Conference & Workshops
One of the main goals of the work of the Centre is to enhance information sharing among NATO, NATO nations and partners in cyber defence. One of the means of doing this is to organise different information sharing and gathering events such as conferences and workshops.
Conferences
The Centre has been organising conferences each year to bring together experts from different disciplines and discuss recent trends in cyber security. With the exception of 2009, when the Centre held two different conferences, the event is always a mixture of law, policy, strategy and technical talks. Last conference, CyCon 2012, was held in June 2012 and next one is due in June 2013.
Workshops
Workshops are organised based on our Program of Work and the on demand if the project would benefit from this. So far have done joint workshops with ENISA, NCIRC and ACT. On our current agenda is a series of workshops, sponsored by NATO Science for Peace and Security Programme, which will give vital input to the “National Cyber Security Framework Manual". The manual will support both NATO member and non-member states in their approach to cybersecurity.
26 March 2012
International Cyber Defence Exercise Locked Shields 2012 Begins Today
NATO Cooperative Cyber Defence Centre of Excellence in cooperation with its partners is organising an international cyber defence exercise from 26th to 28th of March. The goal of the exercise is to support the Multinational Experiment 7, train IT specialist and legal experts, and learn from the activities of the teams.
“Centre’s main objective is to enhance the cyber defence capability of NATO and its partners and exercises such as this are invaluable for training the specialists’ skills and cooperation,” commented Director of the Centre, Colonel Ilmar Tamm. “I am very pleased that we have found good partners such as the Estonian Cyber Defence League to work with and I can only hope that this cooperation will continue for the next exercises as well.”
According to the exercise scenario, the Blue Teams represent small telecommunications companies which fall under cyber attacks. Blue Teams, distributed all over Europe, are expected to defend and secure their networks by technical means, but also to be capable of providing adequate information to the media, to report observations and detected incidents to CERT, to write summaries to the management in order to assess the impact of attacks to the business and to respond to requests from clients and users.
There will be one Red Team, whose objective is to provide equally balanced attacks against all Blue Team networks. To measure the success of different defence strategies and tactics, efforts of Blue Teams are assessed on a predefined scale.
The Blue Teams consist of experts and specialists from governmental organisations, military units, CERT teams and private sector companies. There will be Blue Teams from Switzerland, Germany, Spain, Finland, Italy, NATO (NCIRC), Slovakia and combined teams from Germany-Austria and Denmark-Norway-Sweden. The core of the Red Team is composed of specialists and volunteers from Finland and Estonia, with additional contributors from Germany, Latvia, Italy and NCIRC.
Locked Shields, named after an ancient defence tactics, is not a first technical exercise organised by the Centre. Last one, nicknamed Baltic Cyber Shield, was organised in May 2010 in cooperation with Sweden and Estonian Cyber Defence League. The Centre also contributes to the NATO Cyber Defence Exercise (Cyber Coalition) by helping to plan, develop, and execute the exercise.
NATO Cooperative Cyber Defence Centre of Excellence is one of many NATO Centres of Excellence. Its mission is to enhance the capability, cooperation and information sharing among NATO, its member nations and partners in cyber defence by virtue of education, research and development, lessons learned and consultation.
Additional information:
Kristiina Pennar
Public Relations
+372 717 6811
NATO Cooperative Cyber Defence Centre of Excellence
Kristiina Pennar
Public Relations
+372 717 6811
NATO Cooperative Cyber Defence Centre of Excellence
03 September 2012
Draft of the Tallinn Manual Published Online
The long awaited Tallinn Manual on the International Law Applicable to Cyber Warfare is now available for reading and research on our web page. The Manual is forthcoming in both paper and electronic format from Cambridge University Press (© Cambridge University Press 2013).
The Tallinn Manual, written at the invitation of the Centre by an independent ‘International Group of Experts’, is the result of a three-year effort to examine how extant international law norms apply to this ‘new’ form of warfare. It is therefore essential to understand that the Tallinn Manual is not an official document, but the product of a group of independent experts acting solely in their personal capacity. It does not represent the views of the Centre, its Sponsoring Nations, or NATO, nor is it meant to reflect NATO doctrine.
