate and doctoral student at the University of Reading in the United Kingdom.


However, the power of an excellent team outweighs any specific skill that I as an individual can bring to the table. The OCIO came together before I started my position, and I am beyond impressed with the knowledge, capabilities and drive of our team. The same applies to the NCI Agency and other parts of the NATO enterprise. I feel tremendously privileged to be working alongside such high-calibre professionals in fulfilment of our purpose to advance safety and security for a billion people on this planet!





The NCI Agency typically supports over 100 exercises a year to ensure all critical capabilities are tested (PHOTO: NCI AGENCY)


Simon Michell asks Senior Scientist Sarah Brown and Executive Officer Lieutenant Colonel (LTC) Erik Esselaar from the NCI Agency’s NATO Cyber Security Centre how the Agency ensures NATO’s cyber resilience Q What specialist cyber security services does the NCI Agency’s NATO Cyber Security Centre (NCSC) deliver?

provide these services to meet our customers’ needs as well as working out how to evolve them to meet changing demands and protect against the future threats.

Sarah Brown: We have about 250 cyber security professionals at the NCSC with expertise in secure architecture design, accreditation, as well as security monitoring and incident response. Plus we provide support to threat assessment teams around NATO that produce cyber threat intelligence.

Sarah Brown: Supporting NATO operations and missions is the Agency’s top priority. It is our raison d’être. Experts from the Agency support the Alliance every day – on site and from a distance. Our technical teams deliver critical technology to forces as they embark on missions. We deploy to places such as Kosovo and Iraq, and also make short trips to assist on site.

LTC Erik Esselaar: The NCSC provides 20 specific cyber security services ranging from security accreditation, monitoring, detection services, help desk services with regard to cyber events, as well as penetration testing and a myriad of other architectural services. We are continuously looking at how we

LTC Erik Esselaar: The NCI Agency typically supports over 100 exercises a year to make sure we are training and testing all of our critical capabilities. We want to ensure we are resilient against uncertainty and ‘Black Swan’ (ie severe, unpredictable) events like the Covid-19 pandemic. An example of exercise support is CWIX (Coalition Warrior Interoperability Exercise) – an annual programme supplied by Allied Command Transformation (ACT) where we conduct capability testing and provide IT services.





How does the NCSC provide mission assurance to exercises and operations?



The largest is a suite of courses conducted at the new NCI Academy in Oeiras, Portugal. There are more courses under development at the NCI Academy to improve and enhance existing cyber training. We are a key stakeholder in supporting that development process.

What sort of deep expertise can you offer NATO and the Member States?

Sarah Brown: We are involved in understanding what new technologies are coming and we work closely with industry on that. We need to look at emerging technologies and new, sophisticated solutions because we are a vital organization that needs strong defences. At the same time, it’s important to keep a good appreciation on the balance between the benefits of pioneering solutions and the importance of keeping the basics solid.


Sarah Brown: The NCSC provides specialist services to prevent, detect, respond to and recover from cyber security incidents. We can directly support nations and Member States on projects that are specifically for one or multiple nations – or when there is extra support needed for a short amount of time to augment national capability.


NATO Allies bear the primary responsibility for their national cyber defences, and they have pledged to strengthen their cyber defences as a matter of priority. NATO is supporting this effort. We have rapid reaction cyber defence teams on standby, and they are an important tool for reinforcing the protection of NATO’s networks, as well as assisting an Ally in the event of a serious cyber attack. Any decision to deploy a rapid reaction team (RRT) to an Ally would be taken by the North Atlantic Council on the basis of consensus. RRTs provide technical forensics and cyber security expertise. The size of these teams changes from incident to incident. It is determined by the type of skills that are needed. If one person can cover five skills then maybe it’s a very small team. Conversely, if there are lots of different expertise that are needed the team might be much larger. It will be focused on the technical need of the crisis.


How does the NATO Cyber Security Centre contribute to training?

LTC Erik Esselaar: The NCSC does not deliver any training directly. Instead, we support NATO’s individual training institutions such as the NCI Academy in Portugal, the NATO School Oberammergau (NSO) in Germany, the NATO Defense College in Italy, as well as the CCDCOE in Estonia. These institutions are pivotal in the delivery of cyber training. We provide individuals to support courses and training at those institutions – led and organized by those institutions.


How important is getting cyber security fundamentals right versus implementing new technologies?




We also support the NATO cyber community’s own Cyber Coalition exercise where we focus on our ability to coordinate and communicate information across different key groups when there is a cyber security issue. There is also Locked Shields, run by the Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, Estonia, which is a technical exercise where teams from the nations and NATO itself compete against each other.

Erik and I have been involved in an 18-month project where we have been taking a really close look across all of NATO – not just across the NCI Agency, but across the entire NATO enterprise of 41 different organizations at NATO’s cyber security posture. The key thing we have learned is that it is not just about pioneering technologies, but making sure that people, processes and technology are working well together. It is important to know what you have, what it is connected to, have clear roles and responsibilities as well as access control. LTC Erik Esselaar: What we are aiming towards is a cyber resilient NATO. To get there we need to continue to hone our work on the fundamentals – those core cyber security practices and capabilities. Cyber security hygiene is one key element that we are continuing to promote and improve. Honing NATO’s fundamental cyber security functions is something we are doing with partners such as the new Office of the NATO CIO (led by Chief Information Officer Manfred Boudreaux-Dehmer), and Allied Command Operations’ (ACO’s) Cyberspace Operations Centre. These are just two of the key stakeholders that we partner with every day, and of course, we have regular contact with industry so that when we find a vulnerability, or they do, we have that bilateral ability to help one another out.





Addressing the challenges of cross-domain solutions (CDS) data-loss protection issues at the boundary, anything that is created in or that enters such an enclave, is considered to be of the same classification level, even if it is not. This not only results in information silos, but also leads to slow, manual workarounds (sneaker networks) or the bypassing of regulations, all of which can result in uncontrolled network connectivity.

Dr Alexander Schellong VP Global Business, Member of the Board – INFODAS

What are some of the key challenges in protecting and sharing data? NATO, its Member States and Allies share a common goal: keeping the defensive and offensive edge by increasing information- and decision-centric capabilities within and beyond the Alliance. Think Internet of Military Things (IoMT) – best described in the U.S. Department of Defense’s Joint All-Domain and Control (JADC2) concept. However, this ambition faces challenges on multiple fronts. Some of these obstacles originate from technology that does not yet exist, while others stem from a lack of understanding, restrictive regulations and incompatible legacy systems. Many military systems and networks house classified information. For information assurance and the need-to-know principle, isolation has been the standard approach for storing this data. Effectively, due to

Even next-generation firewalls do not provide the level of information assurance and control necessary to protect the secrets of a Nation State or the Alliance. Moreover, classified enclaves hold large amounts of datasets that are, or should be, considered unclassified. Consequently, moving the need-to-share concept to the warfighter or platform on the front line becomes an intricate, often confusing and tricky process.

