Amy Ertan Profile picture
12 Jan, 45 tweets, 17 min read
I'll be tweeting about the @ccdcoe Virtual Book Launch: 'Cyber Threats and NATO 2030: Horizon Scanning and Analysis' - happening now!
#Cycon2020 will be online, confirms @ccdcoe director @JTarien
Keynote David van Weel - NATO's Assistent Secretary General for Emerging Security Challenges - highlights how NATO must be able to able to protect and defend itself in cyberspace.
Correction: #CyCon2021 will be online
ASG David vac Weel closes his keynote by acknowledging how some states are turning towards #offensivecyber tools. Questions for NATO and what constitutes acceptable behaviour in cyberspace. Huge themes of course - including cyber-deterrence.
Turning to the pandemic effects - David van Weel highlights a call for individual member states as well as NATO to develop cyber resilience capabilities. Huge interdependencies, as alluded to chapters on supply chain security:…
NATO has begun to research the implications of smart cities, including for cyber. NATO's approach to cyber is multi-faceted - see NATO factsheet (Aug 2020) here:…
Time for the first panel, moderated by Dr Anthony Stefanidis and with presentations from @HoansSolo, Jacopo Bellasio, and @Simona_Soare. Read their chapters here:…
Franz-Stefan Gady (@HoansSolo) presents 'Cyber Capabilities and Multi-Domain Operations in
Future High-Intensity Warfare in 2030'.
The paper introduces technical, organisational and doctrinal requirements for multi-domain operations - looking at the US, UK and Germany precedent. Full paper available here:…
Jacopo Bellasio presenting 'The Impact of New and Emerging Technologies on The
Cyber Threat Landscape and Their Implications for
NATO' (co-authored with @esilfversten @RANDCorporation ) - paper available here:…
Bellasio makes the point that the most significant impact on the cyber threat landscape in the next decade won't be from any individual element - but will be from the complex interaction between various (including current and legacy) technologies.
Bellasio highlights: new cyber developments will further advantage malicious actors - it'll be easier to use newer technologies for offensive activity, with lower ethical and legal barriers. Must consider socio-technical implications - much of the innovation is industry-driven.
Recommendations from Bellasio and @esilfversten paper: ensure 'absorptive capacity' for innovation, identify emerging tech requirements - working with industry, and strengthen trust and interoperability across the @NATO alliance.
Fascinating paper 'Smart Cities, Cyber Warfare and
Social Disorder' by @Simona_Soare and @DrJoeBurton is now being presented. Full paper available here:…
The paper outlines connected social disorder in smart city environments - highlighting how technical smart-city challenges *cascade* through technological, social and societal effects.
The paper was inspired by the following research gaps (1) an almost exclusive focus on technical vulnerabilities (networks, 5G, IoT, the data) (2) little profile on security and defence actors (3) little focus on how national & supranational governance layers smart-city defence
Over 70% of NATO members' citizens live in urban spaces - and with urbanisation - this % will increase in coming decades. @simonasoare highlights that the onset of smart-city infrastructure represents a rapidly expanded attack surface.
QnA for Panel 1. @HoansSolo highlights interoperability of cyber capabilities as a major challenge for the Alliance - especially given different states invested at different intensities between members.
Digital inequality (like inequality, furthered by COVID-19) poses major challenges. Many cyberattacks are facilitated by human factor - digital inequality may lead to accidental lack of knowledge - which will be exploited. @Simona_Soare
AND social inequality - @Simona_Soare: underprivileged communities will have less investment to protect their networks, in communications to their citizens (affecting digital inequality). This shouldn't be punished = role for NATO and non-trad. actors (local govt etc) to support.
Q from @DrAndrewDwyer on speed in ML-driven conflict - how do states detect, respond, or conduct attacks at machine-speed? @Simona_Soare raises challenges for governance. Speed and quick reactions aren't necessarily the best - could be incompatibilities in response.
Second panel for the 'Cyber Threats and NATO 2030:
Horizon Scanning and Analysis' book launch moderated by @tcstvns - with presentations from Martin Libicki, @BilyanaLilly, Chon L Abraham and @sdaultrey. Focus on cyber conflict to follow.
First up: Martin Libicki with 'Cyberspace Escalation: Ladders or Lattices?'. Full paper with Olesya Tkacheva available here:…
How do you deescalate in cyberspace? Martin Libicki outlines that risk management is more complicated than kinetic domains due to ambiguity.
The paper outlines an 'escalation lattice' highlighting how different forms of escalation may present across cyberspace. Multiple paths for escalation (and therefore, de-escalation)
'Russia’s Cyber Limitations in Personnel and
