Title :
Rationale and blueprint for a cyber Red Team Within NATO: An essential component of the alliance´s cyber forces
Author_Institution :
C3 Agency, Cyber Defence & Assured Inf. Sharing, NATO, The Hague, Netherlands
Abstract :
This paper provides the rationale and blueprint for a “cyber red team”, a dedicated military capability whose objective is to improve the cyber defence of the Alliance through the controlled execution of cyber attacks. These cyber attacks would be specifically designed to achieve three goals. The first goal is to assess the effectiveness of the existing security measures in providing mission assurance, at both the technical and procedural levels. The second goal is to demonstrate the possible impact of these cyber attacks to senior management and key stakeholders. The third goal is to improve the cyber security staff´s ability to detect and respond to cyber attacks by exposing them to realistic, unannounced attacks in their specific working environment. Details of the proposal cover governance, command and control, modus operandi, organizational structure, skills and experience required for team members as well as recommendations for personnel selection. It also identifies a number of controls that would address concerns related to its implementation.
Keywords :
command and control systems; personnel; security of data; Cyber attacks; Cyber red team; Cyber security staff; NATO; North Atlantic Treaty Organization; alliances Cyber forces; blueprints; command and control; modus operandi; personnel selection recommendation; senior management; Artificial neural networks; Humans; Measurement uncertainty; Organizations; Security; Testing; Training; NATO; assessment; cyber attack; cyber defence; cyber forces; demonstration; red team; training;
Conference_Titel :
Cyber Conflict (ICCC), 2011 3rd International Conference on
Conference_Location :
Tallinn
Print_ISBN :
978-1-61284-245-5
Electronic_ISBN :
978-9949-9040-3-7
