Nixuan in Estonia: A Closer Look at NATO CCDCOE and Foundation CR14

Let me try to pass inspiration to you.

Companies change frequently – There are changes in systems, processes, vendors, and employees’ roles. We hire and fire, replace and make changes, and it is tough to maintain overall security and compliance as cyberattacks increasingly get more advanced and severe.
Nations and companies constantly need to stay on their toes. We easily suffer from security and compliance fatigue.

Recently, I visited different entities in Estonia, and each visit was highly relevant when discussing cyber resilience, national security, and risk management.

Together with a Danish delegation, I was invited to visit CCDCOE – The NATO Cooperative Cyber Defence Center of Excellence and CR14. Both of which you might never have heard of, but I promise you that what they do, is highly interesting for both national and corporate security.

So, what is the center all about? CCDCOE works independently from NATO, and companies, universities, and states can approach them for cooperation in order to develop enhanced capabilities for conducting cyber operations. As the center’s unique role is to address cyber threats as a coalition, CCDCOE plays an important and great role in filling the need to help its member nations, face cyber threats. It is impressive to see the magnitude of competencies, resources, and tasks.

CCDCOE works together with the nation-state members, sharing expertise, and learning from one another, helping to improve the protection of citizens, infrastructure, and critical assets from cyber-attacks. It should inspire us all to think about how we cooperate and build our defense.

CCDCOE works closely together with CR14, and thereby, it gets even more interesting. We visited the Foundation CR14, established by the Ministry of Defence of Estonia, which is based on over ten years of military-grade cyber range experience in cybersecurity training, exercises, testing, validation, and experimentation. We were shown CR14’s “Exercise -room” and presented with their Cyber Range. It is a unique software-based virtual environment used for cybersecurity training and the development of dual-use innovative technologies using cyberspace. It covers exercises also based on G5, for critical and important infrastructure, maritime, and soon satellites as well. The interesting part is that this is not only for Estonian companies and entities but also other European public and private organizations that can book relevant exercises.

CCDCOE aims to strengthen cooperation between military-civilian and public-private entities, recognizing that we need to join forces. At Nixu in Finland, we already participate in national exercises and provide knowledgeable and professional consultants to the exercises on a frequent basis to enforce Finnish national security.

It is important to train in new scenarios all the time. For that purpose, CCDCOE developed Locked Shields, the world’s largest live-fire cyber defense exercise. Locked Shields is among the first to conduct the offensive cyber exercise Crossed Swords. Their expertise is exemplified through initiatives such as mapping the cyber threat landscape and providing expert advice to member nations through publications like the Tallinn Manual and Cyber Commanders’ Handbook. These are must-read publications.

Mentioning Locked Shields, Nixu actually had employees participating in the cyber exercise last year, where Finland won.  
I would encourage us in Denmark at the company, national and international level to conduct and participate in exercises that will increase our competences, awareness, and robustness.

The presentation at CCDCOE, which recently celebrated its 15 years anniversary, was brilliant and very inspiring. Now Ukraine, Iceland, Japan, and Ireland have joined CCDCOE as well.
It was also very interesting at CR14 to hear how they cooperate with CCDCOE. NATO has its own Cyber Range platform, but CR14 serves the development of NATO’s capacity in cyber defense exercises and training, such as the Cyber Coalition and the Coalition Warrior Interoperability Exercise (CWIX)

Countries like Denmark have yet to establish that level of cooperation between military-civilian and public-private entities but joining forces would strengthen national resilience. Hence, it should be considered as international hybrid warfare increases and human resources and know-how become harder to find.

International universities have been cooperating with CCDCOE for many years, and it helps in driving knowledge, preparedness, and excellence.

Nixu conducts cybersecurity drills for crisis management and incident response, and if you feel inspired but do not exactly aspire to approach NATO’s Cooperative Cyber Defence Center of Excellence, you can reach out to Nixu to be as prepared and resilient as possible. Let's have a chat. We at Nixu are ready to help you and see how your organization can get tailored drills, workshops, exercises, e-learning, games, tabletop training, and continuous awareness and culture improvement.

Find the organizational maturity and security level. Ask questions like:

• Is your organization ready to handle cybersecurity incidents?
• Does everyone know their place, role, and responsibilities? Will they meet the demands during an overview when “the heat is turned up”?
• Do you have a backup for everything?
• Do all your systems generate the necessary and relevant logs?
• Have you configured your security solutions optimally?
• Do you have an ISMS or a SOC team to turn to?
• Is there a plan for what to do if you suddenly lose a key employee/manager?
• Is there a plan for handling authorities and preventing fines?
• For how long can your organization be down, if at all?
• Where do you get help, and is it actually available when you need it?
• What are the SLA’s response obligations?
• Is all your documentation in place and up to date? Do employees have access to and know how to use the documentation?
• How is the communication running in your organization during crises?
• How do you handle privileges and access during crises?
• How do you handle the media?

These and many more issues can be touched upon when working to reveal unwanted weaknesses in an organization, and you will come out stronger, more prepared, and more resilient on the other side.

Remembering cybersecurity and compliance is a journey, not a destination.
Stay safe.