Big interview
Practice makes perfect One of the many ways in which the NCI Agency works to develop Nato’s resilience and demonstrate the value of ICT is through the annual Locked Shields exercise. The world’s largest and most complex international real-time cyber defence exercise, Locked Shields is organised by the Nato Cooperative Cyber Defence Centre of Excellence (CCDCOE) and held each year in Tallinn, Estonia.
Bringing together personnel from across the Alliance, Nato member countries and partners, Locked Shields sees teams compete against each other in a game-based environment. The Alliance team, led by the Nato Cyber Security Centre, is made up of nearly 30 experts from the NCI Agency, as well as from other Nato bodies and three Nato allies. “The role of the NCI Agency is to help develop the technical scenarios, putting our teams to the test,” Decamps explains. While the challenges take place in a fictional environment, the technical obstacles that the teams must tackle are all very real. Some NCI Agency experts took part in ‘red teaming’ – playing the role of enemy forces in these scenarios. For the 2022 exercise, the ‘blue team’ defenders were required to protect both a medical and a financial institution against cyberattacks from the red team forces – along with the usual network systems and critical infrastructure such as power plants, water supply and telecommunications. “This is something that is both good training for the staff that further sharpens their technical skill sets, but also lets us see how we can work together even when exposed to cybersecurity challenges,” says Decamps. “Because cybersecurity is a team sport, and especially in our environment – with so many nations working together – you want everyone to contribute to the solution.” Cybersecurity is a key part of the NCI Agency’s responsibilities, according to Decamps. “We have people in the agency who are monitoring Nato networks, and taking technical measures, defensive measures to protect these networks,” he explains. “And that ranges from ‘threat hunting’, as we call it, but also forensic analysis of incidents so that we learn from those experiences.”
The Locked Shields exercise, then, is one of the principal elements in a much broader picture, ensuring that the NCI Agency and Nato remain fit for the future in cybersecurity. And while Decamps was immensely positive about this year’s event, takeaways and team performances, he also had a few notes for the experts who participated.
“They need to understand the broader environments in which they are operating, and how intelligence on the evolving-threat picture is part of that,” Decamps explains. “And that can only be done through the exchange of data and intelligence. […] There is a critical advantage to be gained from sharing information on certain cyberthreats and how they can then be
mitigated. And that goes beyond the technical – the situational awareness part is also important.”
A time of change
A major Nato summit will take place in Madrid, Spain, at the end of June 2022, which will see the Alliance’s new Strategic Concept approved by its members, dictating its roadmap for the next decade or so. The NCI Agency has a key role to play here in enhancing the understanding and focus of political leadership on the benefits that technology can provide the Alliance, and how to best use this to prepare for the future – “the ambitious agenda for data”, as Decamps puts it. Similarly, on 6 April 2022, the NCI Agency launched their own Strategic Plan for 2022–26, focusing the agency’s efforts and resources along four goals – excellence in delivery; support Nato’s agenda; hire, train and retain the best; and build strong and lasting partnerships across the Nato enterprise. The main driver for this new plan is the NCI Agency’s current operational environment, which is going through quite significant changes in terms of how the agency looks at the threat landscape. “We are, in my view, going through some defining moments for the Alliance, not just triggered by the Russian invasion in Ukraine, but more broadly,” says Decamps, referring to the upcoming Strategic Concept and the recent publishing of other important documents, such as the Alliance’s “An Artificial Intelligence Strategy for Nato”.
“When I started as general manager of the agency, one of the immediate things we were involved in was Nato’s evacuation from Afghanistan.”
For Decamps, it was vital for the NCI Agency to be ready to operate in this burgeoning environment, and the Strategic Plan was designed with that in mind. One of its key tenants is to ensure the NCI Agency supports Nato’s agenda on emerging and disruptive technologies, which have been identified as a key driver for change but also as an element of concern in terms of the evolving threat landscape.
This encompasses advances in artificial intelligence (AI), quantum computing and cloud technologies, to name but a few. The goal is not only to ensure that the NCI Agency understands these systems – and the dangers and opportunities they present – but also to make them available for use within Nato at the appropriate level.
That in itself creates its own challenges, as the NCI
Agency must ensure that it has people in place who understand these developments and can inform political leadership on the potential options at hand. “That’s something that can sometimes sound very distanced,”
Defence & Security Systems International /
www.defence-and-security.com 11
Opposite page: Ludwig Decamps, general manager for the Nato Communications and Information Agency.
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53
