recommended reading

Report: NATO needs more cyber capabilities

Government officials have warned that cyberattacks are rapidly becoming one of the greatest threats to the United States and its allies, but a new report says the North Atlantic Treaty Organization is still playing catch up.

"NATO's central missions of collective defense and cooperative security must be as effective in cyberspace as they are in the other domains of air, land, sea, and space," concluded a report released by the Atlantic Council on Monday.

While NATO enacted a new cyberdefense policy in June, the alliance now needs to focus on a core set of priorities to make cybersecurity efforts more effective, the report said.

A special worry for the miltary comes from networks controlled by private companies. The Wall Street Journal and Washington Post reported on Monday that the National Security Agency has pushed for greater cybersecurity authority but has been rebuffed by the White House over privacy concerns.

In 2002, NATO started a cyberdefense program, largely in response to cyberattacks carried out when the organization conducted military operations to force Serbian soldiers out of Kosovo in 1999. During that operation, the U.S. military reported a three-fold increase in the number of attacks aimed at defacing its websites.

NATO further expanded its cyber programs after cyberattacks against Estonia in 2007. It must continue that effort to repeatedly update and reinvent its cyber policies and capabilities, Jason Healey, director of the Atlantic Council's Cyber Statecraft Initiative, said at a panel discussion on Monday. But "NATO must be responsible for its own networks before looking to protect member states," said Healey, who helped author the report.

The report's other recommendations include developing standards and minimum levels of cybersecurity for member states; collaboration with the private sector; and treating cybersecurity as a national-security policy problem, not just a technical issue.

In the United States, businesses and government agencies have reported a growing number of sophisticated cyberattacks. In a report to Congress released in November, U.S. intelligence agencies said hackers in China and Russia are stealing large amounts of U.S. technological and trade secrets.

To confront such international threats, new cybersecurity legislation introduced in the Senate would require the U.S. government to collaborate with other countries to protect information networks.

Threatwatch Alert

Stolen credentials

Hackers Steal $31M from Russian Central Bank

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download

When you download a report, your information may be shared with the underwriters of that document.