Mainstreaming European Military Cyber Defence Training & Exercises

Similar documents
European Defence Agency Capabilities Directorate COMMON STAFF TARGET FOR MILITARY COOPERATION ON CYBER RANGES IN THE EUROPEAN UNION

CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES

OUTCOME OF PROCEEDINGS

Enhancing Cyber Security in Europe Dr. Cédric LÉVY-BENCHETON NIS Expert Cyber Security Summit 2015 Milan 16 April 2015

The EU s approach to Cyber Security and Defence

Synopsis Cyber Situation Awareness Package

Towards defining priorities for cybersecurity research in Horizon 2020's work programme Contributions from the Working Group on Secure ICT

ehealth in support of safety, quality and continuity of care within and across borders

The EU s 2030 Effort Sharing Agreement

egovernment Digital Agenda Scoreboard 2014

MM, EFES EN. Marc Mathieu

111957/EU XXIV. GP. Eingelangt am 19/04/13 COUNCIL OF THE EUROPEAN UNION. Brussels, 16 April /05 EXT 1 COSDP 354

A EUROPEAN DEFENCE RESEARCH & TECHNOLOGY STRATEGY

The Evidence Base on Lifelong Guidance

Council of the European Union Brussels, 4 March 2015 (OR. en) Delegations No. prev. doc.: 9298/5/14 EU Cybersecurity Strategy: Road map development

Energy Security and CSDP: Energy Factor in the EU Military Missions and Operations

Online job search in the EU: The potential of web 2.0

the EU framework programme for research and innovation

SURVEY ON THE TRAINING OF GENERAL CARE NURSES IN THE EUROPEAN UNION. The current minimum training requirements for general care nurses

Measuring Quality of life in the European Union

Your first EURES job. Progress Summary 2014Q4. March 2015

Comparison of annuity markets (OECD National Annuity Markets: Features and Implications, Rusconi 2008) Mercer

INNOBAROMETER THE INNOVATION TRENDS AT EU ENTERPRISES

Briefing note. Survey of environmental liability insurance developments

Council of the European Union Brussels, 11 March 2016 (OR. en)

Council of the European Union Brussels, 5 June 2015 (OR. en) Delegations No. prev. doc.: 9298/5/14 EU Cybersecurity Strategy: Road map development

European Commission Agenda for Quality and Innovation in Public Administration

Cyberspace Strategic Impact Social Risk Management. Cyber Security and Cyber Defence. Cyber Defense: NATO Vision

Czech Universities and the Environment for Innovation. Rudolf Hanka

Ohrid, 4 June 2012 NATIONAL BANK OF THE REPUBLIC OF MACEDONIA 5TH CONFERENCE ON PAYMENT AND SECURITIES SETTLEMENT SYSTEMS

Tackling undeclared work in the European Union and the EU candidate countries. Barbara Gerstenberger Eurofound

THE ROLE OF PUBLIC SUPPORT IN THE COMMERCIALISATION OF INNOVATIONS

EUROPEAN CIVIL RPAS OPERATORS FORUM

KNOWLEDGE ECONOMY CHALLENGES FOR LIFEONG LEARNING

Dublin, March EPSO Network of Experts in the field of Personnel Selection 14th March 2013

EUROPE 2020 TARGET: EARLY LEAVERS FROM EDUCATION AND TRAINING

Level crossing signs from the view of road users in Europe. Tamás Déri Hungarian NSA

European judicial training Justice

Funding of debt-advice across the EU

OVERVIEW OF RESEARCH PROJECTS IN THE ICT DOMAIN ICT statistical report for annual monitoring (StReAM)

Khalil ROUHANA Director. Directorate-General for Information Society European Commission

Digital Agenda Targets Progress report. Digital Agenda Scoreboard 2014

Voluntary health insurance and health care reforms

Active Engagement, Modern Defence - Strategic Concept for the Defence and Security of the Members of the North Atlantic Treaty Organization, 1010

Improving Teacher Quality the EU agenda

Horizon 2020 Secure Societies

ESDC EUROPEAN ARMAMENT COOPERATION COURSE AWARENESS LEVEL COURSE (AWL) PROGRAMME (ALL SPEAKERS TO BE CONFIRMED) DRAFT AS OF