How can cross-domain solutions (CDS) tackle this challenge? Over the past 20 to 30 years, intelligence agencies, information security authorities and military organizations in a few NATO Member States have asked (and supported) their domestic industry to find ways to digitize and connect data domains classified: SECRET, MISSION SECRET, CONFIDENTIAL or RESTRICTED. The answer to this complex puzzle is cross domain solutions, (CDS), of which there are three main categories: – Data diodes/Transfer Solution; – Security Gateways/Guards/IEG; – Data Classification/Labelling.

Today, most countries are aware of, and only allow the use of, unidirectional data diodes as a CDS in classified domains in which data is normally transferred from lower classified domains (LOW) to higher classified domains (HIGH). Most of these systems rely on the same design, combined with a modified, fibre-optic cable with send and receive transceivers and other software functionalities that support specific applications. This makes them relatively cheap to produce. However, while there will be use-cases where data diodes are the best choice, they still represent a legacy technology. Usually, these diodes ‘break’ the data- or control-flow of even the simplest protocols by adding ‘waiting time’ or assumptions about data delivery. This severely impairs service quality and speed. Future systems require protocol breaks – at least from a technological point of view, if not an operational one. They also require full control of bidirectional exchanges at the network and transport layers, as well as at the generic application and specific application protocol level. They also have to handle structured and unstructured data objects. This is what the Security Gateways or Guards that are sometimes combined with data classification/labelling solutions do. Structured data is checked with ‘whitelist’ rulesets, while unstructured datasets receive a security label that is cryptographically bound to the object for checking before a guard can release it. In practice, data diodes have


become synonymous with CDS, which means that many future military programmes are designed and planned on outdated information assurance principles and limitations that go against even today’s technological needs of the operator and commander.

What is the key challenge to implementing CDS? Developing and documenting a commercial-off-the-shelf (COTS) solution that fulfils the high demands of security requirements, and which can be certified for approved product lists of national information security authorities and independent labs, takes years and a colossal amount of effort, because it covers every hardware and software element involved in the solution. Moreover, maintaining approvals and certifications means keeping up with ever-increasing demands of the approving national security authorities. Frustratingly, these often differ from country to country and do not necessarily align with the operational needs of the end-users in intelligence and defence, which themselves are sometimes contradictory. Consequently, customizations for specific military use-cases that are not covered by an approval require vendors to invest considerable time and resources in developing and approving modifications, making them more expensive than other cybersecurity products, such as firewalls. In addition, because information security and the protection of national secrets is the primary purpose of high-assurance CDS, capabilities can sometimes lag behind commercial IT and cybersecurity products. This

suggests that CDS will be a physical, rather than virtual, element in a highly classified cloud environment due to the trust issues related to the cloud technology stack. There is also the challenge of attaining government approvals, especially if security agencies have ring-fenced their domestic CDS vendors. This can sometimes make it difficult for other CDS providers to gain the necessary approvals required for them to be considered by a military or intelligence end-user. It is also feasible that a national government might accept a NATO- or EU-approved CDS product for Alliance purposes, but reject it for their own domestic networks, thus potentially limiting the market opportunities for CDS vendors. Or it might make it necessary to invest time and resources at significant cost to undertake evaluations and approvals or manage different versions of the same product for each nation they work with. Higher levels of transparency in national CDS assurance requirements would also make it easier for vendors to assess whether their solutions meet their specifications or not. INFODAS strongly encourages defence organizations and national information security authorities to address this subject and update their classified information regulations and approvals processes in parallel. Without this concerted effort, the ‘all-connected’ future will be more difficult to achieve. Until a levelplaying field can be accomplished, the development and implementation of CDS products that are not only fit for purpose, but also universally interoperable, will take decades and a significant, if not prohibitive, amount of financial investment. Above all, we need a national security product

approval system that is universal across the 30 NATO Member States. We also need to ensure that the Evaluation Assurance Levels (EAL) attributed to each CDS product, such as data diodes, are a true reflection of their actual security levels related to their logical, as well as their physical, elements, especially when it relates to EAL 7.

What advice would you give to any organization that wants to implement a CDS system? My advice to any organization that is planning a CDS project in the near future is to consider the following key elements: first, understand your high-level use-case and the resulting consequences of changing the status quo. Then consider whether other data might improve your mission or systems. In addition, you need to decide whether third-parties that have never been considered before might benefit from access to specific data. You should also be fully, or at least relatively aware, of all the data/ protocols (network, transport, application) and sensitivity levels inside your domain. For example, is it a machine-to-machine scenario, such as a database replication, that you want, or does your requirement involve the human end-user who wants to make HIGH to LOW queries? A lot of time and budget can be saved if you gather this information before you start on your CDS journey.

connect more. be secure.


Alan Dron asks the NCI Agency’s Director of Acquisition, Jennifer Upton, how she intends to transform the organization’s procurement process to make it future-proof

Traditional means of networking through in-person conferences have had to be halted due to the pandemic (PHOTO: NCI AGENCY)



Covid-19 forced every organization to examine its crisis response plans and operations, and NCI Agency Acquisition was no different. Agency acquisition procedures are largely governed by NATO-level procurement regulations, which have been in place for decades. Although the Agency doesn’t have the authority to change those regulations, there are examples of lower-level processes that the Agency could and did alter, to adapt quickly to the challenges presented by the pandemic.


The Agency’s approach early on was to be proactive with communication, recognising the complicated situation we’re all in. It provided consistent instructions to current contractors on how to communicate with our staff regarding potential and actual Covid-19 impacts on performance. To understand quickly whether the current procedures and policies were robust or flexible enough to cover Covid’s challenges, we engaged early last year with all our industry suppliers, citing our willingness to work with them on the necessary contractual flexibilities. These early and consistent communications have enabled great cooperation throughout the crisis and have created an impressive level of innovation from our teams, seeking to continue performance without interruption. Bidders’ conferences, industry days, product demonstrations and even site visits previously conducted in person have all been accomplished virtually, ensuring acquisition’s support to NATO’s critical work continues. Globally, the pandemic continues to create momentum for increased digitalization of information and communication. In terms of lessons, it became evident that, in addition to the challenges within the regulatory environment, acquisition in a customer-funded regime is not designed to surge, either in terms of people resources or in terms of actual ordering and delivery of unplanned supplies and services. Therefore, a more proactive and anticipatory approach to procurement is something we’re working to enable.


What are your priorities for supporting the NCI Agency’s digital transformation?

My priority from an acquisition perspective is the continued roll-out of our ‘Neo’ eprocurement tool. Neo will enable robust information flow via protected networks and automate many of our acquisition and supply-chain processes, increasing efficiency and effectiveness for both the Agency and our thousands of vendors. The capabilities offered by Neo to our business processes is truly opening a new era for NCI Agency procurement. Over the past year, we activated the first modules in a managed, riskbased approach, utilizing centralized and automated internal business processes as the test bed for planning the larger roll-out.



Has Covid revealed any lessons on how to future-proof NCI Agency procurement processes?


