Shahriyar Gourgi’s Post

NATO and Cyber: Outrunning the Bear In the future, NATO will need an institutional platform for operational collaboration in cyber among member states and the private sector. Commentary by Suzanne Spaulding and Mark Montgomery — July 8, 2024 The NICC should make every effort to avoid classifying information. Not only does it hamper collaboration, but classification also provides a false sense of confidence. Plans whose success depends on keeping information secret for any significant length of time are brittle. The reality is that the shelf life of secrets is vanishingly short. NATO should assume that its adversaries have access to the same information that it does and plan accordingly. It should focus less on keeping information secret than and more on the integrity of and access to that information.

NATO is taking significant steps to combat cyber threats with the creation of a new cyber center. The NATO Integrated Cyber Centre (NICC) will follow the model of the UK’s National Cyber Security Centre and bring together civilian experts, industry professionals and military personnel. Speaking at the ENISA Cybersecurity Policy Conference, James Appathurai NATO’s Deputy Assistant Secretary General for Innovation, Hybrid and Cyber, highlighted the potential dangers of cyberattacks on ports, which could severely disrupt the supply of critical military and civilian materials. Presenting his keynote address at the conference, Appathurai stated: “For example, a port in Europe has been under a sustained cyberattack to try to lock the locks. So we have ships transiting through, [the attackers] try to lock it and drain the water to drop the ship inside of the lock, which would damage the ship and block the port.” Appathurai did not name the port and did not confirm the port when asked by Recorded Future News. But for a major seaport such as Rotterdam, the potential impact of such an attack could severely disrupt the supply of critical military and civilian materiel. Officials in the United States are warning that cyberattacks pose a significant threat to ports. https://lnkd.in/eT5szVbU #preventionfirst #NATO #cybersecurity #collaboration #digitaldefense #criticalinfrastructures #cybercenter #cyberresilience #zerotolerance

A very good article about how Russian intelligence agencies have re-focused their cyber efforts from targeting the strategic goals towards the tactical application cyber exploited intelligence at the tactical level in support of frontline objectives. "Moscow has rebalanced its overarching concept of operations to emphasize targets that can provide more direct and tangible battlefield advantages to its conventional forces." https://lnkd.in/gMVQ8h5Y

NATO to launch new cyber center to contest cyberspace 'at all times' "NATO will establish a new cyber center at its military headquarters in Mons, Belgium, a senior official confirmed to Recorded Future News on Wednesday. The new facility, details about which have not previously been reported, marks the fruition of a significant doctrinal shift in how the alliance approaches operations in cyberspace. The shift, as officially set out in NATO’s Strategic Concept (2022), states that “cyberspace is contested at all times,” meaning it cannot just be a concern for the military alliance during moments of crisis or conflict. NATO needs to constantly engage with adversaries on computer networks — not just when Article 4 or Article 5 are triggered by allies." #cyber #cybersecurity #cyberdefense #NATO

Example cyber kill chains for tactical effects as learned by the Russian Federation’s cyber forces. These sorts of observations should be driving the development of joint operating concepts both within the services and USCYBERCOM.

NATO to boost tech adoption – sees #cyber, #space, #subsea as priorities. At its Washington summit the Alliance also announced the launch of a new #NATO Integrated Cyber Defence Centre. Details and links to some of the extensive array of #software and #services that NATO is procuring in our story below. 👉 https://lnkd.in/ev8mjy2u #digitaltransformation #nationalsecurity #techinvestment

SUMMARY Pentagon enhances foundational cyber intelligence through new pilots and sprints under DIA and Cybercom leadership. MAIN POINTS - Lt. Gen. Jeffrey Kruse initiates a 90-day sprint focusing on military cyber intelligence as new DIA director. - U.S. Cyber Command and NSA expand cyber intelligence to support multi-domain operations and understanding of adversaries. - Challenges include defining foundational cyber intelligence and enhancing collaboration between Cybercom and NSA. TAKEAWAYS - Cyber intelligence is crucial for understanding and countering cyber threats in modern warfare. - Integrating cyber intelligence across military commands is a priority to improve strategic and tactical operations. - Enhanced cooperation and clear intelligence roles are needed between DIA, Cybercom, and NSA. #nsa #dia #uscybercommand #cybercom #threatintelligence #cybersecuritynews

