NATO’s Sense of Purpose on Cybersecurity Impresses Lynn

BRUSSELS, Bel­gium, Sept. 15, 2010 — Deputy Defense Sec­re­tary William J. Lynn III said today he is encour­aged by the sense of pur­pose on cyber­se­cu­ri­ty he has found dur­ing his vis­it to NATO and the Supreme Head­quar­ters Allied Pow­ers Europe.

Lynn told reporters at a media round­table here that he is encour­aged by the response he’s received from NATO mem­bers to his pre­sen­ta­tion on cyber­se­cu­ri­ty yes­ter­day before the alliance’s North Atlantic Coun­cil. The coun­cil is made up of the ambas­sadors to NATO from the 28 mem­ber nations.

“It seemed to me to be broad­ly held that NATO needs to make a strong com­mit­ment in this area,” he said, “and I was impressed with that sense of pur­pose.”

Lynn stressed the need for col­lec­tive defense in cyber­space and said that NATO is the per­fect plat­form to com­bat this threat. He spoke to the coun­cil as the body is work­ing on the strate­gic con­cept that lead­ers will dis­cuss at a Novem­ber sum­mit in Lis­bon, Por­tu­gal, where alliance heads of state will decide NATO’s key pri­or­i­ties.

The alliance under­stands the need for cyber­se­cu­ri­ty, Lynn said, and already is mov­ing in that direc­tion. The NATO Cyber Inci­dent Response Cen­ter has stood up, he not­ed, and there are plans to bring it to full oper­a­tional capa­bil­i­ty.

“They are in dis­cus­sions on what the right oper­a­tional con­cepts should be in regard to the broad­er NATO reform effort,” he said, “but I am quite con­fi­dent that we will see the right orga­ni­za­tion­al struc­ture to address cyber issues post-sum­mit.”

Com­ing out of the sum­mit, Lynn said, he would like to see a high-lev­el com­mit­ment to cyber­se­cu­ri­ty as a pri­or­i­ty for the alliance. He would also like to see progress in the orga­ni­za­tion con­structs that address this threat, he added, and he would like to see growth in capa­bil­i­ties.

The deputy sec­re­tary addressed the nature of what col­lec­tive defense means in the cyber are­na.

“The con­cept of col­lec­tive defense doesn’t mean you open your net­works to every oth­er user,” he said. But it does mean that mem­bers share infor­ma­tion about attacks and reme­dies.

“We mon­i­tor activ­i­ties on our net­works, and we see threats of dif­fer­ent types,” he said. “In a col­lec­tive defense envi­ron­ment, you share what you see of those threats with your allies. If you devel­op patch­es or respons­es, you share that as well. It doesn’t have to mean that your net­works are all linked togeth­er.”

The alliance depends on infor­ma­tion tech­nol­o­gy and net­works, as all West­ern mil­i­taries do. NATO has joint net­works that all allies share, Lynn not­ed, and that is anoth­er argu­ment for good cyber­se­cu­ri­ty.

“What you have to wor­ry about is that the infor­ma­tion on the joint net­work is sub­ject to the low­est lev­el of secu­ri­ty of any of its com­po­nents,” he said. “So you are try­ing to raise every­body up, but it’s more to pro­tect the infor­ma­tion that is shared joint­ly, and the col­lec­tive defense con­cept is more shar­ing the threats so you are able to antic­i­pate them more.”

The alliance is also look­ing at reform­ing its inter­nal orga­ni­za­tions, the deputy sec­re­tary said, adding that he believes cyber­se­cu­ri­ty will gain in promi­nence as the process moves for­ward.

U.S. Depart­ment of Defense
Office of the Assis­tant Sec­re­tary of Defense (Pub­lic Affairs)

More news and arti­cles can be found on Face­book and Twit­ter.

Fol­low on Face­book and/or on Twit­ter