These first steps are already producing data analytics not previously possible. With the full capability, Neo delivers the first opportunity for Agency procurement officials and suppliers to access an online NATO system to run competitions and manage contracts. It also provides national delegations with the capability to provide declarations of eligibility for participation in Agency business. Post-contract award efficiencies are another Neo improvement, allowing online and integrated acceptance of goods and services with optimized invoice processing and accelerated payments. The Agency is working to harden the system that will carry our business information, ensuring that it is up to the cyber challenges any system faces in this digital age. I look forward to realizing its expanded capability over coming months.


What are your plans for implementing a smarter procurement model?

When I arrived at the Agency in March 2020, I recognised the benefits in developing an Agency-level approach to acquisition reform. This began with a survey of the staff’s perspectives on current operations and ideas related to reform, based on their considerable experience, as many staff have operated under existing regulations for decades. Analysis of this information was combined with a




The NCI Agency is planning to release more than 500 million EUR of new business opportunities over the next 18-24 months (PHOTO: NCI AGENCY)

comprehensive review of the existing audits, studies and reports covering NATO acquisition and allowed me to design a strategic vision on how to impact reform initiatives at all levels. Based upon this foundation, we can organize acquisition reform discussions and planning around four main categories: strategic sourcing; update of the procurement regulations and contract terms and conditions; pre-procurement and early market engagement; and technology and process improvement. Much of my plan for a smarter procurement model is covered by strategic sourcing. Business continuity in acquisition requires a shift from reactive procurement to proactive methodologies. This presents a challenge in a customer-funded regulatory framework like ours. My ability to expend resources to diversify our industrial base, to ensure fail-safes by having contractual relationships with multiple suppliers that are flexible enough to react in a crisis, ahead of that crisis, is constrained. We need the ability to negotiate longer-term, more flexible agreements covering the supplies and services we can reasonably predict might be needed during a crisis, and the authority to adjust them quickly when we’re faced with urgent requirements that we couldn’t reasonably predict.


Current acquisition efforts are authorized through a lengthy review and approval process that keeps us in a reactive stance in terms of procurement tools. In my opinion, we need to incorporate anticipatory contractual relationships as part of future business continuity planning. By exploring strategic sourcing along these lines and at the enterprise level, we can increase acquisition agility and efficiency, reduce cost and improve partnerships with industry to improve adaptable service delivery to the Alliance.

What are your expectations for business volumes, both in the short term and the more distant future?


The Agency is planning to release more than 500 million EUR of new business opportunities over the next 18-24 months. Over the same period, subject to committee level approvals, we can expect an additional 400 million EUR of competitive procurement to be released in the areas of BMD (Ballistic Missile Defence) and AirC2 (Air Command and Control). The Agency is also planning to obligate approximately 200 million EUR annually through the use of existing framework contracts and enterprise agreements. Interested industry partners can view further forecasted information via the business opportunities page on the Agency’s website, where the Agency provides detailed information on our current and upcoming procurements, as well as instructions for industry participation.


In addition, over the past year, the Agency recognised that industry’s traditional means of networking through highly attended, in-person conferences halted due to Covid. In an effort to ensure openness to industry capabilities in a more informal forum, the Agency created a capability submission tool, supporting a fair and consistent approach to receiving industry information. This tool is not part of our formal procurement process, but aims to serve as an opportunity for communication and a source of market research regarding the skillsets industry brings to bear on NATO’s challenges.

Resources regarding future business opportunities can be found at: business/business-opportunities or scan the QR code (right):



DIGITAL FUTURE Antonio Calderon, Acting Chief Technology Officer at the NCI Agency, explains to Mike Bryant how the Alliance’s digital transformation will require not just new technologies and skills, but also new funding and acquisition processes

Today, many organizations and businesses are going through a process of digitalization – converting operating processes to digital technologies – and so too is NATO. The NCI Agency, as NATO’s principal information technology and communications (ICT) hub, helps bring the new tools, the technology and the know-how to what has been variously described as NATO’s digital endeavour, digital enterprise, digital transformation and, recently, NATO’s digital backbone. At the heart of this effort is the NCI Agency’s Acting Chief Technology Officer, Antonio Calderon, who heads up the Agency’s recently created Chief Technology Office (CTO). According to Calderon, NATO’s digital transformation is based not only on the technological refresh of obsolescent infrastructure, but equally importantly, on exploiting technologies such as cloud computing, machine learning (ML) and Big Data



analytics that are introducing a completely new level of potential and complexity for ICT systems and their use. But technological change alone is not sufficient. He believes a transformation of NATO funding, operating and sourcing models, as well as of its processes and culture, is also key to a successful transformation process. NATO Nations confirmed earlier this year the seven emerging and disruptive technologies (EDTs) that they will focus on as part of the NATO 2030 forwardlooking initiative: artificial intelligence (AI); data and computing; autonomy; quantum-enabled technologies; biotechnology and human enhancements; hypersonic technologies; and space. Future technologies – such as 5G, blockchain, extended reality (ER), edge computing and the Internet of Things (IoT) – are all already playing a critical role in how NATO will fully exploit new technologies, while minimizing the risks they can bring. How to identify, understand, experiment and finally act to make operational use of new technologies in NATO is also part of the CTO mission – what Calderon calls the NATO innovation ‘continuum’ lifecycle. “Innovation is not only about going to conferences and watching VIP demos of new shiny technologies,” he asserts. “Innovating is hard. It requires the tenacity to overcome obstacles. Sometimes it is frustrating, especially when things don’t go as expected, but it is extremely rewarding when we finally offer a new tested and secure service to our warfighters or NATO customers. Then, and only then, has innovation been achieved. We need to experiment more and predict less,” he adds.

SIZE AND COMPLEXITY NATO differs from many other organizations and businesses in the size and complexity of its structure and processes. Calderon believes that the key to NATO’s digital transformation is making it ‘enterprise-wide’ from inception, as well as interoperable across the Alliance. With the NATO enterprise comprising more than 40 distinct and separate civil and military bodies of varying sizes at different locations, with their own mission requirements and ICT technologies, achieving systematic, interoperable standardization across NATO’s enterprise-wide ICT architecture and processes represents a critical element of NATO’s digital transformation process.


The NCI Agency is continuously developing ICT to enhance and augment political, military and business operations (PHOTO: NCI AGENCY)

Equally important, is the NCI Agency’s role as the main Alliance ICT Service Integrator and NATO’s data custodian. As such, it is accountable for the security of all the data created, processed and transmitted across the enterprise’s networks, and made available to NATO users for optimized decision-making.

Over the decades, NATO’s network connections with the Allies’ own national digital infrastructures have been invariably developed to specific, bespoke parameters, each with different protective measures. It would make perfect sense to standardize them as far as possible to further improve their efficiency and security levels for both NATO and the Member States. Fortunately, this work is already being implemented successfully through the Alliance Federation Services (AFS), an initiative close to the heart of Calderon and his team.

