Cyber resilience: protecting NATO’s nervous system

Imagine a long-range ballistic missile is launched, targeting NATO’s population, territory or forces. NATO commanders may only have six minutes to decide to engage and intercept. During that short timeframe, they rely primarily on operational information provided through information technology (IT). Without the right information, at the right time, in the right place, their ability to make a decision is compromised, and disaster looms.

In an unpredictable security environment, adapting to new threats is essential. Being able to access reliable information within minutes is even more crucial. This concern was evident at the NATO Summit in Warsaw in early July. Allied leaders agreed to strengthen NATO’s resilience and ensure that it remains adaptable by design. Recognition of cyber as an operational domain – along with the air, land and sea – confirmed that protecting NATO’s nervous system is critical. IT represents a fundamental pillar of resilience and a critical enabler of decisions taken at Warsaw to strengthen NATO’s deterrence and defence posture, underpinning NATO’s long-term adaptation to the emerging security threats.

So what does IT do for the Alliance?

In the case of a long-range ballistic missile attack, IT provides the glue for the command and control capability, which allows NATO to determine, in a few minutes, whether Alliance security is threatened and the missile should be intercepted.

NATO Secretary General Jens Stoltenberg views a display of Global Hawk – an important part of Allied Ground Surveillance, which serves as NATO’s eyes in the skies. © NATO

NATO’s Alliance Ground Surveillance System (AGS) – Global Hawk Unmanned Aerial Vehicle and Ground Control Stations – is a 21st century system supporting commanders’ real- and near real-time situational awareness at strategic distance and within hours, if not minutes, of a crisis arising. AGS serves as NATO’s eyes in the skies, gathering massive amounts of data for enhanced situational awareness. But what use is all that information without the IT infrastructure through which it is communicated to feed the political and strategic layer?

Without cyber resilience, the Alliance cannot operate military capabilities like AGS and ballistic missile defence, which offer a strategic and technical advantage over potential adversaries.

The unprecedented scale and sophistication of cyber-attacks has demonstrated that cyber resilience is not static, and that what has been done in the past to defend and maintain the Alliance’s IT infrastructure may not work in the future. Investing in developing an enterprise network approach that includes the Alliance, its member states, industry and perhaps partner countries is key.

So how does IT ensure the Alliance remains flexible and adaptable by design? NATO’s 360-degree functional approach ensures it maintains an edge in military technology over its adversaries through agile acquisition, early engagement and closer partnership with industry, enhanced interoperability, and by projecting resilience beyond NATO borders.

Innovation coupled with agile acquisition

One of the greatest challenges ahead is the pace of NATO’s technology refresh. NATO must acquire cutting-edge information technology at the same speed as potential adversaries, if it wants to keep its lead. Global banks update their entire IT infrastructure rapidly and often. Their logic is a simple response to a non-static threat and is based on reality; they cannot afford to have compromised networks.

The NATO Industry Cyber Partnership was presented at a two-day conference in September 2014, in Mons, Belgium, where 1500 industry leaders and policymakers gathered to discuss cyber collaboration. © NATO

NATO is not a bank but, like a bank, it cannot afford to be compromised. Banks use technology incubators in collaboration with the cyber industry to increase mutual understanding, and to speed up and de-risk acquisition. The NATO Industry Cyber Partnership has paved the way for collaboration with the private sector in addressing cyber threats. Through piloted incubators, NATO, industry and academia work together on defining challenges and investigating innovative solutions in the areas of big data and data fusion, cyber defence situational awareness and mobile security. A pilot project can turn into a permanent process with the political will to back it up.

Through a modernised IT, NATO has access to new levels of intelligence gathering, early warning, rapid decision-making and solutions to address the threats and challenges emanating from a changed security landscape, where both state and non-state actors have unparalleled levels of access to global cyber space and cutting-edge technology.

The volatile security environment has increased the risk of miscalculation when responding to these complex and unpredictable threats. The means to minimise that miscalculation also rely on IT. To mitigate that risk, NATO should develop, acquire and implement the right IT capabilities for the Alliance. IT programs have a much shorter and more fluid lifespan than conventional capabilities. If NATO wants to maintain the technological advantage its military capabilities give the Alliance, it needs to ensure that its IT is robust and resilient enough to operate and maintain these capabilities.

Joint Intelligence, Surveillance and Reconnaissance helps decision-makers and action-takers make informed, timely and accurate decisions during military operations. © NATO

As threats develop at a rapid pace, NATO must ensure its nervous system is fit for purpose. Recently, the NATO Communication and Information Agency announced it would be investing three billion euros between now and 2019 in cyber, air and missile defence as well as advanced software.

