The NATO Information Assurance and Cyber Defense Symposium (NIAS) 2016 emphasized the importance of increased partnerships to address cybersecurity risks and outlined future challenges on Sept. 7-8 in Mons, Belgium.
“In cyber, hubris is our worst enemy. Thinking that we have solved it, that we are safe. This symposium is the best antidote for that,” Rear Adm. Thomas Daum, chief of staff of the NATO Communication and Information Agency (NCI Agency), said in his opening address.
The NCI Agency hosted the conference, NATO’s largest annual one on cyber issues, which brought together over 1,000 NATO alliance officials and industry representatives to discuss cybersecurity trends. Earlier, the agency said the event is meant to help NATO plan its vision for future cyber defenses before contract bids for NATO cyber updates are released in 2017 (Defense Daily, Aug. 25).
The agency is responsible for operating and defending NATO’s networks in addition to advanced technology acquisition.
“At NIAS we always scare each other a little bit – we talk of the threat, how the attacker only needs to get it right once, how one e-mail can bring down networks valued at tens of millions. But we also inspire each other, including in the workshop sessions; we change, refresh our thinking. And we build connections, friendships,” Daum added.
The first day focused on the next steps for NATO’s cyber defense from political, operational, and technological perspectives.
Ambassador Sorin Ducaru, NATO Assistant Secretary General for Emerging Security Challenge, highlighted the importance of alliance-wide cooperation on cybersecurity and how important the cyber domain is going into the future.
“Partnerships are essential. None of us alone is better equipped to fight cyber threats than all of us together.”
“We know that NATO’s operations and missions are going to be unfolding in a heavily contested environment where our networks will be under attack,” he added.
“We had to recognize we are getting more and more dependent on our networks and that there is no such thing as a completely secure networks. A resilient force is one that can continue to function when its networks have been attacked or disrupted,” Maj. Gen. Walter Huhn, representing Allied Command Operations, said in a separate statement.
The second day saw cyber leaders from the U.S., U.K. and France discuss their separate national perspectives on cyber security in their national security plans and industry experts discussing emerging trends.
Richard Hale, Deputy CIO for Cyber Security at the U.S. Defense Department, highlighted the size of the cyber and IT challenge for the Pentagon, saying that “we have more IT workers than we have Marines.”
He also said that automating basic tasks and empowering regular IT staff to enact basic cyber defense and maintenance alongside better user education is a focus of the department’s strategy. This will allow top defenders to focus their time on the more difficult tasks.
John Stewart of Cisco Systems [CSCO] spoke of the quickly growing scale of cyber defense challenges. “During the span of NIAS one million new devices will be connected to the Internet.”
He also noted that “half a billion pieces of software were downloaded last year… Five terabytes of data will be generated per person within the next four years, all that data needs to be thought through now.”
Stewart was voted as best industry speaker at the conference, the NCI Agency said.
However, Ian West, Chief of Cyber Security at the NCI Agency, tried to sound a note of optimism by saying that “70-90 percent of cyber attacks are preventable though basic cyber hygiene.”
The conference also discussed the $78.5 million in cyber refresh set to being in 2017 as part of a fundamental upgrade of NATO’s cyber capabilities from 2017-2019.
“We’re about to embark on major refresh, worth about 70 million Euro. Today, cyber innovation is driven by the private sector. Several nations have already embarked along the cyber domain route with industrial partners. This is why we want to have the conversation with you early, before we come to the actual acquisition stage,” Rear Adm. Thomas Daum, NCI Agency Chief of Staff, said in a statement,
NIAS followed the NATO Summit at Warsaw, Poland in July, where NATO members officially recognized cyberspace as an operational domain (Defense Daily, July 5).