Consolidation of alliance management, maintenance capabilities increases efficiency through synergy.
The NATO Communications and Information Systems Services Agency (NCSA) is responsible for managing and operating the alliance’s global networks. The agency maintains several companies of personnel in Afghanistan to support NATO forces and to ensure connectivity to headquarters in Europe and North America.
NATO has centralized its computer support services to better provide warfighters with battlefield data and to effectively manage and protect alliance networks. By combining management, maintenance and network defense capabilities in a single command, NATO seeks to benefit from increased efficiencies and reduced manpower requirements.
The organization responsible for managing the alliance’s distributed communication and information systems (CIS) is the NATO Communications and Information Systems Services Agency (NCSA), headquartered in
The NCSA consists of 10 sectors located at major NATO command centers across Europe and the
Gen. Wolf notes that the NCSA is one of the two bodies providing NATO CIS support. The agency’s sister organization is the NATO Consultation, Command and Control Agency, or NC3A located in Brussels and The Hague, which is responsible for CIS development, research and procurement. The NCSA is responsible for managing NATO’s network and in-service capabilities for alliance CIS support.
The NCSA has roughly 3,400 personnel; 85 percent of them are active military. Its main mission is to provide secure end-to-end communication services, which Gen. Wolf describes as connectivity between any NATO desktop computer in
Organized across four separate security levels, the NCSA manages a closed NATO secret network that is not connected to the Internet; a NATO-restricted network that can be tunneled through the Internet; a NATO unclassified network providing nearly unlimited Internet access; and mission-secret networks in deployed operational areas. The general explains that mission-secret networks bring in non-NATO partners during an operation.
By centralizing NATO’s CIS services, the agency eliminated the need for 1,000 support positions. The NCSA’s structure and mission also allow it to provide more efficient network security. The general says that centralization also is reflected in the agency’s enhanced technical services and network operations. “We now have far better opportunities to centralize the management of all the elements of the network,” he says.
The NCSA can remotely control all facets of NATO’s worldwide network, such as cryptography management, from its headquarters in
For military exercises and operations, the NCSA is under the direct control of the Supreme Allied Commander, Europe (SACEUR), also located in
Another advantage of the agency’s centralization is that it permits more efficient use of existing posts and qualifications. Assigning personnel to specific tasks can be done more precisely, avoiding duplication of posts and capabilities. This precision is important because some jobs can be performed only at certain locations. Gen. Wolf notes that the NCSA has the most modern financial control system in NATO, and it is based on the agency’s centralized approach. The NCSA also has centralized the alliance’s computer supported budget system, which has reduced personnel billets by some 60 percent through staffing efficiencies.
Centralization also helps training and development. Gen. Wolf explains that a centralized structure is more capable of ensuring standardized training, following a common program, and ensuring that training resources are used in the most efficient way.
“The centralization has the big advantage in that we can utilize the scarce resources NATO has,” says Gen. Wolf. The NCSA only has two battalions under its command to provide strategic-level communications during operations, which limits the number of personnel that can be devoted to an operation. When the NCSA was launched, alliance operational commanders found it difficult to work with this new arrangement because they wanted to have every resource necessary to succeed in their mission.
Over the last three and a half years, the agency has developed a system to provide centralized, flexible communications support tailored to specific missions and operations.
One example of this new capability is the NCSA’s support for NATO troops in
Another difficulty of operating in
But creating a unified communications network within NATO and allied nations remains difficult. Beyond technical challenges, doctrinal differences between the alliance nations must be addressed. The general notes that the difference lies in the readiness of participating nations to share information. “The best communications systems are worthless if the users do not utilize them by fully exchanging the necessary information,” he says, adding that achieving this technical goal lies with NATO’s stakeholders, not his agency.
The general admits that his command does not have enough leverage to affect NATO doctrine and policy concerning CIS services. He explains that the alliance’s CIS support begins with NATO Allied Command Transformation (ACT) or Allied Command Operations (ACO) developing operational requirements. That is followed by a host nation or the NC3A creating a technical solution for the capability, and producing and procuring the solution before handing it over to the NCSA.
The challenge is managing the entire life cycle process as a smooth, continuous, coordinated and controlled effort, says Gen. Wolf. He notes that the major stakeholders involved in managing capability life cycles have formed the NATO Capability Management Board, which serves as the top-level life cycle management organization. The general adds that considerable improvement has been made in this area, but much room for progress remains.
Another area under the NCSA’s responsibility is network defense. NATO began efforts to protect its computer networks after the September 11, 2001, terrorist attacks, says Gen. Wolf. The goal was to develop the alliance’s computer security architecture into an efficient cyberdefense. The general believes that the alliance chose correctly to approach this process from the bottom up by first establishing a technical and operational capability in parallel with developing doctrinal and high-level management capabilities for cyberdefense. The core for NATO’s cyberdefense is the NATO Information Security Technical Centre (NITC), located within the NCSA at
Basing his experience with the NITC on other similar international organizations, Gen. Wolf maintains that the NITC is a state-of-the-art facility. He notes that the results achieved so far in terms of detection, forensic, repair, defense and monitoring capabilities are of the highest quality. “NATO definitely needs a capability like that,” he states.
Gen. Wolf notes that a recent European summit at
The 2007 cyberattack on the Estonian government, a NATO member, demonstrated the need for such an organization. “We have carefully evaluated what happened and have drawn our conclusions. The further development of our capability will see the creation of a closer relationship with the member nations, with the aim to build up a NATO cyberdefense network, because cyberdefense works best and most efficiently if it is centralized, multinational and multi-organizational,” the general says.
Now that the NCSA has been established, Gen. Wolf says he wants to see more reliance on industry standards and best practices. A key feature of this effort is increased centralization and providing additional outsourcing. On the alliance’s operational side, a plan is in place to nearly double the agency’s deployable capabilities while saving manpower in the static organization. On the organizational side, the goal is to develop the NCSA into NATO’s main service provider. This is an important step because the alliance currently is supporting the ACO and the ACT, but there are still several areas of NATO that might benefit from the NCSA’s service capabilities.
The agency’s last goal is to further develop its partnership with industry, which is based on how industry conducts business with NATO and on mutual interest. Gen. Wolf notes that information security is the best example of mutual interest. “Because here we can share—even on a noncommercial basis—new solutions [and] assessments, and provide mutual support. But this is not something dreamed of in the future. This has been good practice now with nearly all of our major vendors during the NCSA’s last three and a half years of existence,” he says.
NATO Communications and Information Systems Services Agency: www.ncsa.nato.int