Computer network defence
NATO is advancing its efforts to both confront and address the wide range of cyber threats faced by Allies each day and this includes engaging industry, academia and public institutions in these efforts.
“Cyber security incidents are increasing in both scope and scale every day. Our defensive mechanisms have been outpaced by the scope and scale of malicious cyber activities and, as a result, this issue now sits as one of the most important emerging security challenges facing our countries today”, says Melissa Hathaway, Council of Experts, Global Cyber Security Centre (GCSEC), Rome, Italy.
She was speaking at a ‘Book Talk’ event held at NATO HQ on 10 February 2014, which discussed the conclusions drawn from a workshop that focused on exploring common interest issues for improving Allied and partner cyber defence practices.
The workshop, held end 2013, was supported by the NATO Science for Peace and Security (SPS) Programme and addressed cyber defence and NATO’s cyber defence policy implementation. It brought together a multi-disciplinary team of experts from 16 countries and three international institutions to share experience, knowledge and opinions. Together they generated 21 specific findings and 12 papers to help improve the cyber defence posture of NATO member countries and their partners.
The papers formed the basis of a book that was published as part of the NATO Science Series. The editor and co-directors of the project were invited to brief the relevant committee responsible for cyber defence at NATO on the findings of the workshop, and the publication was launched at this ‘Book Talk’ event.
The NATO Country Project Director and editor of the publication, Melissa Hathaway, said, “This demands that they collectively take action to reduce vulnerabilities of organisations’ information systems, assets, infrastructures and people. Accordingly, organisations are shifting their security approach toward monitoring ingress and egress routes, cataloguing the tactics, techniques, and procedures of adversary activity to better understand impacts and manage risk. Equally important, they are investing in advanced counter-measures to strengthen security postures and become more resistant to cyber threats. In the future, they will need to focus initiatives toward the protection, resilience, recovery, and restoration of services that transcend national boundaries, like electric power, navigation, and telecommunications. After all, defence does not stop at the corporate enterprise or sovereign border.”
The chapters of the publication ‘Best Practices in Computer Network Defense: Incident Detection and Response’ are available at each of the authors institutions as follows:
Chapter 1: Advanced Research Workshop Findings
Author: Melissa Hathaway, Council of Experts, Global Cyber Security Centre (GCSEC)
Chapter 2: Computer Network Defense: New Threats and Trends
Authors: Andrea Rigoni and Gustav Lindstrom, Geneva Centre for Security Policy (GSCP)
Chapter 3: Advanced Technologies/Tactics Techniques, Procedures: Closing the Attack Window, and Thresholds for Reporting and Containment
Author: John Stewart, Cisco Systems and Council of Experts, Global Cyber Security Center (GCSEC)
Chapter 4: Beyond Perimeter Defense: Defense-in-Depth Leveraging Upstream Security
Author: Dave McMahon, The SecDev Group
Chapter 5: Back to Basics: Beyond Network Hygiene
Authors: Felix ‘FX’ Lindner (Recurity Labs GmbH, Germany) & Sandro Gaycken (Freie University of Berlin, Germany)
Chapter 6: Aligning National Cyber Security Strategies to International Guidance: A First Step Toward Improving Incident Response Capabilities Across NATO
Author: Matt Holt, CEO, Intellium
Chapter 7: Evolution of National and Corporate CERTs – Trust, the Key Factor
Author: Olaf Kruidhof, Capgemini, The Netherlands
Chapter 8: Standards for Cyber Security
Author: Steve Purser, European Union Network and Information Security Agency (ENISA)
Chapter 9: A Model for Positive Change: Influencing Positive Change in Cyber Security Strategy, Human Factor, and Leadership
Author: Will Pelgrin
Chapter 10: Coordination and Cooperation in Cyber Network Defense: The Dutch Efforts to Prevent and Respond
Authors: Elly van den Heuvel (National Cyber Security Centre in The Hague, The Netherlands) and Gerben Klein Baltink (Dutch Cyber Security Council)
The book is available at IOS publishers: http://ebooks.iospress.nl/volume/best-practices-in-computer-network-defense-incident-detection-and-response-2