STUTTGART, Germany — The NATO alliance plans to procure new cyber defense systems to replace aging platforms, with contracts worth tens of millions of euros coming online before the end of 2021.
This program, part of a series of cybersecurity technology refresh efforts being run by the NATO Communication and Information Agency (NCIA), will start in early 2022 and be worth about 27 million euros (or $32 million).
NCIA is looking to upgrade its firewalls, penetration testing tools, and other cyber defense capabilities through this effort. Rebecca Benson, NCIA’s principal contracting officer, described it as “one of the most diverse and complex” of all of the cyber technology refresh programs, which are grouped together under what is called the Capability Package (CP) 120 program.
“The main reason being … that it has multiple cybersecurity systems that we’re going to be refreshing,” Benson said June 16 during the virtually held, annual NITEC Connect conference. “Whatever you name, we have it in there.”
The ideal industry partner would be an integrator with significant experience in design, and in implementing multiple, complex cybersecurity systems across multiple locations, she noted. “They have to be deployable, because we’re talking about the NATO enterprise, not just SHAPE,” Benson said, referring to the Supreme Headquarters Allied Powers Europe, the alliance’s headquarters for allied command operations located in Belgium. “It would be in [the team’s] benefit if they like to travel.”
Per NCIA’s notice of intent to solicit for this cyber security system refresh, the organization will issue a request for quotes (RFQ) by the third quarter of 2021. A single, firm-fixed-price contract is expected.
Meanwhile, NCIA recently completed a new cybersecurity strategy that seeks to establish trust in NATO’s cyber defense capabilities across the alliance, said Sarah Brown, senior scientist at the agency.
The strategy, which has yet to be formalized, includes directives on workforce management and risk management planning, along with providing instructions for security operations and engineering work.
“We want to be seen as a professional service provider, a center of technical excellence, with open communication, and reporting,” Brown said. “From an organizational perspective, that means we need to have clear roles and responsibilities across the different cybersecurity areas, and also a highly skilled workforce, from the staff level all the way to the executive level, in order to deliver on our level of ambition.”
The COVID-19 pandemic hastened NATO’s internal digital transformation, leaders said at the virtual conference. In 2020, classified video conferences increased across the alliance by six-fold, while restricted and non-classified video conferencing increased 20-fold, compared to 2019, said NCIA General Manager Kevin Scheid. Meanwhile, military exercises were conducted virtually, and NATO members had to learn quickly how to continue to operate in a largely virtual, now becoming more hybrid, environment.
“Organizational and cultural change is difficult and often takes a crisis to make it happen,” Scheid said. “The pandemic has forced the alliance to rethink the nature of diplomatic engagements.”
Vivienne Machi is a reporter based in Stuttgart, Germany, contributing to Defense News' European coverage. She previously reported for National Defense Magazine, Defense Daily, Via Satellite, Foreign Policy and the Dayton Daily News. She was named the Defence Media Awards' best young defense journalist in 2020.