Enhanced interoperability

At Warsaw, the Allies took crucial steps to establish an enhanced forward presence in Estonia, Latvia, Lithuania and Poland composed of multinational forces based on four battalion-sized battlegroups. Enhanced interoperability – the ability to communicate, use equivalent NATO standards and common technical solutions, exercise, train and work together in a coalition format – is key to strengthening NATO’s defence and deterrence posture.

In today’s battlefield, an IT network is crucial to modern warfare, linking military assets, airplanes, tanks, ships, etc. in a manner never seen before. NATO’s military operations – and extensive military capabilities – are becoming increasingly net-centric. The network must be as – if not more – technologically advanced as the capabilities it supports, so that they can be operationally effective and deliver a combined tactical, operational or strategic effect. The Allies are tackling this challenge head on and working with industry to close any interoperability gaps.

Every single NATO exercise has confirmed that the real challenge for the Alliance is to enable and reinforce interoperability between national units and the NATO force structure. How effective would NATO’s deterrence and defence posture be if its own enablers – the NATO Response Force, Joint Intelligence Surveillance and Reconnaissance, Command and Control Capabilities, the Combat Service Support component, the NATO command structure, strategic awareness, hybrid warfare, cyber and strategic communications – were not able to operate as an integrated whole? In a rapidly changing security environment, investing in IT is paramount to ensure NATO’s network remains resilient.

More than 50 troop-contributing nations operated side by side in Afghanistan, developing an unprecedented level of interoperability. Building on this success, Federated Mission Networking helps Allied and partner forces to better communicate, train and operate together.

Federated Mission Networking (FMN) leverages the success achieved in the International Security Assistance Force (ISAF), where more than 50 troop-contributing nations operated side by side, developing an unprecedented level of interoperability. It ensures strong and defendable networks which are critical for NATO’s resilience. This capability supports command and control in future operations through improved information-sharing. It provides the agility, flexibility and scalability to respond to emerging requirements of any mission environment in future NATO operations, delivering cost-effectiveness and promoting the maximum re-use of existing standards and capabilities. Future mission networks with an FMN stamp will significantly reduce the interoperability gap between coalition partners.

While budgets remain tight, there are options within these constraints. NATO First Solutions (N1S) contribute to preserving and leveraging the level of interoperability acquired in a coalition environment through seamless integration with existing NATO capabilities, avoiding re-development costs. Stronger partnerships and incentives with industry partners are key to ensure that industry continues to develop NATO-interoperable solutions. N1S help nations guarantee interoperability, ensure cost-effectiveness, reduce complexity and provide the same IT platform used during exercises and theatre operations.

Resilience beyond NATO borders

As part of political adaptation, partners play an essential role in NATO’s efforts to project stability. Through cooperative security, the Alliance works closely with non-member states to address security threats and challenges from a 360-degree approach to security. The interoperability developed under the ISAF coalition was enabled by a common IT platform, which allowed information and intelligence sharing between Allies and partners, ensuring operational success. NATO must be able to achieve the same level of interoperability with partners as it faces new and complex challenges.

Information warfare is a 24/7 battle, making cyber resilience vital to fulfil NATO’s core tasks.

Close cooperation between NATO and partner countries is critical to the Organization’s resilience and to improve these partners’ own resilience through defence capacity building. For instance, the NATO-Ukraine Command, Control, Communications and Computers (C4) Trust Fund is assisting Ukraine build a solid IT infrastructure to increase its resilience. This model of technical cooperation could be replicated with other partners, who rely heavily on old Soviet equipment and IT systems inherited from Russia.

IT resilience is vital to fulfil NATO’s core tasks, maintain its technical edge and ensure its capabilities work as an integrated whole in the 21st century, where information warfare is a 24/7 battle. Without a modern, effective and resilient IT infrastructure, long-term transformation of the Alliance remains a strategic dialogue without technical substance. NATO must continuously adapt and innovate to ensure that it can defend itself from emerging threats. While this comes with a price tag, defending the Alliance’s nervous system is not an option, but a necessity.

This piece is based on a longer article published by the NATO Defense College (see pp 8-15).

About
the Author

Nadja EL Fertasi and Diana De Vivo work at the NATO Communications and Information Agency, where they support, respectively, stakeholder engagement, and internal governance and decision-making.