NATO Launches Cyber Acquisition Reform Study

NATO Allied Command Transformation and the NATO Communications and Information (NCI) Agency launched yesterday an independent project to research options for streamlining NATO’s cyber capability development and acquisition processes. The final report from RAND Corporation is due in January.

The project will define the challenges NATO faces in adjusting its cyber development and acquisition processes and will offer recommendations to address them. The study supports decisions made at this year’s NATO Summit in Warsaw, Poland, to strengthen the alliance’s cyber defense. It will result in a final report, “Improvement of NATO Cyber Capability Fielding Process,” which will include an analysis of current NATO policies, processes and practices along with short- and long-term recommendations designed to enhance innovation, engagement with industry and academia, requirements identification and solution acquisition.

“Innovation is vital for NATO to keep its technological and operational edge, and this extends to our cyber acquisition process,” Lt. Gen. Jeffrey Lofgren, USAF, deputy chief of staff for capability development at NATO’s Allied Command Transformation, said in a written announcement. He added that NATO needs a revised acquisition process that “delegates authority, manages risk as opposed to eliminating it and rewards quick delivery,” and he described the RAND study as “unprecedented in scope” and a “critical step toward achieving those aims.”

NATO officials have recognized cyberspace as the fourth operational domain, along with land, sea and air, and they have pledged to ensure the alliance keeps pace with the fast evolving cyber threat landscape. NATO plans to invest around 70 million euro (nearly $77 million) in a cyber technology refresh over the next three years, with the NCI Agency responsible for the acquisition.