Cyberdefense center will lead in education

The organization, based in Estonia, is aiming to create clear guidelines on cyberattacks for policy makers

The Cooperative Cyber Defense Center of Excellence (CCDCOE) opened in May 2008 in Tallinn, Estonia, to assist NATO with technical, legal and policy issues associated with dealing with cyberwarfare incidents. The 20-person center includes civilian analyst Kenneth Geers, who works for the U.S. Navy's Naval Criminal Investigative Services. Geers, who has been with the center for about a year and a half, spoke about CCDCOE's mission on the opening day of the organization's first-ever Conference on Cyber Warfare on Wednesday.

IDGNS: There seem to be a lot of people from the U.S. here at the conference. Why is that?

Geers: I don't want to say we [the U.S.] are necessarily squared away, but the U.S. has been doing this for a while. If you look at the major exercises -- the cybersecurity exercises done in the mid-'90s -- I think the U.S. is definitely looked at as a leader in this field.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

The Cooperative Cyber Defense Center of Excellence (CCDCOE) opened in May 2008 in Tallinn, Estonia, to assist NATO with technical, legal and policy issues associated with dealing with cyberwarfare incidents. The 20-person center includes civilian analyst Kenneth Geers, who works for the U.S. Navy's Naval Criminal Investigative Services. Geers, who has been with the center for about a year and a half, spoke about CCDCOE's mission on the opening day of the organization's first-ever Conference on Cyber Warfare on Wednesday.

IDGNS: There seem to be a lot of people from the U.S. here at the conference. Why is that?

Geers: I don't want to say we [the U.S.] are necessarily squared away, but the U.S. has been doing this for a while. If you look at the major exercises -- the cybersecurity exercises done in the mid-'90s -- I think the U.S. is definitely looked at as a leader in this field.

IDGNS: What do you do at CCDCOE?

Geers: I'm trying to look at how to do cyberdefense better and cybersecurity from an analytical perspective. I'm not a coder. Basically, I'm an analyst in a cybersecurity shop. That looks a lot like trying to articulate this problem to decision makers and managers and readers whether they're in the national security community or outside. This event is a good example of, I think, a contribution that is largely for everyone.

IDGNS: Could you describe what the CCDCOE is doing on the legal and policy sides?

Geers: Our next conference in September will be specifically cyberlaw. Government and militaries and intelligence organizations can't by law do anything that has not been approved and told they can do. Cyber is a challenging environment because it's relatively new. It's relatively mysterious. You can't see it. It's one of those intangible things. For lawyers I think as well as everyone else, the cybersecurity challenge to a certain extent goes back to things that the center I think is going to be quite good at, which are definitions and concepts. Nobody can even decide what a computer network attack is, and it's nice to look at it from a national security perspective.

IDGNS: You mentioned that NATO had given the center 50 tasks to do. What are those?

Geers: I think there were 19 that basically were evaluated by the center to help describe our 2009 program of work. Now we've just received 30 that we should consider for our 2010/2011 program of work. And I can describe them generally. Those fall into at least three categories. One is concept, strategy and doctrine development and clarification. This conference is a great example of that.

We're trying to make progress on understanding the discipline and clarifying it for decision makers, policy makers, lawyers and militaries as well. Another big set of them are tech support. Operational elements within militaries and production networks within business -- they don't have time usually for the kind of work that we might do at the center -- it would be more like a university would do.

IDGNS: What kind of educational courses will CCDCOE offer eventually?

The IDG News Service is a Network World affiliate.