5 minute read
Wolfgang Röhrig, Brussels Cyber defence in the European Union is part of its defence capabilities Cyber strongly influences capability development
Cyber defence in the European Union is part of its defence capabilities
34 by Wolfgang Röhrig, Head of Unit Information Superiority, European Defence Agency, Brussels
Today, cyber space is recognised as a domain of military operations, which is, per se, of cross-cutting nature. Thus, cyber strongly influences any kind of capability development. Before tackling cyber defence, let’s have a look at the strategic defence context in Europe.
The strategic context of European defence First, some facts and figures on European defence: the defence expenditures of EU Member States in 2016 1 added up to about 208 billion euros. In terms of the Gross Domestic Product (GDP), the estimated average figure was about 1.4%. In 2016, the collaborative spending on equipment purchases reached 6,3 billion and the collaborative expenditure on research and technology was about 143 million euros. This means only a small portion of about 3.1% of the overall expenditure was spent collaboratively. These figures illustrate the need for defence to be better organised at a European level. We need more debate on the better implementation of defence cooperation. European defence needs interoperable capabilities incorporating innovative solutions – technologies that are not fielded in defence until now and that are increasingly important, like artificial intelligence or nanotechnology. These will dramatically change defence capabilities, and Europe shall not stay behind. European defence has gained new momentum, especially with the implementation of the European Union’s Global Strategy published in 2016. Since then, several new EU instruments have been launched to support the development of new and innovative military capabilities – including cyberdefence – such as the Coordinated Annual Review of Defence (CARD), the Permanent Structured Cooperation (PESCO) and the European Defence Fund (EDF). Furthermore, the upcoming new European Commission will set up a specific Directorate General for “Defence Industry & Space”. Taking into account the currently fragmented European defence sector, the goal must be to make the European defence landscape more coherent. This requires more than just asking Member States to spend 2% of their GDP on defence.
Coherent approach from priorities to impact To that end, there is a need for the integration of joint priorities for the development of European capabilities as they were agreed in the Capability Development Plan (CDP), the latest version of which was approved by the EDA Steering Board in June 2018. The CDP addresses the security and defence challenges from a European perspective, looking at the future operational environment and defining the capability needs agreed by the Member States, reflecting the contributions of the Military Committee and the European Union Military Staff. The CDP sets a total of 11 priorities, and among them is “Enabling capabilities for cyber responsive operations”. These priorities represent the main orientation for the development of capabilities in a collaborative way in Europe. Avenues of approach for their coherent implementation have been agreed in the related Strategic Context Cases (SCC) in June 2019.
Wolfgang Röhrig
Photo: EDA
has been the Head of Unit Information Superiority in the Capability, Armament and Planning Directorate of the European Defence Agency (EDA) since November 2018. He was born in 1966 and entered the German Navy in 1985. In March 2012, he joined the EDA as Project Officer and became Programme Manager for Cyber Defence at the beginning of 2014. In this position, he shaped the EDA Cyber Defence Programme. In February 2018, he returned to the German Armed Forces becoming a staff member of the new Cyber and Information Domain Services Headquarters, before taking up his current post at EDA.
Now, the task is to link the new EU defence cooperation tools (CARD, PESCO and EDF) to these priorities by generating collaborative projects in such a way that the result contributes to a greater coherence of European military capabilities. And what applies for defence capabilities in general also applies to capabilities that enable cyber responsive operations. The technological revolution we see with 5G, robotics, autonomous systems, etc is expected to dominate the future battlefield as well as the inherent question of how those capabilities can create an advantage against adversaries. There is often a tendency to think that in such digital scenarios, ICT systems are the only systems that are protected against the occurrence of cyber-attacks. However, other components such as, for instance, electromagnetic signals that are used to transport communications are also part of this environment and the convergence of cyberdefence with electronic warfare becomes evident. Going forward, increasingly automated scenarios will increase with the proliferation of autonomous systems, which in turn bring new challenges on system integrity as well as ethical and legal considerations about their usage. In addition, they must be prepared to operate in cyber and electromagnetic contested environments. This is where future cyber defence will be most needed. The challenge is to secure the entire military value chain: from the sensors over decision-making to the effector systems. photo: ©Gorodenkoff, Fotolia.com
EDA’s Cyber Defence Programme The EDA’s cyber defence programme supports the development of the necessary capabilities for responsive cyber operations in the light of CDP implementation. This comprises the following areas of work: • Improve cyber defence competencies and skills for military personnel, • Ensure the availability of state-of-the-art cyber defence technologies. This includes the identification of those that will have the biggest impact on the research agenda, • Adopt an approach to cyber “systems engineering” with special emphasis on architecture, • Ensure coordination with other European agencies and institutions responsible for cybersecurity and other international actors, • Implement cyber defence measures in a cross-cutting way in the air, land, sea and space domains. Today, the EDA runs three ad hoc projects in the implementation phase (Cyber Ranges Federation, Cyber Situation Awareness for HQs, Improved APT detection) with different constellations of contributing members. At the same time, there are also two cyber related projects progressing under the Permanent Structured Cooperation (PESCO) initiative. Additional cyber projects can be expected from the 2019 call for new PESCO projects. Furthermore, the European Defence Industrial Development Programme (EDIDP) and the consecutive EDF are expected to incentivise cooperation in this field. The current EDIDP work programme includes topics on cyber defence and one can expect new cyber project proposals from mixed consortia as part of the recent call for EDIDP project proposals, and for which the proposals are currently under evaluation.
Conclusions Artificial intelligence is expected to change the way of thinking. It will facilitate the way cyber defence is handled and controlled by providing, for example, automatic detection of vulnerabilities that can be resolved without operator intervention, networks that “heal” themselves by installing semi-autonomous or autonomous smart agents much faster than human beings. Other technologies of interest are blockchain, the Internet of Things or big data analysis as disruptive innovations in defence. In the strategic landscape of European defence, the new EU defence cooperation instruments – the revised CDP, CARD, PESCO and EDF – are means of achieving better coherence and improved European military capabilities – including in cyber defence.