TEAM EFFORT There is no single body in NATO that is solely responsible for digital transformation, nor is there a single policy or strategy document guiding the entire process. That said, NATO’s 2030 initiative (agreed earlier this year), acts as a guide, and so might the decisions reached collectively at the next pivotal NATO Summit to be held in Madrid, Spain, in June 2022. Likewise, no one programme encompasses all elements of NATO’s enterprise-wide digital transformation. But CTO has, according to Calderon, two main roles: – drive the NCI Agency’s digital innovation portfolio by introducing new technologies in partnership with NATO Programme of Work customers, Nations, industry and academia;

– boost architecture and engineering coherent professionalization across the NCI Agency to ensure that NATO’s ICT systems and networks are structured and organized in a high-quality, secure, coherent and resilient fashion. Calderon notes that, with respect to NATO’s digital transformation, the NCI Agency is following an enterprise architecture-driven approach that leans towards industry best practices, such as the re-use of commercial architecture building blocks, the introduction of micro-services and secure containerization-based solutions as offered by industry. The CTO is working very closely with the NCI Agency’s Chief Operating Office (COO) and the recently created NATO Chief Information Office (CIO). Together, they aim to modernize the ICT infrastructure of the whole NATO enterprise (including establishing the first private NATO cloud infrastructure) via the Polaris Programme. NATO is already using technological innovations such as ML and AI in various ways to make sense of vast quantities of information to help users make better decisions faster. The Alliance is working with Member Nations, the data science industry and academia, non-traditional partners, start-ups and subject matter experts, to explore the full potential that AI can bring. Calderon provides a good example of collaboration and external innovation on this – developing and training AI algorithms to recognise and classify electromagnetic footprints from Alliance-wide advanced battlefield sensors. The NCI Agency is continuously developing ICT to enhance and augment political, military and business operations. For example, the NCI Academy uses virtual and augmented reality (VR and AR) in its Alliance training and educating efforts. In addition, NATO and industry users can access the NATO Software Factory software engineering platform that the NCI Agency has developed (remotely and securely) in the public cloud. “The NATO Software Factory is a good example of the NCI Agency and NATO adopting a

DevSecOps (software development, security and operations) approach that fully integrates security requirements and automation within the ICT lifecycle. “It has been a big success,” Calderon says. CTO also addresses data science and AI with a team that brings Big Data and ML techniques for a range of uses, including extracting value from large quantities of lengthy, complex documents. Furthermore, the team has developed computing environments to work with public and classified data, the latter providing powerful storage and computing capacity within a secure AI sandbox, Sandi. Plus the CTO team has contributed to recent NATO innovative steps such as the approval of the first ever NATO AI Strategy, as well as a new NATO Data Exploitation Policy.


“The best way to digitally transform NATO is by innovating our own future”

However, Calderon recognises that NATO has some way to go on its programme for ‘data-centric integration’. “There are still many ‘siloed’ systems,” he elaborates. “And, there is the issue of data fragmentation. But, we have the best-of-the-best expertise in house, working more and more in partnership with industry.” “Digital transformation is a huge and multi-dimensional process that will take time. We are progressing strongly, but it requires continuous orchestration along three vectors: running business-as-usual, 24/7 missioncritical service operations; introducing digital change programmes; and offering surge capacity able to act on ‘known unknowns’.” Plans for creating the Defence Innovation Accelerator for the North Atlantic (DIANA) is a good example of just how focused the Alliance has become on keeping its technological edge. Calderon explains that DIANA is NATO’s version of the US Defense Advanced Research Projects Agency (DARPA), albeit with the difference that DARPA has a national focus and NATO’s DIANA is multinational. It is hoped that DIANA will achieve full operating capability within the coming years. Once established, it will foster innovation and cooperation amongst Allies for critical dual-use EDT technologies, while enabling NATO to directly invest and work more closely with national test centres, industry, start-ups and academia. “NATO is fully embracing technical innovation, and we are moving from legacy ‘egosystems’ (silos) to an ‘ecosystem’ of collaborative technological innovation. But to embrace digital change with open arms there is an urgent need for NATO to endorse new emerging and disruptive funding and acquisition processes, matched to the pace of digital relevance,” Calderon concludes.



Towards a Predictive Internet in the next decade mode across 100 internet networks, with good results to optimize application performance and the user experience. The path towards such a predictive internet will take place over several years. Coupled with selflearning and -healing networks however, this approach could be one of the most impactful technologies for the internet.

Hugues De Pra Chief Technology & Transformation Officer, Cisco Belux Currently, we have a unique opportunity to redefine work. Indeed, over the past two years, we have changed the way of working with partners, colleagues and other stakeholders and we will probably never return to the pre-pandemic days. But the big work-from-home experiment has also made us even more dependent of connectivity. In such a way that we will need to redefine the internet, too.

How is Cisco redefining the internet? Today, the online user experience is still impacted by internet failures. We believe we can help to predict those and take proactive actions with high accuracy. Today’s routing of internet traffic is rather reactive: we first detect failures and then reroute traffic when needed. Machine learning technologies can help to predict these failures and anticipate a network state. This is already in a global test

For the internet of the future, we have also developed a new chip technology called Silicon One. By 2030, 20% of our global energy consumption will come from data traffic: cloud consumption, remote work, augmented reality, quantum computing, 16K-streaming and technologies that are yet to be invented. With Silicon One we can reduce that by one fifth: our routers are 163 times more energy efficient than in 2012. It increases transmission speed up to 25 Terabit/s and consumes 89% less energy: 0.5 kW per year for one router chassis, versus 11 kW before.

Speaking of remote work: is it now officially over? Probably the end of remote work for everyone, yes. But we’re seeing a new normal with a distributed staff working either remotely or in the office. Hybrid work allows us to redefine work by empowering flexibility, choice and inclusion for both employers and employees alike. The past few months have seen the ultimate workplace transformation, and work is no longer where you go – it’s what you do. At Cisco, we offer a framework for this hybrid work and our staff fill it in as they see fit.

Hybrid work is a big leap in HR, but also requires a new approach to technology, no? With a broad digitization and people literally working from anywhere, we need a decentralized approach for the tools we work with too (cybersecurity, cloud and internet access, networking and collaboration...), with a big focus on the user experience. If you look at


security for instance, CISOs are increasingly moving to such a distributed model: the very concept of a security perimeter has blurred. Knowing what’s real and what’s a threat in distributed environments is a real challenge. Therefore, today cybersecurity often converges with cloud and networking, in a zero-trust architecture that is referred to by Gartner as SASE – short for ‘secure access service edge’. Cisco’s SASE approach combines simple connectivity from our SD-WAN with our secure internet gateway, Umbrella: we ensure that nothing – and no one – gets by without verification. More than 20,000 organizations have already begun the journey to SASE, helping their distributed workforces

stay connected and secure. In other words, CISOs need to think about how they bring more security to where their people are, instead of moving their people to where the security is.

How do you guarantee the end user experience in such distributed environments? The Cloud certainly enabled the agility that organizations needed in the early months of the pandemic. As a consequence, core applications are now highly distributed, even in public organizations. Seventy-five percent of global technologists report that the pandemic has created more IT complexity. The only way they can deal with the sprawling IT estate and increased complexity is

full-stack observability. With Cisco solutions like ThousandEyes and AppDynamics, teams can shift from monitoring everything to monitoring just the data and insights that matter. Both insights and automation will be essential to future performance, competitiveness, and resilience. Cisco is the only actor with an observability stack that spans the data centre, the campus network, cloud up to the web and the end-user.



