10 minute read
NATO Edge in Review
64
The NCI Agency’s new flagship event – NATO Edge – solidifies its future as a vital engagement forum not only for the NCI Agency, but for NATO in general. Simon Michell reports
Since its establishment 10 years ago, the NCI Agency has organized and run two high-profile conferences a year – NITEC and NIAS. The flagship conference, NITEC was a showcase and networking event for industry to highlight the technology and innovation that could enhance NATO capabilities. It was held across the transatlantic Alliance in places as diverse as Berlin, Oslo, Ottawa and Tallin. NIAS (NATO Information Assurance Symposium) on the other hand, focused almost exclusively on cyber security and was held every year at the Lotto Mons Expo venue close to the main railway station in Mons. However, when COVID-19 struck, the preparations for the 2020 NITEC20 in Austin Texas had to be postponed until 2021. As a consequence of the enduring pandemic, it was later unfortunately cancelled. This led to the emergence of an interim free online summit in 2021 – ‘NITEC Connect’, which was a groundbreaking virtual conference run along very similar themes to the physical event minus the networking and the industry exhibition. NITEC Connect was only ever going to be a stopgap as the Agency stated in its announcement of the postponement, “The NCI Agency is devoted to hosting a premier
65
66 technology event that maximizes opportunities for networking and one-onone conversations to enhance business for our participants.”
The break from holding the physical events, therefore, gave the NCI Agency an opportunity to recalibrate its engagement strategy and come up with something new. The result? NATO Edge.
OFF TO A GREAT START
Combining the two former conferences into a single three-day event at the Lotto Mons Expo in Mons was universally welcomed by the delegates and exhibitors. It not only meant that they could focus their engagement over a single event, but also that the burden on constrained budgets could be reduced.
The two-and-a-half-day event, from 25 to 27 October 2022, took place in two main areas of the Lotto Mons Expo building – the main plenary auditorium and the exhibition hall. The main plenary auditorium held an audience of more than 2,000 delegates and played host to a number of compelling keynote speeches. There were also presentations from Agency staff and industry executives as well as some extremely valuable panel sessions.
On stage, over the three days, there were keynote speeches from eminent military and political figures – including the Prime Minister of the host nation, Belgium, Alexander De Croo, the former President of Estonia, Kersti Kaljulaid, the Deputy Secretary General of NATO, Mircea Geoană, the Chairman of the Military Committee, Admiral Rob Bauer, and of course, the General Manager of the NCI Agency, Ludwig Decamps.
The General Manager opened proceedings with a description of the current instability and danger facing the Alliance. Referencing the illegal invasion of Ukraine and the resultant energy crisis across the continent, he stated, “It is from that perspective that the NCI Agency is enabling here, for the next three days, a strategic dialogue on technology, collaboration, partnerships – essential ingredients to future-proof the Alliance and to counter future threats and challenges.” For his part, the Belgian Prime Minister reiterated Belgium’s commitment to the NCI Agency, “As you know, Belgium attaches a great importance to the NCI Agency. As Belgians we are extremely proud of this long-term cooperation with the NCI Agency. As the host nation, we have supported NATO and the Agency from the very beginning.” He then went on to highlight the Agency’s support to the Alliance and the Member States in terms of its specialist skills in the field of cyber security and emerging and disruptive technologies. “The field of technological innovation has become more important than ever and cyber security and emerging and disruptive technologies are really at the core of your mission, but I would say also at the core of what NATO is doing and the protection that NATO is providing to its partners.”
THE EXHIBITION HALL
The main plenary hall feeds out into the exhibition hall where there were white inflatable Innovation Theatres and the open-air colour-coded briefing theatres strategically placed amongst the exhibitor stands. Over the course of the conference, there was an undoubted buzz in the air as delegates mingled with each other in a notably enthusiastic manner. The exhibitors were also highly animated and engaged. Overall, there was an unmistakable enthusiasm for the event. On being asked why his company was exhibiting at NATO Edge, the Senior Solutions Architect from Belkin, Stephen Dade, explained, “The main benefits for coming to NATO Edge is that the contacts are all quality contacts. The visitors are coming because they want to make contact, they want to learn and they are genuinely interested.” He continued, “In terms of cyber security, I insist that we only come to one show a year, and NATO Edge is that show.”
NCI AGENCY CELEBRATES 10-YEAR ANNIVERSARY
The first NATO Edge conference coincides with the NCI Agency’s 10th anniversary
At the end of the first day of NATO Edge, delegates, speakers and exhibitors were invited to the main plenary hall to share a glass of champagne and toast the 10th anniversary of the NCI Agency. All three of the Agency’s General Managers (GMs) were on stage to participate in the celebrations – the first GM, Koen Gijsbers, his replacement, Kevin Scheid, and the current incumbent, Ludwig Decamps.