Innovation, Their Potential Impact on Future
Operations, and How NATO and Its Members Can
Respond' by @BilyanaLilly and Joe Cheravitch up now. Chapter available:…
The chapter examines the main factors that limit the growth of Russia's cyber programmes, examines policies introduced by Russia to address the limitations - and provides recommendations to NATO and its allies to take advantage of these limitations.
As @BilyanaLilly explains - limitations on Russian cyber programmes are: relative budget, computer science innovation in recent decades, and 'brain-drain' - a skills shortage due to wages (IT practitioners among top worker category to emigrate).
How is Russia addressing these limitations? Outsourcing/ coercing to conduct ops on Moscow's behalf; cultivating specific innovation; expanded recruitment; espionage targetting other states' capabilities and more explained by @BilyanaLilly
And what should NATO & NATO allies do with this information? @BilyanaLilly summarises the paper recommendations: continuing to attract Russian IT talent, continue with indictments, and to carefully consider the consequences of sanctions.
'Considerations for NATO in Reconciling Barriers to
Shared Cyber Threat Intelligence: A study of Japan, the
UK and the US' by Chon Abraham and @sdaultrey. Full paper available:…
Challenge set one for cyber threat intelligence sharing - capacity and willingness. Chon Abraham highlights the potential role of NATO as an enabler, broker, and advisor.
Another challenge set: Culture and trust - 'Understanding each other'. The paper examines approaches by Japan, US and UK and highlights the challenges to be overcome when fusing intelligence amd technical cyber groups
NATO can have a significant role in facilitating CTI sharing - concludes @sdaultrey. NATO could set out operating principles, guide to best practice communications (setting platforms and strategic culture, help define a common operating language) and help facilitate trust.
QnA time. In response to a Q on how Russia balances its own cyber capability vs the use of proxies- @BilyanaLilly highlights the central challenge of attribution - especially when Russia asks/ coerces/ contracts other parties to engage in malicious cyber activity.
On states and cyber threat intelligence - Chon Abraham explains the value in understanding the constraints of each state, then being able to advise based on that context - a useful role for NATO. 'NATO can put the problem across more neutrally and be the interface' - @sdaultrey
@sdaultrey Trust goes beyond organisational trust when it comes to CTI. Chon Abraham suggests: if NATO is in a position to be a custodian of data on cyber tools and validation of CTI information - that has NATO well-placed to be a broker, facilitate trust, and provide guidance.
.@BilyanaLilly notes that the institutional rivalry between the Russian Ministry of Defense vs. the FSB isn't hard-set - there's evidence they're educating each other i.e. in cryptography. A development that that NATO and Allies will need to pay attention to.
Closing remarks from Steve Hanson (Vice Provost for International Affairs at William and Mary). Reflects: what makes an open democratic environment appealing (freedoms, independence) also cause vulnerabilities across the cyber domain.
Steve Hanson adds: We must be able to support open societies and our complex independencies - without being so vulnerable. We don't want to prevent media engagement or restrict information flow - and adversaries use these wishes against alliance members.
The recurring theme of this book launch has been trust. How do we facilitate greater trust between allies? Trust in institutions? Trust in the NATO alliance? NATO, and this book/ event, demonstrates the potential of this work to mitigate current distrust levels.
Don't take it from the editors ;) Steve Hanson recommends everyone take a look at the full 'Cyber Threats and NATO 2030: Horizon Scanning and Analysis' volume - as a set of 'fantastic insights from a great range of perspectives'.
That's a wrap! A reminder that the full 'Cyber Threats and NATO 2030' e-book is available at:… - with an option to download individual chapters.
Presentations will also be uploaded within the next week or so - I'll update on this thread when that happens. Now, it's dinner time.

• • •

Missing some Tweet in this thread? You can try to force a refresh

Keep Current with Amy Ertan

Amy Ertan Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!


Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @AmyErtan

11 Sep 20
September @ccdcoe report is now out:…
Takeaways from the @ccdcoe report: systems, protocols and plannings may never return to pre-COVID-19 times. WFH and rise in demand for digital collaboration tools raise requirements for adapted security processes and procedures.
(2) Aggressive disinformation ops discovered by @FireEye in which legitimate news websites are hacked and used to spread fake news. A threat that will be amplified by deepfake creation/ AI. @ccdcoe
Read 11 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!