SANDBOX AI PROJECT Arvid Kok, Senior Data Scientist at the NCI Agency explains to Chris Aaron how the Agency’s revolutionary new Data Science and Artificial Intelligence Sandbox works, and how it can help NATO deal with the massive volumes of data that are now flooding into all parts of the organization


In recent years, the NCI Agency has seen an explosion in the demand for Big Data analytic tools from all parts of the NATO enterprise. Data science and artificial intelligence (AI) systems are seen as crucial in the response to this demand, and the NCI Agency was recently granted Initial Approval To Operate (IATO) for ‘Sandi’ – a secure classified development and maintenance environment for AI systems.


Sandi, properly known as the Data Science and AI Sandbox, is where NATO will incubate its AI models; ingesting and preparing data to train them, optimizing and validating models, and presenting the insights they produce. Sandi is where computing power, Big Data and AI meet for NATO. Across NATO, decision-makers, administrators, field intelligence officers and analysts are regularly confronted with massive streams of data that are impossible to handle with standard computer hardware and software tools. AI systems present a solution, but to develop the reliable AI models required, NATO data scientists need relatively free access to classified data sources, state-of-the-art software and some very high-end graphical processing units (GPU) to chew

through the data. Sandi, a highly secure computing environment based around a core of GPUenabled servers that are able to take enormous quantities of data and use it to train sophisticated AI models, provides the solution to this 21st-century problem.

ENVIRONMENT TUNED TO THE USE CASE Arvid Kok, Senior Data Scientist at the NCI Agency and Lead Data Science Technology, working on Sandi, explains how it works. “The first step is to set up an environment tuned to the use case, including: what data sets will be used or analysed, how models, insights and reports will be exposed, and what level of involvement end users will have in the project,” he says. An example use case might be NATO Joint Analysis and Lessons

Learned Centre (JALLC) analysts coming to Sandi asking for insights into lessons learned and best practices. In this case, the data science team takes the best available AI models and tunes them on captured exercise data in order to find useful insights hidden in the data. The analytic results are provided through a dynamic dashboard that enables the users to explore, and slice and dice, the results, thereby significantly reducing the volume of data that the JALLC’s analysts need to analyse. “Another example, involving much deeper involvement in a project, would be several Data Science teams collaborating through Sandi to design, train or tune an AI model that could be applied in various use cases,” reveals Kok. In this example, Sandi provides the tools, hardware and secure environment for



Exploring and explaining is an important and complex part of the NATO AI Strategy (PHOTOS: NCI AGENCY)

“Once an AI model has been trained, an automated training pipeline ensures the model is maintained with the most current data available. Datasets tend to arrive in batches, but these can be near real-time.”

development, as well as the collaboration space. The Data Science teams might be from a NATO organization, such as the Centre for Maritime Research and Experimentation (CMRE) or an appropriately security-cleared NATO military, industrial or academic partner. “A great deal of effort has been put into building and testing the security aspects of Sandi’s architecture, so that it is able to work with classified data and still provide flexibility to its range of users,” Kok explains.


Selecting the most appropriate AI model for each use case can be hard.

This is where the NCI Agency’s Data Science and AI team has expertise and can help; based on the data sets to be analysed and the required outputs, the best approach is explored. Sandi has a variety of software for transforming analytical outputs into readable formats and presenting the results. An important role for Data Science is validating and explaining AI programs. This is essentially about checking for bias or poor performance. “The process of exploring and explaining is part of the NATO AI Strategy – it is important and complex,” says Kok.

A further area of activity is to keep track of the latest developments in new tools and technologies, so as to keep Sandi at the cutting edge. According to Kok, “We find that NATO can benefit from publicdomain technology, but only after shaping it to NATO purposes. So, NATO can leverage the vast private-sector investment that is being put into AI technologies, and fundamental research in academia, but it needs an environment like Sandi, with its accredited security protocols, high-performance GPUs and skilled staff, to exploit this rapidly advancing field of knowledge and enable users from across NATO to tap into its potential.”




Keeping your communications secure has never been more important. Our infrastructure



unparalleled protection and delivery. In fact we offer the most trusted, versatile and secure connectivity in the world. And that’s not all. We’ll help you manage a huge range of data sources to give you a clearer, more informed picture, so whatever the mission, you’ll always have the upper hand. Connectivity-secured. We make it fly.

14031_AIR_Secure_Comms_297x210_MASTER_1.3.indd 1

04/05/2020 11:22



A visual representation of a power network and the effects of cyber disruption, on display at Locked Shields 2021 (PHOTO: NATO CCDCOE)



Participants at Locked Shields 2021 divided into opposing teams (PHOTO: NATO CCDCOE)

Mariana Antunes asks Emmanuel Bouillon, the Head of the Cyber Security Operations Branch at the NATO Cyber Security Centre, about the importance of cyber exercises and how they can enhance the NCI Agency’s cyber security capabilities The complexity and destructiveness of cyberattacks pose a major threat to many organizations today. To adapt against this constantly evolving threat, NATO continues to find ways to maintain its readiness. One of the major tools at its disposal is conducting cyber security exercises, which aim to train every cyber defender in the Alliance. The NCI Agency’s NATO Cyber Security Centre (NCSC) is at the heart of this effort, defending NATO’s networks 24/7. The Agency contributes to more than 200 exercises annually and supports 10 main cyber security exercises to ensure that it is continuously adapting to the evolving cyber threat environment. For over six months, NCSC prepped for the last cyber security exercise of the year, Cyber Coalition, which took place from 30 November to 3 December. “It’s essential that we keep taking part in cyber exercises to be able to cope with the increasing

threat. Participating in these events is key for us to maintain our readiness for incident response,” says Emmanuel Bouillon, the Head of the Cyber Security Operations Branch at NCSC.

CYBER COALITION Cyber Coalition is one of the world’s largest cyber exercises, bringing together contributors from NATO Nations, cyber commands and other relevant stakeholders. Organized by NATO Allied Command Transformation every year, Cyber Coalition is a technical exercise with a realistic scenario that allows participants to practice training together to respond to a major cyber incident in an operational context. The exercise trains cyber defenders in their ability to defend NATO and national networks by working on 87


cyber incident. We must be aware and prepared on all sides.”

Multinational exercises such as Locked Shields provide an opportunity to train together and share valuable knowledge (PHOTO: NATO CCDCOE)

systems that mimic those used by the Alliance. It also tests decisionmaking processes and procedures used by the NCI Agency every day to ensure the organization is better prepared to respond to cyber incidents. The Agency’s NCSC is involved in all phases of exerciseplanning, including preparations, scripting of events and coordination of the exercise itself. “Our involvement in cyber exercises is growing. We not only support the execution of the exercise, but we also help train those who will be participating in it,” explains Bouillon.

