Security Won't Happen From Technology Alone
Many of today's defense policies and military forces are still organized for World War II-type threats, and that doesn't suffice in the age of terrorism, where security and information sharing both have prominent roles. A more collaborative approach is needed, and NATO has to look ahead for emerging challenges in light of a wider risk. The security business is different from the defense business. In defense, the lines of communication and structure are well known, and the supply lines are understood. In security, the market is indistinct; there is no requirement of training, and the face of the customer is elusive. Admiral Sir Ian Forbes, KCB, CBE, and former NATO Supreme Allied Commander, spoke at Technet International in Brussels, Belgium, explaining that the challenges in security are international, but the solutions are national.
Within today's emerging security landscape, NATO is no longer the leading player but is part of an international relationship. This collaborative environment requires that NATO and organizations such as the European Union and the United Nations make their relationship work practically, not just rhetorically or politically.
The NATO Communication and Information Systems Agency (NCSA) is the organization that connects NATO and as such has a significant role in protecting information through information security and cyber defense. Lt. Gen. Kurt Herrmann, GAF, director, NCSA, explained that his organization handles 200 sites, 10 different security levels, six major operations and 100,000 users, providing management, support, delivery and sustainment of information systems. It is essential to ensure a free flow of information, not just technology, the general explained, detailing the importance of more information flow to more collaboration. The organization must stay ahead with not only advanced technology but also proactive policies to provide the most cost-effective solution that doesn't stop the flow of information. The general used a quote he credited to Dr. Gary Hinson comparing security to the brakes on your car....it slows you down, but it also makes it possible for you to go a lot faster.
Throughout the first day of this event, many of the experts emphasized that the most significant security challenges being faced are human ones, not technology ones. If security is too cumbersome, users will find a way around it or will revert back to legacy systems that they are more comfortable with. In light of the growing cyber threat, this is a great concern. The number of cyber attacks increased 60 percent between 2008 and 2009, and the amount of malicious code increased 265 percent in the same time frame, reported Brig. Gen. Murat Ucuncu, chief of information systems division, Turkish General Staff. The security awareness of users as well as network administrators is often a problem too, and organizations must provide training in these areas, he emphasized.