The Manual pays particular attention to the jus ad bellum, the international law governing the resort to force by States as an instrument of their national policy, and the jus in bello, the international law regulating the conduct of armed conflict (also labelled the law of war, the law of armed conflict, or international humanitarian law). Related bodies of international law, such as the law of State responsibility and the law of the sea, are dealt within the context of these topics. As such, the Tallinn Manual only focuses on the existing law and its interpretation in the cyber context – it does not propose or aim to contribute to the discussions on norms of behaviour, codes of conduct or confidence building measures.
The prospective users of the Tallinn Manual are government legal advisers to Ministries of Defence, Foreign Affairs, Interior and Justice; legal advisers to military forces and intelligence agencies; academics and graduate students in law, government and security studies; general counsel for defence industry; think tanks; consultancies; and law firms. The Tallinn Manual is designed to be accessible to lawyers with basic knowledge of international law.
NATO Cooperative Cyber Defence Centre of Excellence is one of many NATO Centres of Excellence. Its mission is to enhance the capability, cooperation and information sharing among NATO, its member nations and partners in cyber defence by virtue of education, research and development, lessons learned and consultation.
Additional information:
Kristiina Pennar
Public Relations
+372 7176 811
Kristiina Pennar
Public Relations
+372 7176 811
16 May 2012
CyCon 2012 is fully booked
The conference is fully booked and registration is no longer available. Media representatives please turn to kristiina.pennar-at-ccdcoe.org for accreditation.
https://web.archive.org/web/20130121091458/http://ccdcoe.org/340.html
https://web.archive.org/web/20130121091458/http://ccdcoe.org/340.html
05 June 2012
Experts gather in Tallinn for the conference on cyber conflict
400 experts from all over the world gather in Tallinn, Estonia from 6-8 June for the fourth International Conference on Cyber Conflict (CyCon) organised by the NATO Cooperative Cyber Defence Centre of Excellence. The conference topic, Military and Paramilitary Activities in Cyberspace, is disserted from the aspects of law and policy, strategy and technology.
The topic of the fourth conference was chosen to reflect the ever-changing nature of cyberspace. “The number of cyber conflicts keeps rising and it is important to understand who the actors in these events are, how to classify these events and participants, and how to interpret such events,” commented Colonel Ilmar Tamm, Director of the NATO Cooperative Cyber Defence Centre of Excellence. “One of the aims of our conferences is to bring together people from different areas and give them more insight to the other aspects of cyber,” he added.
Speakers and participants come from a wide range of disciplines, from law professors to politicians, from IT experts to strategists. Among the speakers in Law & Policy Track are Professor Dr Wolff Heintschel von Heinegg who will talk about territorial sovereignty and neutrality in cyberspace, Michael N. Schmitt who will talk about the meaning of an armed attack in cyberspace, and Jason Healey who will talk about the political considerations in regard of neutrality and cyberspace. Technical Track will contain a mix of practitioner and researcher presentations and discussions, among them Professor Thomas M. Chen’s “A Game Theoretic View of Stuxnet and Its Implications”, Felix Lindner’s “Preparing a Military Cyber Attack” and Ilias Chantzos’ “Cyber Attack Case Study”. Strategy Breakout Session will view the cyber conflict from the conceptual perspective and among the speakers are Dr Samuel Liles (“Applying Traditional Military Principles to Cyber Warfare”), Jeff Bardin (“Iran and Cyber”) and Timothy L. Thomas (“The Three Faces of the Cyber Dragon”). On Friday, a high level cyber attack scenario discussion will take place where a round of experts walks the listeners through the key points of a realistic cyber attack scenario.
The conference main event takes place from 6-8 June, but one day earlier on 5 June, number of workshops takes place. The workshops vary from introductory course in computers and networks, designed especially for law and policy experts, to advanced malware analysis aimed at computer forensics investigators and incident responders.
CyCon 2012 is supported by IEEE, Cisco, Gamma International and Microsoft.
NATO Cooperative Cyber Defence Centre of Excellence is one of many NATO Centres of Excellence. Its mission is to enhance the capability, cooperation and information sharing among NATO, its member nations and partners in cyber defence by virtue of education, research and development, lessons learned and consultation.
Additional information:
Kristiina Pennar
Public Relations
+372 7176 811
Additional information:
Kristiina Pennar
Public Relations
+372 7176 811
08 June 2012
CyCon brought together 400 experts of law, IT and policy
CyCon 2012, a cyber conflict conference organised by the NATO Cooperative Cyber Defence Centre of Excellence brought together 400 participants from 39 countries. The event stretched over 4 days with the workshops on the conference pre-day and the main event taking place from 6-8 June.
