Multinational Cyber Defence Capability Development (MNCD2)

Size: px

Start display at page:

Download "Multinational Cyber Defence Capability Development (MNCD2)"

Donna Parrish
5 years ago
Views:

1 Multinational Cyber Defence Capability Development (MNCD2) Cyber Defence Smart Defence Projects Conference Lisbon 28 th of April 2016

2 AGENDA S M A R T D E F E N C E? It is a renewed culture of cooperation that encourages Allies to cooperate in developing, acquiring and maintaining military capabilities to undertake the Alliance s essential core tasks agreed in the new NATO strategic concept. That means pooling and sharing capabilities, setting priorities and coordinating efforts better. 1. MNCD2 background 2. Project portfolio CIICS CDSA DMCCI CSAT 3. Future developments 4. What s in it for you? 5. Questions

3 MNCD2 background PARTICIPATING NATIONS: Synergy PROJECT OFFICE: PARTNERING: Efficiency Industry & academia Agile Born-interoperable Legal framework

4 Investments

Awareness DMCCI Distributed Multi-sensor Collection and

5 Project portfolio CIICS Cyber Information and Incident Coordination System CDSA Cyber Defence Situational Awareness DMCCI Distributed Multi-sensor Collection and Correlation Infrastructure CSAT Cyber Security Assessment Team

6 IMPLEMENTATION PLANNED Project portfolio: CIICS (Technical) Information Sharing: PLANNED 1. Ticketing incident data 2. Threat, vulnerability, other CD data STAND-ALONE & FEDERATED TBD Obtain a license? ncia.mncd2@ncia.nato.int

7 Project portfolio: CDSA New missions & priorities Constant change Constant attack Cascading dependencies Conflicting information Limited resources

8 Project portfolio: CDSA Requirements gathering and use case prioritization ( ) Request for Information; conference; selection (2015) Pre-contract testing (Jan-May 2016) Tailoring and high-fidelity demonstration (May-Nov 2016) Implementation recommendations; Virtual machines for testing (Jan 2017) 1 Raytheon 2 HP ES 3 Deloitte 4 IBM 5 Thales 6 TeraMach Technologies 7 General Dynamics 8 BT Security 9 RSA 10 Codenomicon 11 Oracle 12 Solana Networks inc. 13 SMT 14 Secure Decisions 15 RHEA 16 Compusult 17 Northrop Grumman MNCD2 CIICS Mitre Corporation RFI responses 1 Raytheon 2 HP ES 3 Deloitte 4 IBM 5 Thales 6 General Dynamics 7 BT Security 8 RSA 9 Codenomicon 10 Oracle 11 Solana Networks inc. 12 SMT 13 Northrop Grumman MNCD2 CIICS Mitre Corporation Conference 1 Raytheon 2 HP ES 3 Deloitte 4 IBM 5 General Dynamics 6 BT Security 7 RSA Shortlist Readiness testing 1 Raytheon (Forcepoint) 2 HP ES 3 General Dynamics 4 RSA

9 Project portfolio: DMCCI STORAGE any mechanism that gives deeper insight into the unusual, abnormal and potentially malicious in an organization would be a great addition to the arsenal of tools available... PARSING CORRELATION

Overarching concept CSAT ConOps Project portfolio: CSAT Goals and objectives Governance Emulated threats Assessment activities Assessment lifecycle CORE ConOps Services

Implementation options Implementation plan Business case CSAT Concept Independent assessment Assess overall effectiveness of security measures Testing of Operational CIS

10 Overarching concept CSAT ConOps Project portfolio: CSAT Goals and objectives Governance Emulated threats Assessment activities Assessment lifecycle CORE ConOps Services Organizational structure & staffing Facilities & equipment Documentation Organizational structure & staffing Facilities & equipment Documentation Implementation Implementation options Implementation plan Business case CSAT Concept Independent assessment Assess overall effectiveness of security measures Testing of Operational CIS Demonstrate mission impacts through cyber domain Provide mission assurance to stakeholders and senior decision makers Improve the ability of users and operators to detect and respond to cyber attacks

11 New capabilities? Vulnerability Handling Tools Formatting & IERs SCADA Supervisor High-level Reference Architecture Tactical C2 Cyber tools CyberViz AI Integration to Detection CD Moving Target Principle Semi Automated Response Deception Networks Online Forensics Analysis Honey Tokens Open source Quick Scanning CENSYS Multi-level monitoring & logging Detection through Big Data Recognized Cyber Picture Overarching Concept/ TTPs for CD Valid hash integration CMDBs Malware Analysis Tools

12 What s in it for you? In-depth information Licensed use (CIICS) Adopt results (CDSA) Share the other way around

13 Questions

14 Management structure

Cyber Defence Situational Awareness

Cyber Defence Situational Awareness HQ SACT, ACT Office of Security NC3A, CAT-2 1 Objectives of the Workshop Communicate and clarify the context of Cyber Defence within NATO Present ACT s Cyber Defence