Incident Response, TDR

NIAS 2016 – responding to the Warsaw declaration

While the theme of today's NIAS 2016 (NATO's information and cyber-defence symposium) in Mons, Belgium is ‘The next generation starts now', the initial focus has been on responding to the recent Warsaw declaration of Cyber as the fourth domain for warfare – alongside air, land and sea – and the need for Nato to cooperate with other groupings, individual nations and with the industry.

Rear admiral Dr. Thomas Daum, chief of staff at the NCI Agency, kicked off proceedings in a presentation about how the Warsaw pledges would become reality, including a reminder to the 1300 strong audience of military and industry that an extra €70 million is to be spent in the five years from 2017 on a major refresh of cyber-capabilities.

A key will be interoperability, allowing connecting of forces – overcoming any national preferences for their own technology to ensure choices that work for all and best meet the threat are chosen. There are already eight partnership agreements with industry and the event included three vector analysis workshops working with the private sector.

The critical nature of cyber was emphasised with a presentation using the example of missile interception, noting, “There are minutes, not hours, to respond. The data flow over the network needs to be 24/7, and ‘server not available' is not acceptable. The system must run. It must work in that moment.”

Regarding the new generation, it was noted how the IT expectations of a new generation coming into the sector would need to be met, while the worst enemy was hubris – thinking that nothing can happen.

Ambassador Sorin Ducaru, assistant secretary general, Emerging Security Challenges Division at Nato, also addressed the cyber-priorities for Nato following the Warsaw decision.

NIAS16 Ambassador Sorin Ducaru: A key issue in cyber-space is interoperability

First up was a reappraisal of the threat, with the past year having seen half a billion breaches of personal information registered; malware has gone from two million spotted per year six years ago to two million per day now, with increased intensity, persistence and sophistication, and there has been a blurring of cyber-crime and state actors and hybrid attacks causing operational damage. Consequently there is a need for all nations in the alliance to strengthen their cyber-defence, with a political commitment to invest in strengthening their capabilities, led by Nato itself.

Ducaru noted that cyber is a contested environment in which networks are and will be under attack and the priorities are availability of networks and integrity of data, with a need to be resilient to ensure the success of the mission. While Ducaru emphasised Nato's remit mandate was in compliance with international law and characterised by restraint and the need to develop rules of responsible state behaviour in cyber-space.

But the need for wider cooperation extending from Nato to the EU, UN, OECD was summed up in the comment, “We're all in this together,” with increasing cross training and cooperation called for.

Major general Walter Huhn, deputy chief of staff of CIS and cyber-defence at the Nato Supreme Headquarters Allied Powers Europe (SHAPE)

This theme was repeated by major general Walter Huhn, deputy chief of staff of CIS and Cyber Defence at the Nato Supreme Headquarters Allied Powers Europe (SHAPE), who told delegates, “A cyber-attack on one can affect all, and most attacks today are hybrid (physical and cyber), with the cyber-element able to reach article 5 threshold. Cyber-space is a warfare domain and Nato must protect itself, hence the setting up (by SHAPE) of its cyber-division. Like air power, which affects the other domains of land and sea, the same applies to cyber. We need to enable operations to be carried out even if networks are affected, so we take a holistic approach, covering planning, objectives, threats, training, leadership and ensuring common terms as well as adopting new technologies.”

It was also explained that areas to be covered included the physical layer, to avoid single points of failure; network and systems which faces new threats every day, as well as information sources and critical dependencies where network resilience was required to overcome disruption, and provide automatic awareness of challenges.

While it was accepted that there was potential for national entities to favour their own solutions, this was not seen as an insurmountable problem to achieving cooperation.

Ambassador Ducaru told  “Interoperability has been and will be a main issue to address in cyber-space.  We have already introduced interoperability cyber-defence targets and are largely working with compatible standards that allow integration. The dynamic of this threat landscape is that it is offence dominated and our best response is developing partnerships and cooperate to get a key strategic response. This does mean we might not own and develop (all) our own defensive or offensive capabilities, which obliges us to cooperate better together. “  

Rear admiral Daum, talking to, agreed, noting, “We have an interoperability forum and it's a well documented process (used for physical hardware too) – we pick the best solutions to meet our needs.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.