Safer together
MN CD2 was created in 2013 after five NATO Member countries – Canada, the Netherlands, Romania, Denmark and Norway - decided to join forces, leveraging on their respective expertise to improve their cyber defences.
"The principle of MN CD2 is that instead of Nations taking on the R&D [Research and Development] themselves, they share it with other Nations, so that they benefit from economies of scale," Ms Parmar noted.
It's a much cheaper and quicker process for them."
Three of the MN CD2 founding Nations approached the NCI Agency seeking to develop a cyber intelligence sharing platform.
"Canada, the Netherlands and Romania quickly found that they shared common interests.
"So we spoke to the Nations, and established what they wanted or needed to develop a single tool that would suit them all, that's how CIICS came about.
The Nations came to the Agency because of our technical skills and our access to expertise from 28 Member Nations.
So it's not just the financial benefit of the partnership, it's also about collaborating, sharing knowledge and best practices.
The advantage of approaching a project this way is that we get a mature tool much quicker.
Within month of gathering information on each Nation's requirements, we deployed a first work package.
Nearly four years on, we're on our fifth work package, we have a mature tool, three countries are using CIICS – soon six – and CIICS has been deployed on a trial basis to NCIRC TC (NATO Computer Incident Response Capability Technical Center) this week… It's a success story."
Constantly evolving technology
Ms Parmar remarked that being able to develop state-of-the-art technology quickly is essential to maintain strong and resilient cyber defences.
"When we sat down with Canada, they told us that they were interested in information sharing but they also wanted a tool to manage cyber-attacks… That's how the cyber incident management part of CIICS was born.
Within the envelope of money we were given, we managed to provide them with both.
And we're constantly enhancing CIICS, speaking to our community of users, adapting to new requirements.
Once the capability has been created, these Nations become torch carriers, they make the capability available to other Nations and encourage them to come on board."
Expanding the cyber defence coalition
MN CD2 is open to all NATO Nations, while partner Nations must receive approval from the project's board to join.
So far, other nations such as Poland, Germany, the United Kingdom and Switzerland have expressed an interest in CIICS, but no formal agreements are in place yet.
Sarah Brown, CIICS Technical Lead at the NCI Agency, remarked: "CIICS proved its value when it was used by Nations in Cyber Coalition, one of the world's largest cyber defence exercise, as it enabled them to operate as a coalition, defending networks together.
This showed that CIICS can be of great benefit to the Alliance, helping forces communicate, train and operate better together in a Federated Mission Networking (FMN) environment."
Mr Arnold Colijn, Senior Innovation Project Manager at the Dutch Ministry of Defence, noted that the tool has been extremely beneficial to the Netherlands.
"The CIICS project is a meaningful project to our Nation, because it shows that capability-development with a few contributing NATO Nations can lead to an affordable capability.
CIICS as a system is designed to support (inter-)national coordination on cyber incidents and on cyber information sharing and thereby leverages the possibility that Nations will really work together on cyber defence.
We hope that the introduction of CIICS leads to a system that is used by all NATO Nations, supported at the NATO Secret level and used as one of the data-sources for creating overall Cyber Defense Situational Awareness."