Under the motto “Our cybersecurity, a strategic capital”, Grupo Edefa organized an event at the Army War School that summarizes the great challenges of the joint command of cyberspace of the Spanish armed forces.
Live broadcast via streaming, the speakers, experts with knowledge of the current cybersecurity panorama from the defense and private sector perspective, analyzed the current scenarios, the new goals and the strategies that can be viewed from different perspectives in order to react to the vulnerabilities that exposed to both public and private infrastructures and companies or public bodies, as was the case with the computer attacks in Spain over the past month and a half.
After the welcome speech and an initial approach by the Director of the School of War, General Eduardo Diz Monje, President of TEDAE, Ricardo Martí Fluxá, addressed the skills that private sector companies can contribute to the different needs of the environment, Major General Rafael García Hernández , Commander of the Cyberspace Joint Command, opened the first table of the event, revealing the command’s missions, structure and challenges. Cyberspace is a common global space that is characterized by its functional openness and dynamism. The lack of sovereignty, its weak jurisdiction, the ease of access and the difficulty of mapping the actions taking place within define a scenario that offers innumerable opportunities for the future, although it also poses serious security challenges. The Joint Command of Cyberspace plans, directs, coordinates, controls and carries out military operations in cyberspace and in this area the measures necessary to ensure the survival of the physical, logical and virtual elements necessary for the defense and the armed forces are vital.
The general insisted that in military operations it was important to ensure the freedom of action of the command and control systems themselves and deny them to the enemy, to the point that nowadays an isolated electromagnetic operation cannot be performed without support in the cyber environment or on the Internet A command and control system that is not protected from computer threats can be designed. For General García Hernández, “cybernetic actions do not differentiate between times of peace and times of war”, emphasizing that “cyberspace is an ideal field for hybrid actions that are not really war” to the point that we are traditional nowadays Paradigm of escalation of the conflict that is no longer valid. In the near future, when operations will take place in a multi-domain environment where everything is interrelated, control of cyberspace will be essential to operate in the remaining areas. He emphasized that those who dominate cyberspace and restrict the opponent’s freedom of action will dominate the competition.
After him, Colonel Francisco Palomo Pérez, commander of the Cyberspace Operations Force, recalled the series of attacks that Spanish public organizations have suffered recently. He highlighted the impact of these attacks on the service, loss of information, loss of prestige or violation of national or European regulations. The speaker explained the types of operations that can be carried out in cyberspace, from defense missions to protect one’s own networks to preparation for the attack and situational awareness that enables real-time decisions. In his talk, he emphasized defensive actions, but valued that of defensive response, neutralizing the attack, beyond his discovery, developing offensive actions as a timely, legitimate and proportionate response to an attack.
Lt. Col. Julio Damián Peñas Artero, Second Chief of the Headquarters for Cyber Defense Systems, explained the wide range of missions of the Headquarters and put on the table the need for the armed forces to outsource certain tasks or services that require skilled civilians or civilians are difficult to cover within the military.
The industry is facing cybersecurity challenges
The second round table of the event was organized with presentations from the private sector, starting with Jorge Maestre Vidal, Indra’s Senior Cyber Defense Specialist, followed by Colonel (R) Fernando Acero Martín, Global CISO of Grupo Oesía, who presented the current needs for the so-called battle cloud, the military equivalent of the ?? Cloud ?? civil.
Indra’s expert dealt with the situational awareness of cyberspace, which focused on the mission as a cross-sectional need in modern military operations. Maestre highlighted how the integration of situational awareness at the mission level leverages risk identification, management and assessment, decision making, simulation and planning of operations in multi-domain environments. Ensuring mission-level transversal defense capabilities is key to being successful in gaining situational awareness, he recalled, revealing Indra’s approach based on his experience with the MCCE and the European Defense Agency, as well as cyberspace awareness services, the Integrated into Indra are products that highlight the Indra Cyber Range, the latest domestic military solution that offers the armed forces training, assessment and exercise opportunities in the field of cyberspace.
The Global CISO of the Oesía Group, Fernando Acero, dealt with the battle cloud, an operating concept developed by the US Air Force in 2016, which is defined as a “mesh” network. of general use for the distribution of data and the exchange of information within a battlefield and that goes well beyond a civil or business cloud, must be resilient, redundant and resilient, but there are still many technological challenges to be faced, one of which is management The obsolescence of the equipment in use is critical. It defends the design and use of computer systems for military applications that are not directly based on civilian COTS equipment, with a longer lifespan and less need for updating. Communication equipment is key to make this cloud work, hence the relevance of the proposal by Tecnobit Grupo Oesía, based on the software-defined radio TGor.
Finally, Claudio Chifa, Director General of DLTCode, put on the table the new threats to the privacy of the information or the malicious or at least unknown uses that result from the more or less easy availability of large amounts of personal information, for example from mobile phones, social networks and other channels through which specialized companies or malicious users can determine patterns of behavior. The company has developed various projects focusing on SIGINT & ADINT for tracking detection, API for fraud detection and account security, OSINT process automation and reporting, active wiretapping detector and custody chain, continuous monitoring of assets and vulnerabilities, and cyber risk assessment for cyber insurance companies . Chifa also highlighted the concept of sovereignty related to cybersecurity: national, military, state, and digital sovereignty, understood as the ability of a state to produce or manage the technology needed to operate without the need for third parties. The infrastructure and technology for information, data and communication must be aligned with the laws, needs and interests of the country in which the users are located.
After the tables moderated by Alfredo Leonard and Lamuño de Cuetos, an interesting discussion forum took place that brought the day to a close.
The content of the event was permanently open for viewing in this video:
Photo: (from left to right) Jorge Mestre (Indra), Lieutenant Colonel Peñas, Colonel Fernando Acero (Tecnobit-Grupo Oesía), Major General Rafael García Hernández, Eva Cervera, Director of the War School (General Eduardo Diz), Eva Álvarez del Manzano, Alfredo Leonard, Claudio Chifa (DLTCode) and Colonel Palomo
Copyright © Grupo Edefa SA Reproduction, in whole or in part, of this article is prohibited without permission and prior authorization from the publisher.