US Air Force improves data exploitation with cyber security

The Government of Canada has unveiled plans to establish a Canadian Program for Cyber Security Certification (CPCSC) to bolster cyber security measures and protect Canada’s defence industry from cyber threats.

The programme, expected to introduce mandatory certification requirements for select federal defence contracts by winter 2024, aims to enhance the resilience of supply chains critical to national security and facilitate international procurement opportunities for Canadian suppliers.

Anita Anand, Minister of National Defence, announced the government’s commitment to developing and implementing the cyber security certification programme on behalf of the Helena Jaczek, Minister of Public Services and Procurement.

Working in partnership with Public Services and Procurement Canada, the Department of National Defence, and the Standards Council of Canada, the Canadian government aims to engage with the defence industry and other key stakeholders through upcoming sessions in late 2023 to shape the programme’s development.

According to GlobalData’s “Canada Defence Market 2022-2027” report, Canada has a high-tech and digitized economy, which can be used against the country through cyberattacks by state and non-state actors.

To address the vulnerability of malicious cyber activities, the certification program is seen as imperative to secure critical supply chains. Failure to obtain certification could exclude Canadian suppliers from future international defence procurement opportunities.

Access to US markets 

The CPCSC seeks to alleviate the industry’s burden by pursuing mutual recognition between Canada and the United States. This mutual recognition would enable certified Canadian suppliers to be acknowledged in both jurisdictions.

By establishing trust in the resiliency of Canadian suppliers, the defence industry would benefit, opening doors to procurement opportunities with close allies.

François-Philippe Champagne, Minister of Innovation, Science, and Industry, emphasised the significance of the certification programme for protecting critical supply chains and securing Canadian suppliers’ participation in US defence procurement.

Minister Champagne stated: “With this new certification, we are protecting our critical supply chains and ensuring Canadian suppliers can continue to play a key role in the US defence procurement supply chains as it is critical to grow our industry and to create jobs and prosperity for workers across Canada.”

As part of Budget 2023, the Government of Canada has allocated $25m over three years to establish the CPCSC for defence procurement.

The programme aims to maintain Canadian companies’ access to international procurement opportunities with close allies and partners that require mandatory cyber security certification.

By verifying and strengthening cyber security measures taken by Canadian defence companies to protect their networks, systems, and applications, the programme aligns with Canada’s National Cyber Security Action Plan and National Cyber Security Strategy goals. 

Iceland committed to furthering its cybersecurity capabilities following its accession to formal membership of the NATO Co-operative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, Estonia.

The CCDCOE, established in 2008, is dedicated to bolstering its member states’ cyber defence and cybersecurity capabilities through education, publication, research, and analysis.

During a ceremony held at the CCDCOE, Iceland’s flag was raised to mark its membership, and Harald Aspelund, Iceland’s Ambassador to Estonia, delivered a speech underscoring Iceland’s commitment to cyber defence.

The country’s inclusion brings the total number of member states in the Centre to 39, comprising both Nato member states and partner nations.

“Through our membership of the CCDCOE, we are strengthening information sharing and collaboration with our key partners on cyber defence while increasing our own knowledge and building capabilities at home. 

Our participation is part of our policy to contribute to joint partnerships of NATO, not least in those areas where traditional military capabilities are not of primary importance,” says Thórdís Kolbrún Reykfjörd Gylfadóttir, Minister for Foreign Affairs.

As a member of the CCDCOE, Iceland gains access to expertise and resources in cyber defence. The Centre’s primary functions include providing research expertise, training cyber defence experts, and organising cyber defence exercises. 

Exercising cyber defences 

An international Live-Fire cyber exercise launched in Tallinn in 2022, Nato’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) organises Exercise Locked Shields 2022, the annual largest and most complex international live-fire cyber defence exercise in the world.

Recently, Icelandic experts actively participated in the Locked Shields exercise, showcasing their skills and knowledge in combating cyber threats. Additionally, Iceland looks forward to participating in the upcoming “Cyber Coalition” exercise this autumn.

Membership in the CCDCOE is an achievement for Iceland and aligns with the objectives outlined in the government’s action plan on cyber security, published last year.

As cyber threats continue to evolve and pose challenges to nations worldwide, Iceland’s collaboration with the CCDCOE emphasises the country’s approach to protecting its infrastructure and national security. 

With its membership in the Nato Cooperative Cyber Defence Centre of Excellence, Iceland actively participates in global efforts to combat cyber threats and safeguard its digital ecosystem. 

Iceland has hosted a variety of Nato exercises in its waters. In April 2022, Iceland hosted the Nato exercise Northern Viking, with the US, Norway, France, Germany, Portugal, and other allied nations participating in the defence exercise.

In May, the Nato exercise Dynamic Mongoose brought together fifteen surface ships from ten Nato nations off the coast of Iceland. 

A cyber solutions company that supports the Australian Government, Macquarie, has welcomed the release of the country’s Defence Strategic Review (DSR). 

The company is convinced the DSR demonstrates the strongest indication yet of the importance of cybersecurity to government and defence capabilities. 

The DSR outlines the country’s agenda of ambitious defence objectives. Australia is a key country situated in the Indo-Pacific, a location of intense geopolitical contention between the US and its allies against the People’s Republic of China (PRC). The DSR includes specific directions to defence with immediate effect, while establishing a methodical and comprehensive process for long-term and sustainable implementation. 

The DSR states: “Defence must enhance its cyber domain capabilties to deliver the required responsiveness and breadth of capability to support ADF [Australian Defence Force] operations. 

“This must focus on: integrating the defence and management of defence’s C4 [command, control, communications and computers] networks and architectures; delivering a coherent and, where possible, centralised cyber domain capability development and management function; and building and sustaining a trained defence cyber workforce.” 

Macquarie Government managing director Aidan Tudehope said: “The new regional strategic environment articulated in the DSR underscores the need to include cybersecurity in the defence reform agenda given its horizontal effect across all five military domains, notwithstanding to Australia’s critical infrastructure and systems of national significance.” 

Tudehope adds: “Cyber is a form of power projection which can be used in advance of kinetic attacks, or to cripple critical national infrastructure. It is also a tool of statecraft that is used for coercion, as the DSR has rightly called out. 

“In this context it’s important to call out local industries that are directly supporting defence, including cyber security, ICT and space. When these sectors are strong Australia is less vulnerable to global supply chain challenges and less reliant on our allies and partners for enabling capabilities during conflict. 

Cyber support for sovereign industrial base 

The DSR presents an opportunity for the government and defence to uplift Australia’s sovereign industrial capability, and that doing so will provide national resilience through robust cyber security, data networks, and space capabilities with capacity to scale. 

GlobalData tells us that in response to the growing threat to cybersecurity; companies, nations, and militaries are increasingly adopting a collaborative approach. This involves sharing information with allies on threats and reporting attempted breaches to collectively improve their cybersecurity posture. 

This is a promising direction to integrate the fledgling domain across all defence domains. It will go some way to securing the digital posture of the country amid a highly contested region of the world, where the PRC displays aggressive encroachment tactics against its neighbours.