LOCKED SHIELDS The Agency also participates annually in Locked Shields, the world’s largest and most complex international real-time cyber defence exercise. Organized by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, Estonia, this annual multifaceted and realistic training event simulates a networked system that is under attack and must be defended. 88

“While Cyber Coalition focuses on training the processes and procedures used by NATO, Locked Shields concentrates on training the people who use these systems,” clarifies an NCSC Incident Management Engineer. “Both forms of cyber security training are instrumental in ensuring that NATO keeps its edge.” Exercise Locked Shields is a unique opportunity for cyber defenders to practice defending network systems and critical infrastructure that are under pressure from a severe cyber-attack. However, it is not only that. External stakeholders and other branches of the Agency also participate in the exercise to make sure NATO is effective in reporting incidents, executing strategic decisions and solving legal and media challenges, such as fake news and disinformation. “Cyber defence is not only about the technical part,” says Bouillon. “We also embed the legal and media teams because we know they are key elements to solve a real-life

The exercise uses a game-based approach in which blue teams have to defend networks from a red team that is trying to penetrate and corrupt systems to create a largescale cyber incident. NCSC leads the NATO Alliance team, which comprises Agency and Allied experts, as well as national military and civilian staff. In the 22 April 2021 version of the exercise, the blue teams took on the role of national cyber rapid reaction teams, deployed to assist a fictional country in handling a large-scale cyber incident, with all of its implications. The NATO Alliance team included participation from over 20 Nations. Multinational exercises such as Cyber Coalition and Locked Shields allow for various nations to train together and share their distinct knowledge to further improve the Alliance’s collective cyber defence posture. As the NCSC Incident Management Engineer points out, “what makes the difference is the difference. Every participant’s individual skill set and experiences make the group stronger”. Cyber security is a team sport, and the Agency tries to ensure Allies are sharing information to boost each other’s capabilities. The main goal of these exercises is to complete the training objective, but the core interest is to raise key lessons learned and sharpen the technical skills of every cyber defender in the Alliance. Participating in cyber exercises is a two-way mentoring effort, where the participants learn from the Agency, and the Agency learns from them. Cyber security exercises are a powerful tool for the Agency to maintain its readiness in an ever-changing realm where cyberattacks are an increasing threat to the security of the Alliance.




THE HUMAN CAPITAL INNOVATION CONCEPT Giedrimas Jeglinskas, NATO Assistant Secretary General for Executive Management, reveals the Alliance’s Human Capital Innovation Concept and its 4E Model designed to achieve ‘relevant human capital for a relevant NATO’

I am not going to shock the readers of NITECH if I state that the world is changing, and this change is marked by accelerating technology, a volatile economic landscape, fragile social contracts and uncertain geopolitics. Yet the speed of change somehow feels overwhelming. This fluidity of change pierces through the legacy systems (and our minds) due to the beautiful and powerful connectivity of everything to everything. So the question arises: how can organizations thrive in times of high pressure? How do we future-proof NATO and this connected ecosystem?



Allow me to tackle this through the human dimension in three interconnected lenses. We have to connect an organization’s mission to what we do all day. We then set a vision to amplify the impact that people have on an organization. Finally, we unleash the cultural change at work.

STAYING RELEVANT So first, let’s connect the people element to the mission of the organization. NATO has been blessed with an evergreen mission that can be distilled into a simple statement – to defend freedom and preserve peace. We do that by staying relevant. This relevance is a combination of various things, from our shared values to military capabilities, from operational interoperability to resilient societies, and much more. But from the institutional perspective, we are also a knowledge-centric organization that requires creative ideas and insights to ensure our relevance. Hence, the focus on people becomes crucial in our quest for innovative ideas. These innovative ideas and insights, generated by our people will, in turn, ensure NATO’s relevance, which is what the Alliance requires to deliver on its mission. Second, there has never been a more urgent need to set a vision of how we should advance our human capital.

Change is overwhelming for organizations and individuals, and the pandemic further accelerated this uncertainty. A clear vision underlined by key principles could serve as a stabilizing element, at the same time, offering resilience to the organization and an element of certainty to individuals. At NATO International Staff, we have recently introduced the Human Capital Innovation Concept, which lays out the principles that will help solve human capital challenges for the NATO enterprise. The astoundingly simple vision – “relevant human capital for a relevant NATO” – implies a long-term view and focuses on the whatever-it-takes principle to deliver relevance. To effectively progress toward the set vision, NATO has to become a tightly connected ecosystem collaborating on all challenges related to human capital. Four broad objectives, or the ‘4E model’, supports NATO’s vision of relevant human capital for a relevant NATO. Under the 4E model, the NATO enterprise will have to engage broadly to gain access to relevant human capital that is critical for our mission. We will evolve human capital by collaborating on talent development across the ecosystem. We shall enable human capital through a culture of innovation to solve the most pressing challenges that the Alliance is facing. Finally, we will aim to embed human capital as a core consideration in the Allies’ strategic discussions.

ENGAGE broadly to gain access to relevant human capital that is critical for our mission

EMBED human capital as a core consideration in the Allies’ strategic discussions

NATO Human Capital Innovation Concept 4E Model ENABLE human capital through a culture of innovation to solve the Alliance’s most pressing challenges


EVOLVE human capital by collaborating on talent development across the ecosystem



This set of objectives will guide the actions and initiatives by the entities of the NATO Enterprise to ensure we remain relevant by doing all we can to cultivate relevant human capital. Third, with a glowing organizational mission and a vision for human capital progress set, how can we inspire change at work? Change is hard; change at complex institutions is even harder. But we also know that for actual change to happen, especially in the human capital domain, the effort has to penetrate the cultural building blocks of an organization. Our human resources team can design policies and procedures that will include the most progressive tenets of modern organizations, but if people do not internalize these innovations, the necessary change will not occur.

DIVERSITY AND INCLUSION Therefore, grassroots-level effort becomes crucial, precisely because most ‘work’ happens at the individual and small-unit level. Individual motivation and team cohesion will determine both the quality of outputs and, eventually, will surface the outcomes to the whole organization. For all this to work, we cannot overstate the importance of diversity and inclusion initiatives in all we do in the talent domain. Teams of diverse individuals operating in an inclusive setting will always have a better chance to arrive at

“Selecting great people from all walks of life to work for NATO is vital” creative solutions than homogenous ones working under constrained conditions. Selecting great people from all walks of life to work for NATO is vital, and so is the way we encourage our staff to grow, both through formal and informal training opportunities. Underlying all of this is a peoplepositive work culture that puts a premium on trust, collaboration and creative solutions. To recap, I want us to think big. As the sun rises in the most western edge of the Hawaiian islands and sets in Eastern Europe, NATO stands ready to protect nearly a billion souls. NATO’s mission is beautiful, powerful and inspiring. As the next iteration of changes comes our way, we have to turn to the heart of what makes organizations work in order to stay relevant and to thrive. Because NATO is people.

































With smarter platforms and proven technologies, Havelsan is working for the safe new world and its special requirements. Havelsan is always here for you!






