|Cyber Security Science and Engineering|
|Information Systems Technology|
The ubiquitous application and pervasive use of Information Communications Technologies (ICT) and emerging web sciences is being driven by the so far insatiable commercial demand for global computing, telecommunications and multi-media services. These developments have had a profound impact on both the commercial and military sectors to the point where the majority – if not all – critical functions, networks and systems depend on ICT. Military staffs rely on these infrastructures as well as specialised critical infrastructures and CIS (Communication and Information Systems) to support operations and deliver network enabled capabilities (NEC). The common point, and weakness, is the functional space that such ICT-based infrastructure and systems operate in. Any vulnerability in this cyber space – regardless of its size – can be exposed and exploited.
There is a worldwide lack of talent with respect to cyber security. This has become an issue facing national governments, and raises the question of how to reduce the shortage of cyber security experts and personnel.
Several NATO member states have issued national cyber security strategies identifying the need to spot and develop cyber defence talent and to boost cyber security education. However, current practice of engineering cyber systems as well as techniques and tools for cyber operations are extremely ad hoc and not guided by a coherent body of knowledge comparable to older fields of engineering.
IST-ET-066 and IST-122-RSY-030 recognized that Cyber Security Science forms the foundation for Cyber Security Engineering. They identified the need for action in this area as a high priority issue for national security, but much still needs to be explored to shape this domain and help to define cyber security science and engineering principles.
The main objective of the proposed lecture series is to disseminate knowledge on Cyber Security Science, Cyber Security Architecture and Cyber Security Engineering among researchers and systems engineers in NATO’s member states. There are clear indications that such a series of lectures is timely and will be highly welcomed.
An equally important objective is to encourage further research in this important area for NATO’s future missions. Past IST activities, such as IST-066 "Future Concepts and Tools for Cyber Defence", IST-122-RSY-030 “Cyber Security Science and Engineering" and IST-128-RWS-019 "Cyber Attack Detection, Forensics and Attribution for Assessment of Mission Impact", have shown that an effective network among cyber researchers and scientists in NATO’s member states will be a natural result of this research. This network is a third objective of the proposed lecture series. While preparing this TAP, there has been the rare opportunity to win world-leading researchers in the areas of Cyber Security Science as presenters. A fourth objective of the RLS is to foster and develop a network of informed experts in the field of Cyber Security Science and Engineering and strategic cyber analysis within NATO member states.
• Cyber Security Science
• Identification and elements of Cyber Science that address the volume, velocity, variety and temporal nature of the (big) data
• Steps and processes that define Cyber Security as a science.
• A documented articulation on scope and directions of Cyber Science
• Should Cyber Security Science be considered a System of (complex) Systems?
o Cyber Security (systems) Engineering
o Cyber Security Architecture
• Training specifically for cyber security incident response centre operations.
• Near and long-term academic curricula and certification schemes on cyber security (systems) engineering.