NATO, as the face of an allied Europe, faces a categorically different class of cyberthreats than nearly any other organization. Over the last several years, the alliance’s Cooperative Cyber Defense Centre of Excellence has been progressively building a network of threat intelligence partnerships that spans multiple prominent U.S. firms, including Cisco and Symantec. On Thursday, NATO signed on another partner, a firm uniquely position to provide both technical and human intelligence about hackers: FireEye.
To predict cyberattacks, find vulnerabilities, better understand targeting and ultimately build a better defensive strategy, NATO enters into bilateral information sharing programs with corporate powers. The firms provide these intel feeds — highly complex scanning systems worth thousands of dollars, typically sold on a subscription basis — to NATO free of charge. In turn, partnered contractors get a rare look into the cyberattacks hitting NATO in realtime, said spokesperson Michal Olejarnik.
“NATO will interface through our Information Security Operations team and Threat intelligence Relationship manager not directly through our research analysts. This agreement will improve information sharing efforts via formalized relationships that we will explore and utilize to ascertain what data is available to fill gaps at NATO in their threat posture picture and vice versa for FireEye,” said Tony Cole, FireEye global government chief technology officer.
The FireEye contract is limited to a two year period, upon which the contract will be reviewed for potential renewal, said NATO spokesperson Michal Olejarnik. Acceptance into the program has no impact on decisions made by NATO’s technology acquisition and development offices, said Olejarnik.
The partnership between FireEye and NATO was unveiled Thursday at a D.C.-based hotel, with NATO Communications and Information Agency General Manager Koen Gisjbers shaking hands on stage with FireEye executives Tony Cole, John Watters and Pat Sheridan. The move represents NATO’s ninth such partnership and it comes at a time when the organization’s more than 200-person cyber-defense unit is preparing to invest upward of $70 million in new capabilities.
“If we are going to move faster than the cyberthreats we face, then it is absolutely imperative that we exchange timely and actionable threat information with industry,” Gijsbers said. “Our existing [Industry Partnership Agreements] have already shown impressive results that are making a real difference to [NATO] and our industry partners. FireEye’s depth of expertise from responding to many of the largest cyber-breaches in the world will be very valuable to the IPA framework, and we look forward to a productive partnership.”