User language preferences online. Analytical report

ENISA: Cybersecurity policy in Energy Dr. Andreas Mitrakas, LL.M., M.Sc., Head of Unit Quality & data mgt

EN 106 EN 4. THE MOBILE USE OF THE INTERNET BY INDIVIDUALS AND ENTERPRISES Introduction


European developments in VET Quality Assurance

The Digital Skills challenge and coalitions for digital jobs

The ICT workforce and e-leadership demand and supply ( )

HOW COMPANIES INFLUENCE OUR SOCIETY: CITIZENS VIEW

Digital Inclusion and Skills. Digital Agenda Scoreboard 2014

Cyber Security in Austria

The EU Energy Tax Directive: overview about the proposed reform, impacts on national measures and state of play

EUROPEAN YOUTH: PARTICIPATION IN DEMOCRATIC LIFE

ANALYSIS OF THE STAKEHOLDER CONSULTATION ON

ENTERING THE EU BORDERS & VISAS THE SCHENGEN AREA OF FREE MOVEMENT. EU Schengen States. Non-Schengen EU States. Non-EU Schengen States.

Information and Communications Technologies (ICTs) in Schools

The Transition to Tendering Perspective from the Manufacturing Industry

The case for a European Social Union. From muddling through to a sense of common purpose. Frank Vandenbroucke EIB Institute Luxembourg, 5 March 2015

SME Instrument statistics

Andreas MAUSOLF Customs Liaison, Mass Marketing Fraud & Environmental Crime Fraud Unit (O28) Serious Organised Crime Department Europol

THE FUTURE OF TELEVISION IN EUROPE

Rolling out eidas Regulation (EU) 910/2014. Boosting trust & security in the Digital Single Market

How To Study The Small Ruminant Population In The European Land Animals

EU Cybersecurity: Ensuring Trust in the European Digital Economy

Performance Management in Public Sector Organisations: The Contribution of the CAF

Study on comparison tools and third-party verification schemes

Doro PhoneEasy 331ph

Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28),

Social dumping and free movement: Overview of current issues from an economic point of view

Session 9 Cyber threats in the EU s and NATO s new strategic context General Kees Homan: Introduction Political cyber attacks

Civilian Headline Goal 2010

ERMInE Database. Presentation by Nils Flatabø SINTEF Energy Research. ERMInE Workshop 2 - Northern Europe Oslo, 1. November 2006

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary

Family Law. Fieldwork: June 2006 Report: October 2006

Achieving Global Cyber Security Through Collaboration

European Research Council

EXCHANGE STUDIES PRACTICAL INFORMATION. Kadri Toom International Relations Office, Tallinn University of Technology

EUROPEAN AREA OF SKILLS AND QUALIFICATIONS

Hotel Industry VAT in EU

European Research Council

Broadband Coverage in Europe Final Report 2009 Survey Data as of 31 December DG INFSO December 2009 IDATE 1

EUROPEAN SEMESTER THEMATIC FICHE ACCESS TO FINANCE

Transcription:

2nd ENISA International Conference on Cyber Crisis Cooperation and Exercises, 23-24 Sep 2013, Mr. Wolfgang Roehrig, Project Officer Cyber Defence Mainstreaming European Military Cyber Defence Training & Exercises

Mission to support the Council and the Member States in their effort to improve the European Union s defence capabilities for the Common Security and Defence Policy. So we do for Cyber Defence in CSDP 2

Agenda Cyber Security Strategy for the EU and the related military concepts The EDA Project Team Cyber Defence and its development Training related findings of the EDA Cyber Defence Landscaping Study Cyber Defence Training Need Analysis and Training Curriculum Cyber Ranges Ad Hoc Project Opportunities for Civil-Military Cooperation on Training & Exercises 3