Opening speeches on the first day by MG Jaap Willemse from NATO ACT and Dr Rain Ottis from NATO CCD COE raised questions about offensive capabilities in cyberspace and the future of cyber conflict. Both speakers agreed that nations need red team capability to test the resiliency of their networks and organisations in a non-conventional situation. Later talks by Frédéric Dreier and Kenneth Geers confirmed the necessity since technical exercises need strong red teams to do feasible attacks against the blue teams.
Forrest Hare took a novel approach to attribution and deterrence in his speech. He suggested that in the end, attribution is a political decision not a legal concept and moreover, attribution is not always required to coerce the adversary. Technical Track also devoted fair amount of time to the attribution issue. Attribution is hard because of the nature of attacks, which tend to have several stages and the whole attack is spread over a long period of time. It is of no help either that the Internet is governed by multiple jurisdictions so international cooperation is necessary but often lacking.
Another key issue in the realm of cyber security is the transition to IPv6 which was extensively covered by Dr Latif Ladid. More and more technology gets connected to the Internet and new addressing system has to be used. This, on the other hand, brings about many new vulnerabilities and the need for increased competence in device and network designers and managers.
Technical Track also bounced news and ideas on case studies on botnets and a cyber attack case study by Symantec. Mario Golling from the Munich University summarised key trends in computer network attacks based on regular research. He emphasised that while sophistication of malware is rising, attackers need less skills to perform malicious activities. New developments that pose risks to computer security include the rise of number of smartphones, cloud computing and encryption tools used by the attackers.
Law and Policy Track covered a wide array of questions, discussing the threshold and intensity of a cyber conflict, if and when is it appropriate to exercise the Law of Armed Conflict, what is an armed attack in cyberspace, under which circumstances can a cyber attack trigger lawful self-defence measures. Professor Michael N. Schmitt introduced the work done by a group of experts with a goal to develop authoritative reference on the international law applicable to cyber conflict. The Tallinn Manual or Manual on International Law Applicable to Cyber Warfare will be published in 2013.
Professor Schmitt also gave his overview of the notion of an attack. Some of the key points he stressed was the idea that even an attack that includes delayed effects is an attack and that severity of consequences is always the key. At the same time, the notion of status of the target as the key is slowly fading away.
Professor Schmitt also gave his overview of the notion of an attack. Some of the key points he stressed was the idea that even an attack that includes delayed effects is an attack and that severity of consequences is always the key. At the same time, the notion of status of the target as the key is slowly fading away.
Popular talks in the Strategy Breakout Session discussed cyber defence through a conventional military prism, raising questions on the effects, persistence and target attributes of cyber attacks. An informative talk on cyber capabilities in Iran by Jeff Bardin packed the room full of conference participants to receive an introduction to different groups in Iran involved in hacking activities, training and education and covert operations. Keir Giles' great talk on Russia's stance on information warfare was another highlight of the session. One of his main conclusions was that the ideas floated by Russia in international information sphere are essentially not new but are increasingly being followed by a significant number of like-minded nations.
Last day in the Strategy Breakout Session a tabletop exercise, orchestrated by Colonel Timothy Evans from the Maryland National Guard, took place. The exercise featured a number of distinguished experts and practitioners on cyber security, (inter)national security and law. Thefictitious scenario included cooperation between intelligence agencies and law enforcement agencies, international cooperation among like-minded and not so like-minded countries, attribution, internal and international crisis communication and public-private partnership.
In one of the final talks of the conference, President of Estonia Toomas Hendrik Ilves expressed his pleasure over the fact that Estonia is no longer a lone voice in discussing cyber security at the international level as there are capitals stressing the importance of the issue all over the world. However, there seems to be a lack of strategic awareness in Brussels - NATO and EU seem to be lagging behind their member states
CyCon 2012 was supported by IEEE, Cisco, Gamma International and Microsoft.
CyCon 2013 will concentrate on automated decision making systems. The call for papers will be announced in autumn 2012.
Additional information:
Kristiina Pennar
Public Relations
+372 7176 811
Kristiina Pennar
Public Relations
+372 7176 811
16 July 2012
Change of Command
On Friday, the Centre bid goodbye to its Director of four years, Colonel Ilmar Tamm, and welcomed Colonel Artur Suzik who is the Director of the Centre as of 16 July 2012.
