Since NATO's declaration last summer deeming cyber a domain of warfare, the alliance has looked at several ways to bolster its cyber defenses.
The alliance has mainly taken concrete steps toward cyber defensive efforts, as NATO's offensive capabilities are still nascent, despite calls for robust cyberattack solutions.
"In NATO, we need to figure out what cyber operations are before we decide what the organizational construct is. We need to decide what precisely cyberspace is as a domain for operations. Additionally, we need to set down what the rules of engagement are because cyberspace is a different and unique domain for operations," said Brad Bigelow, the chief technical adviser to the CIS/Cyber Defense (Communications Information Systems/CD) staff at the Supreme Headquarters Allied Powers Europe, or SHAPE.
SHAPE is NATO's strategic operational military command and housed the alliance's defensive and offensive unit during the annual Cyber Conflict (CyCon) conference in Tallinn, Estonia, in early June.
"Cybersecurity in particular is an area where the nations are going to pay particular attention in the coming decade," Kevin Scheid, the new general manager of the NATO Communications and Information Agency, told Defense One. "[The NATO Communications and Information Agency] can play a real thought-leadership role as well as developing capabilities."
"There's real money being spent in the alliance on these sorts of capabilities," he added. "And they're reorganizing themselves to prepare for more of it in the future."
The NATO Communications and Information Agency, also known as NCI, is working to modernize its IT posture as a means of keeping up with threats and unburdening deployed forces downrange.
Gregory Edwards, director of infrastructure services at NCI, told C4ISRNET in an interview that under a new contract with General Dynamics IT, the agency isn't focused so much on technology but rather IT modernization.
"We in NATO see this as a fundamental change in how we will operate, maintain, secure and sustain our services," he said.
The modernization effort is focused on efficiency, resiliency and flexibility.
Flexibility "is key because we don't know where we will be deploying forces," Edwards said, regarding how IT modernization helps to better posture NATO. "It would be quite expensive to equip multiple forces with all of the software and hardware that they might need, so this centralization and IT modernization gives the ultimate flexibility to NATO at a cost that we've already assessed to be a savings to NATO overall in our budget."
The modernization effort looks at centralization and virtualization of services.
For NATO, they must be able to deploy forces around the world to defend the alliance's interests. These deployed forces must be able to have reach-back capability without overburdening them in the field with tons of equipment.
As joint force commanders have missions they need to perform, with a variety of nations that come together to achieve that mission, forces, troops and equipment are provided by all participating nations. It is then NCI's job to configure a set of services they might need to include applications, voice services or data, Edwards said.
The speed at which NATO can configure, reconfigure and change overall services for missions is the major contribution that the IT modernization program is going to bring for joint force commands and operators in the field, he added.
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.