Cyber Security Strategy for the EU: The key military aspects Cyber security efforts in the EU also involve the cyber defence dimension. Assess operational EU cyber defence requirements and promote the development of EU cyber defence capabilities and technologies to address all aspects of capability development including training & exercise dimension; Develop the EU cyber defence policy framework to protect networks within CSDP missions and operations; Promote civil-military dialogue in the EU and contribute to the coordination between all actors at EU level; Ensure dialogue with international partners, including NATO, other international organisations and multinational Centres of Excellence. 4

Civil-Military Cooperation Society/ Economy Whole-ofgovernment(s)/Union (comprehensive approach) Global, multinational 5

EDA Project Team Cyber Defence Start: Nov 2011 Aim: pms: Within the remit of the Cyber Security Strategy for the EU to assess short, medium and long term Cyber Defence capability requirements and to identify collaborative options in order to improve Cyber Defence resilience of pms and CSDP operations EE/IT (rotational chair), AT, BE, BG, CY, CZ, DE, EL, ES, FI, FR, HU, IE, LT, LV, NL, PL, PO, RO, SE, SI, SK plus CH, NO on a regular basis plus EUMS, Council GSC, CION, ENISA, EC3, ESA, EU SatCen EDA to-date Achievements on Cyber Defence: Contribution to the Cyber Security Strategy for the EU (2012-2013) Cyber Defence Landscaping study (2012) Liaison Agreement with CCD COE, Tallinn (2013) Acceptance of EDA Steering Board MoDs to add Cyber Defence to the Pooling & Sharing (P&S) agenda (2012); Delineation & Coordination of EDA R&T with CION with respect to FP7 under the European Framework Cooperation (EFC); Initiation of an adhoc Project on Cyber Ranges Initiative on deployable Cyber Defence Situational Awareness Kits for OHQ/FHQ Initiative on improved APT Detection 6

Cyber Defence Lines of Development DOTMLPF-I - a holistic approach Doctrine & Organisation Interoperability Facilities EU Cyber Defence Leadership & Personnel Training & Exercises Materiel & Technology 7

The Stocktaking Study: Some training & exercise related recommendations for EU institutions Deepening Incident response capabilities; Creating a culture of cyber-security (good practices, training, awareness raising); Promulgating standards and security tools; Reinforcing links between EU/NATO for cyber defence issues. 8

The Stocktaking Study: Some Training & exercises related recommendations for member states Improve Exchange of best practices on doctrine (D); Ensure CD is not just a IT related function (O); Mainstream cyber defence training (T); Encourage participation in exercises (T); Explore better identification of lessons learned and trusted information sharing (T); Pooling and sharing of testing platforms for patches; exploits and reverse engineered code (F); Use of a common Cyber defence interoperability frameworks across the public sector (I). 9

EDA Project: Cyber Defence Training Need Analysis and Training Curriculum Provide an assessment of cyber defence learning needs and propose solutions: Define and segment training audiences; Describe skills and competencies needed; Define learning requirements; Scope existing delivery streams and identify gaps; Identify multinational training & exercise opportunities; Explore synergies with civilian training infrastructures; Explore modern training and exercise methods and formats; Explore and describe support and training tools required; Define comprehensive set of required Cyber Defence courses. 10

EDA Project: Cyber Defence Training Need Analysis and Training Curriculum Different levels of required Cyber Defence expertise CIS Specialist level (Specialized) Cyber Legal Expert level (Insight & Specialized) C2 Practitioner level (Insight) ICT User level (Foundational) Defining target audience Supported by specific types of Cyber Defence training, exercises & testing Table Top Technical exercise Procedural Defining appropriate training & exercise format Joint exercise development Inventory of exercises 11 Functional requirements for training & exercise support & training tools (e.g. Cyber Ranges) Tools in spt of T&E Defining capabilities Functionalities of Tools Defining appropriate support & training tools

Target Audience Categorisation (1) Target Audience Boundary: Those who set out the policy and strategy for, implement, support, are held at readiness for, and deploy on CSDP Crisis Management Operations, and who have a Cyber Defence learning need. Sophisticated Generalist Understanding of Cyber Operations High Degrees of Specialist Legal Competencies High Degrees of Specialist CD Competencies CSDP C2 Practitioners (several tens of thousands?) Cyber Legal Experts (several hundreds) CSDP CIS Specialists (several thousands?) CSDP ICT Users (several hundreds of thousands?) Foundation Level CD Awareness 12