NATO to launch new cyber center to contest cyberspace 'at all times'. Why it matters: 1. NATO's planned Integrated Cyber Centre (NICC) signals a notable shift in the alliance's strategy towards proactive engagement in cyberspace: recognizing that cyberspace is constantly in flux and can't be approached solely in times of crisis or conflict. 2. Modeled on the UK's National Cyber Security Centre, the NICC will host experts from various sectors to monitor and address potential threats 24/7, illustrating the interconnectedness of military, civilian, and commercial networks and the necessity for continuous oversight. 3. The NICC will particularly help in enforcing cyber norms amongst allies and strengthen international cybersecurity standards, emphasizing the alliance's commitment to collective defense and deterrent strategies in an era dominated by digital threats. Learn more by visiting The Record from Recorded Future News: https://lnkd.in/eZ3phERn

NATO #Cyber #Defence Meeting Tomorrow: Focus on Resilience, #Power #Grids, Collaboration with the Civilian Sector & #ATPs Tomorrow, global NATO cyber defense experts will convene in #London to discuss strategies against exceptionally #aggressive #threat #actors targeting critical infrastructure, including #power #grids. Securing such assets is a top priority for NATO allies. https://lnkd.in/eqU-2aR8 NATO's Work on Zero Trust Architecture (#ZTA) NATO is advancing its cybersecurity framework by integrating Zero Trust Architecture (ZTA)—a “never trust, always verify” approach. In NATO’s federated systems, ZTA is crucial to enable secure resource sharing across different nations and domains without relying on implicit trust. Studies on Interoperable Zero Trust Federated Architecture have demonstrated how fine-grain compartmentalization and least-privileged access policies ensure that every interaction is continuously verified. This approach is particularly vital in military and tactical missions, where coalitions require seamless yet secure data and service exchanges. The POLITICO article highlights the #UK's emphasis on #collaboration between military and civilian sectors to counter cyber threats. #Chancellor of the Duchy of Lancaster, Pat McFadden, underscores the necessity for NATO allies to enhance their cyber defenses, emphasizing the importance of cooperation between military and civilian entities to protect critical national infrastructure. Learn more about NATO's ZTA initiatives: NATO C3B ZTA Strategy: https://lnkd.in/eBfCkTkt NIAG Study on ZTA: https://lnkd.in/eNk7h28m An Interoperable Zero Trust Federated Architecture for Tactical Systems: https://lnkd.in/eapn29FD ZTA Beyond Defense: Relevance for #Civilian #Sector ZTA is equally important for civilian applications, especially in #critical #infrastructure like power grids, healthcare, smart cities, transport and financial systems. It enables: 1️⃣ Robust Identity and Trust Mechanisms and Governance: Ensuring only verified entities interact with sensitive systems. 2️⃣ Software-Defined Policies: Defending API endpoints with dynamic, context-aware rules. 3️⃣ Authorized Transaction Partners (#ATP): Only ATPs access data/services in open/federated ecosystems, protecting against unauthorized breaches. Securing open ecosystems demands strong authentication, authorization, and real-time policy enforcement. A secure #Legal #Person #EUDI #Wallet is key to Zero Trust Architecture in the civilian sector. It ensures robust #transient #trust through real-time credential validation, cross-domain interoperability, and protection against unauthorized access. EUDI Wallets anchor ZTA by enabling secure, ad-hoc temporary, and verifiable interactions across #previously #unknown #ATPs in open ecosystems. Join the conversation and explore how strong identity and ZTA principles can protect critical systems worldwide.

The Cyber Champions Summit in Sydney ended on Wednesday night. #NATO Allies and 4 indo-pacific partners met to discuss #cyber policy and the strategic outlook in cyberspace in the short term. A fantastic opportunity to foster international cooperation at the highest political level, sharing ideas on #attribution, civ/military cooperation, #hybrid threats, incident management for severe incidents and other topics. #WeAreNATO #StrongerTogether https://lnkd.in/exmmWDu3