Cyberspace is understood as the fifth domain of warfare equally critical to military operations as land, sea, air, and space. Success of military operations in the physical domains is increasingly dependent on the availability of, and access to, cyberspace. The armed forces are reliant on cyberspace both as a user and as a domain to achieve defence and security missions.
The Cyber Security Strategy for the European Union, released in February 2013 and endorsed by the Council in June 2013, emphasises that “cyber security efforts in the EU also involve the cyber defence dimension". Cyber security is also one of the priority actions underlined by the EDA's Capability Development Plan.
The Cyber Security Strategy for the European Union, which was released in February 2013 and endorsed by the Council in June 2013, emphasises, “Cyber security efforts in the EU also involve the cyber defence dimension.” Consequently, the European Council adopted a “Cyber Defence Policy Framework” in November 2014, highlighting five priorities:
- Supporting the development of Member States' cyber defence capabilities related to CSDP;
- Enhancing the protection of CSDP communication networks used by EU entities;
- Promotion of civil-military cooperation and synergies with wider EU cyber policies, relevant EU institutions and agencies as well as with the private sector;
- Improve training, education and exercises opportunities;
- Enhancing cooperation with relevant international partners.
The Agency is active in the fields of cyber defence capability development and in Research & Technology (R&T). In accordance with the 2014 Capability Development Plan Revision the focus lies on:
- Supporting member states in building a skilled military cyber defence workforce.
- Ensuring the availability of proactive and reactive cyber defence technology.
Training & Exercises
Following a structured cyber defence training need analysis, which is expected to be updated soon, EDA develops, pilots and delivers a variety of cyber security & defence courses from basic awareness over expert level to decision maker training. This is accompanied by exercise formats for comprehensive cyber strategic decision making and cyber defence planning for headquarters. In the future, pooling and sharing of training and exercises will be facilitated at European level by an EDA developed collaborative platform, the Cyber Defence Training & Exercises Coordination Platform (CD TEXP).
The “Demand Pooling for the Cyber Defence Training and Exercise support by the private Sector” (DePoCyTE) project is currently under preparation. It aims at improving participating Member States’ access to relevant cyber defence courses provided by the private sector in a cost-effective way. The project is designed to support the development of a common European cyber defence culture.
Member States’ collaborative project ideas include the increasing mutual availability of virtual cyber defence training and exercise ranges (Cyber Ranges) for national cyber defence specialists training. The ranges are multi-purpose environments supporting three primary processes: knowledge development, assurance and dissemination. Accordingly, a federation of ranges may leverage three complementary functionality packages: Cyber Training & Exercise Range, Cyber Research Range as well as Cyber Simulation & Test Range functionalities.
Cyber Situation Awareness
EDA is currently also working on cyber defence situation awareness for CSDP operations and how to integrate cyber defence in the conduct of military operations and missions. Together with the EU Military Staff, the Agency actively contributes to the cyber defence focus area of the US-led Multinational Capability Development Campaign. The aim of the deployable Cyber Situation Awareness Package (CySAP) for headquarters project is to integrate these functions and to provide a common and standardised cyber defence planning and management platform, that allows Commanders and their staff to fulfil cyber defence related tasks in their day-to-day business.
Advanced Persistent Threats (APT) Detection
Governments and their institutions are among the most prominent targets for APT malware, mostly aiming at cyber espionage. Intrusions are either discovered too late or not at all. Early detection is crucial for a concept to properly manage the risk imposed by APT. After a very successful feasibility demonstrator EDA is leading a follow-on project with a group of interested Member States to develop an even more capable solution as an operational prototype.
Digital Forensics for Military Use
The collection and evaluation of digital evidence in a military context becomes more and more important, in order to learn lessons from previous attacks (Post-Mortem Analysis), to attribute attacks to perpetrators, to harden military information infrastructures and to improve online analysis capabilities (Ante-Mortem Analysis). The EDA project for a Deployable Cyber Evidence Collection and Evaluation Capacity (DCEC2) develops a technical demonstrator for a digital forensics capability for the military that specifically responds to the requirements of deployed military operations, such as force protection, agility and rapidity.
Cyber Defence Strategic Research Agenda (CSRA)
Cyber security technologies are relevant to both the civil and the military domain (“dual-use”). Considering on-going and future civil research, for example within the EU Research Framework Programmes, and the high resilience required in defence, it will be crucial to precisely target research & technology (R&T) efforts on specific military aspects. The CSRA is considering these aspects and will include a R&T roadmap for the coming years. It will be part of an Overarching Strategic Research Agenda (OSRA) for the military and will be aligned and delineated with other research agendas in the cyber security & defence domain. Coordination of research projects with other EU stakeholders such as the European Commission, the European Space Agency and the European Cyber Security Organisation is also implemented.