Target Audience Categorisation (2) Audience Category Definition Rationale CSDP CIS Specialists Cyber Legal Experts CSDP C2 Practitioners CSDP ICT Users J6 and CD specialist military personnel: within EU Institutions bearing responsibility for CIS and CD aspects of CSDP; those within pms Defence entities with similar responsibilities, and those who are held at readiness for, or committed to, the CIS and CD support of CSDP operations/missions Civilian and military officials : within EU Institutions and bearing responsibility for legal assessment of activities in cyber space and/or providing related legal advice to decision makers; within pms MOD HQs and Joint HQs bearing similar CSDP-specific responsibilities, and those who are held at readiness for, or committed to the legal advice for CSDP operations/missions Civilian officials and military commanders and generalist staff officers: within EU Institutions and bearing responsibility for CSDP policy, strategy and implementation; within pms MOD HQs and Joint HQs bearing similar CSDP-specific responsibilities, and those who are held at readiness for, or committed to the C2 of CSDP operations/missions All personnel: in the pms and the EU Institutions with CSDP-specific roles, and who are held at readiness for, or committed to CSDP operations/missions, who must interact with networked digital data Need for high levels of competency in narrowly-bounded and specialist CD activities Need for a sophisticated, but nonspecialist understanding of Cyber Operations and high level of competency on their legal implications Need for a sophisticated, but nonspecialist understanding of Cyber Operations and their potential impact on military capability effectiveness and operation/mission outcomes Need for a foundation-level awareness of CD hygiene principles 13

Military Training & Exercise Requirements Procedural Training & Exercises - C2 Practitioners (strategic, operational & tactical level Cyber Defence decision making and dynamic risk management; - Cyber Defence Legal Experts (integration of legal advice on cyber in the decision making process); - milcert-leaders (communication with C2 Practitioners); - milcert (CERT-internal procedures and communication with technical experts); - (govcerts). Specialists Training & Exercises (hands-on) - CSDP CIS Specialists: System and Network Administrators of military information infrastructures; Mil SOC Operators Cyber Defence Instructors; milcerts; (govcerts). - Legal Experts (Evaluation of cyber incidents with respect to legal implications). ICT Users - General Awareness and Threat Awareness - Recognition of malfunctions and/or potential incidents (e.g. spearphishing) - General CD Hygiene - Reporting 14

EDA adhoc Project: CYBER RANGES Scope of the Ad Hoc project is the Pooling and Sharing of Cyber Ranges: Increase availability of existing Cyber Ranges; Increase occupation rate/efficiency of existing Cyber Ranges; Federate existing and future Cyber Ranges into a Cyber Ranges Network (CRN) for large scale and complex exercises; Mainstreaming and Improving Cyber Defence Training, Exercises & Testing at European level. cms: AT, CZ, EE, EL, FI, IE, NL (CH following the development in an associated role); LoI signed 30 May 2013; Spiral development in 5 spirals; IOC (MoU Increment) planned to be in place mid 2014; FOC (Cyber Ranges Network/Federation) April 2018. Cyber Range 15

Areas for Civil-Military Cooperation on Training and Exercises Shared Risk Assessment Alignment of civil and military Cyber Training curricula Coordination of civil and military Cyber Training/Exercise schedules Participation of govcerts (observer and/or active) in national and multinational military exercises with Cyber Threads, e.g.: - EU MILEX/Multilayer Exercise serials - CCD COE exercise serials (Locked Shields 2012) Participation of military Command & Control structures and milcerts (observer and/or active) in national and multinational civil crisis management exercises with Cyber Threads, e.g.: - DE LÜKEX serials - Cyber Europe serials - Cyber Atlantic serials Shared use of Training & Exercise Platforms 16

European Defence Agency Rue des Drapiers 17-23 B-1050 Brussels (Belgium) 2 nd ENISA International Conference on Cyber Crisis Cooperation and Exercises, 23-24 Sep 2013, Mr. Wolfgang Roehrig, Project Officer Cyber Defence Thank you for your attention

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information