The acting Head of Talent Management and HR Integration at NATO Headquarters, Céline Shakouri-Dias, describes the NATO Executive Development Programme and tells Simon Michell how her team ensures that NATO staff members have the right skills to meet the organization’s rapidly evolving needs

THE NATO EXECUTIVE DEVELOPMENT PROGRAMME Like other large organizations, the NATO Alliance realizes that retaining people – now often referred to as ‘human capital’ – is becoming ever more difficult, yet ever more vital. Added to that is the complexity of maintaining competency and skills relevance within those thousands of staff members who ensure the Alliance is fit for purpose, efficient and value for money. It is not just a numbers game – it is a quality assurance paradigm as well.


A key player in NATO’s continuous challenge to recruit, train and retain people is Céline Shakouri-Dias, Acting Head of Talent Management and Human Resources Integration. She is acutely aware that, as well as making sure that NATO has sufficient civilian human capital to be able to fulfil its remit, the workforce is also correctly skilled – both currently and in the future. This is a complex challenge hovering somewhere between an art form and a science. Not surprisingly, she uses benchmarks and concepts common to many other enterprises. “We have a structured, business-aligned learning strategy that forms the foundation for mapping

the learning needs based on the organization’s requirements and the broader NATO agenda,” says Shakouri-Dias. “That document sets the foundation for a couple of years and is complemented on an annual basis with annual learning needs assessments.” NATO recently announced its 2030 Agenda, within which Allied Heads of State have decided the underlying strategic concepts that will drive the Alliance’s readiness, capability and operations for the next 10 years. This is a critical reference for the learning agenda. Shakouri-Dias points out, “Everything we do in terms of learning and training derives from this.” This, she explains, ensures there is a clear link between what people need to learn and how that aligns with the broader organizational requirements and agenda. This groundwork for the future is being implemented by her team at a granular, individual level, feeding off another major strand of work being developed at NATO by Giedrimas Jeglinskas, NATO Assistant Secretary General for Executive Management – the Human Capital Innovation Concept.




During the pandemic, NATO Executive Development Programme inductees have been meeting online for training (PHOTO: NEDP)

NATO EXECUTIVE DEVELOPMENT PROGRAMME It is a paradox, but nevertheless a reality, that the corporate memory of the NATO Alliance resides not so much in the military personnel that rotate through it on a frequent and regular basis, but in the civilian staff who tend to stay in situ for years longer than any of their military counterparts. “This corporate memory is precious and should not be taken for granted. It needs to be nurtured, strengthened and shared,” says Shakouri-Dias. Perhaps the single most effective mechanism Shakouri-Dias possesses to cultivate the people who will keep it alive is the NATO Executive Development Programme – NEDP. “It was established 13 years ago for two reasons. Firstly, to foster a NATO-wide sense of belonging and corporate culture. And, secondly, to develop management and leadership skills,” she explains.


With only 24 staff members inducted each year, the NEDP is a somewhat exclusive club. It is one

of only a few NATO-wide courses offered by the Alliance and is targeted at mid-level civilian staff. Some inductees may already be in a formal management position, but that is not a prerequisite, as others may be undertaking informal management tasks as project managers or managing a complex stakeholders’ map, for example. It is also open to staff who aspire to manage and lead others in their future careers at NATO. Shakouri-Dias likens the NEDP to an MBA, in that it lasts the equivalent of a school year and exacts a substantial commitment from its participants in both time and effort. “It really is a programme that takes colleagues outside of their comfort zone – both in terms of the content and the experiences they are going to have, and also in terms of the time and personal commitment that goes with it,” she explains. “I think the greatest benefits are the learning and networking you get from the class colleagues, who are all selected for their potential, their interest in self-development and in

NATO. You have this similarity in profile – a couple of fundamental behaviours everyone shares, but at the same time, the diversity that NATO brings – people from different professional backgrounds and diverse nationalities from a variety of NATO entities. That brings a lot of learning opportunities and huge networking opportunities once it is over – as an alumnus. It really opens up the NATO enterprise to the participants in a very tangible and human way.” Shakouri-Dias should know, as she is one of just under 300 alumni, having completed the course five years ago. As the manager now responsible for the programme, she has real insight into its value and purpose. “I know what I am talking about when it comes to the programme, having completed it. I understand the needs,” she says, before offering this enthusiastic recommendation, “I still cherish my NEDP memories. It was a once-in-alifetime experience. The experiences I enjoyed both with the faculty and, most importantly, with the NEDP class were hugely significant.”


NATO Secretary General Jens Stoltenberg engages with students and young leaders on their ideas and vision for NATO (PHOTO: NATO)

NATO YOUNG LEADERS GROUP Fourteen young professionals from across the Alliance were selected as NATO 2030 Young Leaders. The group provided NATO Secretary General Jens Stoltenberg with a report in February 2021 to inform his recommendations for the NATO 2030 vision. Simon Michell talks to two of them, Andrea G Rodriguez and Jan Lukačevič, to get an insight into what they think about NATO’s role, how the Alliance can enhance its appeal to the younger generation and how it can be improved 97


alliance of democracies that rigorously uphold human rights, NATO can achieve an advantage over its competitors by adopting emerging technologies such as artificial intelligence (AI) in an ethical way. Not doing so would be a mistake for the Alliance as it seeks to strengthen its political value. Moreover, since there is not yet any international consensus in the development of technologies such as AI, NATO can be a point of contact for the transatlantic community and help influence international norm-setting by promoting and adopting a charter of AI ethics.

NATO Secretary General Jens Stoltenberg appointed 14 emerging leaders from across the Alliance as ‘NATO 2030 Young Leaders’ to inform his recommendations for NATO 2030 (PHOTO: NATO)


How can NATO win the hearts and minds of younger generations?

Andrea: One way NATO can become closer to younger generations is by demonstrating that the Alliance is, in fact, concerned about what the young care about: gender equality, global peace, freedom and environmental sustainability. Adopting a green pact to reduce emissions and being more vocal about the role of women can make it more attractive for disconnected audiences.


Jan: NATO should find a better, more personalized way to communicate with the young. This is a rather complex issue, but even small things like using references to pop culture, accessible language and fitting metaphors can help to explain the benefits of the existence of NATO, as well as the complexity of the organization as a whole. You win the hearts and minds of people if they are convinced that they personally benefit from what you do for them, they feel like they are being heard and that you are fighting on their behalf for a good cause.



Why should NATO be an ethical norm setter?

Andrea: In a world of contesting narratives, NATO should act according to its values. And, in today’s digital world, it is important that it safeguards and promotes those in the digital realm as well. As an



Jan: NATO unites and represents countries that share democratic values and it should definitely uphold liberal democratic values in the future. I am convinced that we are entering a competition of different systems of government between various countries and multinational organizations. To preserve our cultural richness and diversity, we should adhere to policies and processes that help us stay within a common ethical framework, especially when it comes to the development and adoption of new technologies. That’s an area where it is the easiest to omit our high ethical standards.



How can NATO climate-proof its policies and operations?