As the first GM from 2012 until 2016, the former Olympian, Dutch Major General, Koen Gijsbers (Retd), successfully oversaw the merging of 14 NATO organizations into a single homogenous entity responsible for developing and supporting NATO communications networks and IT infrastructure. Kevin Scheid, previously from the US Mitre Corporation, an accomplished mountaineer having scaled Tanzania’s Mt Kilimanjaro, continued the intricate and often complex merge process and oversaw the launch of the NITECH magazine in 2019. Former Belgian Major General, Ludwig Decamps, succeeded Kevin in 2021 with a remit to strengthen NATO’s resilience and sharpen its technological edge – hence the NATO Edge conference.
67
INDUSTRY PERSPECTIVE
Building a resilient threat-informed cyber defence
Threat Intelligence Platform – Unique, Scalable and Operational
Joep Gommers
Founder and CEO, EclecticIQ
What are the core technology offerings behind EclecticIQ’s threat intelligence capabilities and how do they work?
Our flagship technology is the Threat Intelligence Platform (TIP). Our TIP helps organizations ingest, consolidate, normalize and enrich structured and unstructured data about the cyber threats that they acquire from multiple sources. EclecticIQ’s platform allows customers to operationalize this data in a variety of ways, including conducting investigations, prioritizing threats and sharing intelligence. The benefits of our TIP include accelerating threat detection, improving prevention and mitigating cyberattacks.
Our customers can use our TIP internally or in collaboration with other organizations in a network. Collaboration tools, such as automated report feeds, enable multiple organizations to share threat intelligence so they can be more proactive in defending against potential attacks. However, this information-sharing process is carefully managed. For example, each organization determines its comfort level for both providing and receiving information. Once the other TIP users in the network have done the same, intelligence can be synchronously shared.
What type of customers are EclecticIQ’s offerings designed for and why?
Our TIP can benefit any organization facing sophisticated cyber threats. That said, our customers tend to be government entities engaged in defence, intelligence, national security and cyber security. In addition, we are seeing strong interest from the law enforcement community. On the enterprise side, our customers are primarily involved in manufacturing, critical infrastructure and finance.
Organizations typically choose our platform because its capabilities strengthen their existing cyber security systems and help operationalize their intelligence for threat detection and mitigation. You might say EclecticIQ’s TIP provides the technology link between threat data and the people who need to use it.
How can EclecticIQ’s solutions help customers such as NATO protect their data and networks?
EclecticIQ technology can help an organization such as NATO in three main ways:
• Strategic independence and collaboration • Data fusion • Customization
In the first case, we enable NATO members to share selected threat information, but not necessarily everything. Our TIP provides flexibility: each participant in the network can operate our software according to their own policies governing what information is shared, how it is shared and with whom – all while operating the software independently, adhering to the policies of each individual agency, including in air-gapped and classified environments.
Data fusion capabilities enable NATO Member States to combine external sources of threat intelligence with their internal datasets. Through data normalization, correlation and analytics, a unified view for cyber situational awareness is made available programmatically or to analysts.
Customization capabilities enable our TIP to support organizations with their requirements to tailor intelligence to use cases and technology needs. Powerful workflow customization, APIs and SDKs are available.
What does EclecticIQ add to NATO’s and the NCI Agency’s cyber security capabilities?
Since our founding in 2015, EclecticIQ has been supplying technology capabilities to NATO Member States to enable them to better defend themselves and others, take control of cyber threat data and collaborate. The NCI Agency and EclecticIQ have an even longer association. The NCI Agency did, in fact, award EclecticIQ with significant investments through its Accelerator programme.
As an example of the value delivered to a NATO Member State, EclecticIQ supported the National Computer
Emergency Response Team (National CERT) of an EU member state government, in transitioning from reactive cyber response to intelligenceled proactive cyber defence to increase the nation’s cyber resilience. This collaboration established faster threat response, enabled by the timely distribution of high-quality threat data. With collaboration, one organization’s reactive effort becomes another’s proactive asset. Key advantages of the EclecticIQ TIP implementation included:
• providing a backbone for automated ingestion and processing to address the high volume of threat data; • enriching and correlating threat data to improve confidence; • facilitating collaboration by dedicated CTI analysts at the
National CERT to deliver highquality threat data and intelligence; • integration and close coupling with agency security information and event management (SIEM) systems and the National Cyber Sensor
Network to facilitate faster threat and incident response; and • supporting federated security and trust mechanisms to manage access controls and confidential data among the member SOCs. Each
SOC controls access to its data.
Why is EclecticIQ unique?
Our technology is built with national security in mind, with NATO, the NCI Agency and many other national security agencies among our first customers. We understand the critical importance to customers of strong controls over their data, the need to adhere to national security architectures, and the enormous scale involved at the national and international levels.
In addition, our longstanding experience in national security and defence has enabled EclecticIQ to amass knowledge about the field and develop sophisticated tradecraft. Our expertise is borne out by the way we allow our users to visualize and analyse data to produce actionable intelligence, as well as the way we enable analyst collaboration on our platform. Our technology operates across levels of classification and supports air-gapped and edge architectures. This is just the tip of the iceberg.
EclecticIQ also stands out as the only European threat intelligence technology company servicing national security. This gives us that extra impetus not only to serve as a cyber security partner to our customers, but also to strengthen diversity in the supplier landscape. Although we have European roots, we service customers around the globe.