Colonel Tamm, who has led the Centre since its establishment in 2008, noted during the Change of Command ceremony that it has been an invaluable experience to grow and learn alongside with the Centre. “Every organisation’s success and sustainability is defined by its people and team spirit. It has been my honour and privilege to work with each and every one of you because you are what makes this Centre excellent. I hope to keep ties with you also in the future. I wish to Colonel Artur Suzik good luck and ask you to support him like you have supported me during my command tour at the Centre.”
Colonel Artur Suzik, whose last assignment was as the Chief of J6 in Estonian Defence Forces, greeted his new staff and expressed his admiration for the work done by his predecessor. “The Centre has grown from the idea proposed years back into a fully functioning one. From my experience of the past years as J6 and the Chairman of the Centre Steering Committee I know that the Centre’s support to the sponsoring nations, NATO and partners in the area of cyber defence has been phenomenal. It is very fascinating to now join the Centre and see the work done from the inside and to be able to command the Centre for the next years.”
The leaving Director handed over the flag of the Centre to the new Director and planted an oak tree to mark his command at the Centre.
CyCon
On Friday, the Centre bid goodbye to its Director of four years, Colonel Ilmar Tamm, and welcomed Colonel Artur Suzik who is the Director of the Centre as of 16 July 2012.
Colonel Tamm, who has led the Centre since its establishment in 2008, noted during the Change of Command ceremony that it has been an invaluable experience to grow and learn alongside with the Centre. “Every organisation’s success and sustainability is defined by its people and team spirit. It has been my honour and privilege to work with each and every one of you because you are what makes this Centre excellent. I hope to keep ties with you also in the future. I wish to Colonel Artur Suzik good luck and ask you to support him like you have supported me during my command tour at the Centre.”
Colonel Artur Suzik, whose last assignment was as the Chief of J6 in Estonian Defence Forces, greeted his new staff and expressed his admiration for the work done by his predecessor. “The Centre has grown from the idea proposed years back into a fully functioning one. From my experience of the past years as J6 and the Chairman of the Centre Steering Committee I know that the Centre’s support to the sponsoring nations, NATO and partners in the area of cyber defence has been phenomenal. It is very fascinating to now join the Centre and see the work done from the inside and to be able to command the Centre for the next years.”
The leaving Director handed over the flag of the Centre to the new Director and planted an oak tree to mark his command at the Centre.
The Centre has been organising conferences each year to bring together experts from different disciplines and discuss recent trends in cyber security. With the exception of 2009, when the Centre held two different conferences, the event is always a mixture of law, policy, strategy and technical talks.
Next CyCon will take place 4-7 June 2013. The conference will focus on the technical, strategic and legal implications of using automatic methods to manage cyber conflicts. The conference will be organized along two tracks: a Strategic Track and a Technical Track. Legal aspects will be incorporated in these two tracks.
Short overview of the previous conferences can be found here.
03 January 2013 CyCon 2012 Proceedings Available for Download
18 December 2012 Christmas Greeting
07 December 2012 National Cyber Security Framework Manual Published
06 December 2012 Conficker Study Published
21 November 2012 Article Style Guide Published for CyCon 2013
06 November 2012 DSACEUR Visits the Centre
05 November 2012 Botnet Study Published
27 September 2012 Call for Papers Announced for CyCon 2013
03 September 2012 Draft of the Tallinn Manual Published Online
13 August 2012 Workshop on National Cyber Security Framework
16 July 2012 Change of Command
26 June 2012 Cyber Defence Awareness e-course now available
08 June 2012 CyCon brought together 400 experts of law, IT and policy
05 June 2012 Experts gather in Tallinn for the conference on cyber conflict
23 May 2012 Locked Shields video published
16 May 2012 CyCon 2012 is fully booked
05 April 2012 The Netherlands joins the Centre
02 April 2012 Last free slots for the training courses
26 March 2012 International Cyber Defence Exercise Locked Shields 2012 Begins Today
27 February 2012 Registration opens for CyCon 2012
23 January 2012 ICCC Proceedings Available for Download
19 January 2012 NATO Secretary General Visits the Centre
20 December 2011 Christmas Greeting
05 December 2011 CyCon Abstract Submission Date Changed