Jan: There are several good ways to achieve this. As mentioned in our NATO 2030 Young Leaders report, it is important to frame green transition as a win-win solution. From the technological perspective, being more sustainable and working better with resources is beneficial both for resilient defence operations and the daily lives of people in NATO countries. Moreover, NATO can and should support Allies in their emissions-reduction efforts. Even though emissions-reduction targets fall under the competence of states, NATO can lead by example by improving energy efficiency in, for example, its headquarters, and act as a catalyst for climate action by supporting Allies in advancing their own emissions reductions and adaptation investments. To keep it short, as a first step, NATO could assist Allies in measuring their military carbon emissions.



What non-traditional threats should NATO be aware of?

Jan: We’re most likely entering an era where, due to climate change, certain geographical areas will face a resource scarcity. This may result in conventional or hybrid conflicts in those affected areas, or it may act as a fuse for creating various proxy conflicts. Apart from that, I perceive, as a relatively



Last February’s event, ‘New Ideas for NATO 2030’, was organized by NATO and Chatham House (PHOTO: NATO)

non-traditional threat, that any topic in a mainstream conversation can be now turned into a tool used to further polarize and crumble our society. The most recent malign narrative, that the ‘green’ shift in NATO economies is a reason for the coming energy crisis, can be harmful to our economic growth and will weaken our societies. This is a very good example of the sort of threat I mean.


How can NATO maintain its technological edge?

Andrea: For NATO to maintain its technological edge it must be able to identify new technological trends and emerging and disruptive technologies early, so that it can coordinate strategic investments, especially in start-ups that are more prone to acquisition by adversaries. In addition, the Alliance should collaborate with allies to maintain an adequate level of cyber security, share information about cyber threats and promote resilience, including supply-chain resilience in critical areas. The announcement made by Secretary General Stoltenberg of the creation of NATO DIANA is a step in the right direction.


Jan: I warmly welcome the recent agreement leading to the establishment of DIANA and the NATO Innovation Fund. Among other necessary things,

an establishment of an innovation ecosystem accelerating the development of emerging and disruptive technologies was outlined in our report to Secretary General Stoltenberg. It is great to see these ideas taking off. The overarching motive is to change the mindset of both the political and military leadership. We must strive to be proactive. A reactive approach would lead to a frustration that the technological gap is constantly increasing, and the adoption of new technologies is never fast enough to provide us with advantages over NATO’s adversaries and competitors. We must embrace the change.

Read the Young Leaders Group report – NATO 2030: Embrace the change, guard the values – by visiting NATO2030YLG or by scanning the QR code below:





NCI AGENCY Michael Linennen asks two of the younger members of staff at the NCI Agency, Diem My Nguyen and Salvatore Campisi, why bringing vitality and diversity to the Agency is important for future security and stability



NATO has developed initiatives (internships, summer schools, young professional programme) to attract and develop young professionals to work in various areas in different NATO bodies (PHOTOS: NCI AGENCY)

Shortly before she was born, Diem My Nguyen’s parents fled war-torn Vietnam and settled in Belgium. Now grown up, Nguyen works as a young human resources professional with the NCI Agency. “We were fighting for our ideals,” she explains. “We may no longer be in the same battle, but our fight to defend democracy remains the same. So, what’s better than working for NATO that protects peace and security?” Nguyen’s grandfather was an army officer with the South Vietnamese forces, fighting alongside the Americans against the North Vietnamese communist regime. When she told her family about being able to work for NATO, they were proud and overjoyed. “It was a surprise to my family. When they came to Belgium, they just wanted to have the opportunity to live a normal life,” Nguyen says. “I was the first person in my family to

attend university. And now I am working for NATO.” Nguyen started as an intern at Supreme Headquarters Allied Powers Europe (SHAPE) in 2018. She then worked as a recruiter at the NATO International Staff (IS) office in Brussels before working with the NCI Agency. At the Agency, as a human resources administrator, Nguyen helps organize recruitment campaigns, onboard staff members, and, most importantly, have conversations with colleagues in the Agency about increasing diversity.

challenges in the world. “I think the younger generation is more mindful of interacting with diverse cultures,” Nguyen says.

Nguyen’s story is just one of many young professionals who have found a purpose working for NATO, and support its goal of preserving peace and security in the world. The collective diversity of Nguyen and other young professionals is helping NATO to increase its flexibility and to adapt its mission to address future

“We have 30 nationalities represented in NATO with a mix of military and civilian staff. It’s a good mix if we talk about nationalities, but we can certainly benefit from having other kinds of diversity. For the Alliance to move forward, we need to be able to attract young talent to work in the organization, from all walks of life.”



Traditionally, NATO has had a wider proportion of men working in the organization. However, with more young professionals joining NATO, they are bringing in increased ethnic and gender diversity. “Coming from different backgrounds, I think we are able to recognise and talk about issues when something happens,” Nguyen says. “I really hope that I can use my experience to talk with colleagues to promote diversity and inclusion in the Agency.”


DIVERSITY AND INCLUSION For the past few years, NATO has been running recruitment campaigns to attract young talent to work for the Alliance. The NCI Agency has also developed diversity and inclusion strategies to establish a more diverse workforce, and to provide equal opportunities for both men and women. “We should not underrate what young professionals can bring to the Agency. They can bring motivation and more skills,” says Salvatore Campisi. 102

The NCI Agency collaborates with different partners and academia to support knowledge sharing and strengthen the pool of young professionals in various areas (PHOTO: NCI AGENCY)

“In order for NATO to move forward, we need to challenge ourselves and be proactive” Campisi is a software engineer with the Command and Control (C2) service line in the Enabling Services Group. He has been developing ways for the team to build software faster and more efficiently. One of the software packages Campisi helped develop monitors and assesses the connectivity within tactical data networks. With the streamlined process, he’s able to easily document and share his progress with anyone who contributes to the development of the software after him. This has led to the software being more stable and performing better. “Applying all these best practices will improve your functional area service, which will help create better capability,”

says Campisi. “This will help nations monitor and assess data connectivity during exercises and operations.” Campisi believes that young professionals can bring new ways of thinking and technical expertise to NATO, because they can apply academic knowledge and the latest industry trends to their work. Not only is this a great learning experience for young professionals, but it can complement the expertise and experience of the Agency’s engineers when developing software. “In order for NATO to move forward, we need to challenge ourselves and be proactive. And I think young professionals can bring a fresh outlook and energy to help NATO deal with emerging issues. That is what we bring to NATO,” insists Campisi.

Are you looking for a job with a real purpose? Do you want to be a part of an organization that saves lives and safeguards peace for nearly 1 billion citizens?

Then join the NCI Agency, NATO’s cyber and technology hub. We are always looking for specialists in technology fields such as cyber security, command and control or air defence but also across the breadth of the technology functions in architecture, engineering, networking, testing, DevOps, support, project management and service delivery. And if you don’t have a background in tech, then keep an eye out for vacancies in human resources, finance, legal and procurement. Find out more about our exciting opportunities at

NATO Vacancies

Cybersecurity. It’s time to look again. Revisit your security strategy and reveal a new approach.

Advert for NATO.indd 1

02/11/2021 14:33:36

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.