Croatia in Elite Shield of Cyber Defence

The Ministry of Defence of the Republic of Croatia is in the process of joining the NATO Cooperative Cyber Defence Centre of Excellence. Croatia will benefit from the membership by gaining access to courses, publications, documents, curricula, forums for exchanging experiences, lessons learnt, etc. In fact, the membership will affect Croatia’s entire cyber defence system, i.e. it will greatly enhance the Croatian society’s resilience to cyber threats
A scene from a hall at the CCDCOE in Tallinn during Locked Shields 2018, the world’s largest international cyber defence exercise (Photo by CCDCOE)

The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) is an accredited multinational and interdisciplinary centre of excellence for cyber defence. It was founded in 2008 and its headquarters are in Tallinn, Republic of Estonia. The CCDCOE engages in research in four core areas: technology, strategy, operations and law in cyberspace. Researchers, analysts and lecturers at the CCDCOE hail from military, governmental organizations, academia and industry. The CCDCOE is manned by experts from 24 allied and two partner countries. Croatia is soon to join them, as announced by the Head of the Croatian MoD’s Independent Sector for Information and Communications Col. Bruno Bešker. The association process is on-going. It was preceded by a letter of intent that Croatia’s MoD had sent to the CCDCOE in mid-2018 and began with the drafting of a note of joining, which is in the process of being signed by all countries that have already joined the CCDCOE. Afterwards, the Ministry of Defence of the Republic of Croatia will become a full-fledged member, with Croatia acquiring the status of a sponsoring nation. The final step will be the signing of two memorandums of understanding, NATO CCDCOE Operation and NATO CCDCOE Functional Relationship. After acquiring the status of a sponsoring nation, Croatia will have to pay an annual membership fee, with the amount of its contributions depending on the number of people it will deploy to the CCDCOE. The country’s MoD has already deployed Capt. Tomislav Žarinčić of the Cyber Command to the CCDCOE. Aside from the functions he will perform at the CCDCOE, Captain Žarinčić will also serve as liaison officers linking interested parties from the Croatian MoD and military (and beyond) with the CCDCOE.

The quickest way one can attain resilience to cyber threats is by investing into education, training, exercises and research – just the thing that the CCDCOE offers (Photo by MLADEN ČOBANOVIĆ)

Knowledge Sharing

“The Ministry of Defence of the Republic of Croatia can reap numerous direct or indirect benefits from being a member of the CCDCOE. For instance, the presence of a Croatian officer at the CCDCOE will provide Croatia with direct insight into the development of curricula in the domain of cyber defence. Furthermore, by accessing the CCDCOE, Croatia’s MoD is granted a free spot in all of its courses as well as access to the results of research studies carried out by the CCDCOE. The greatest benefit might be the sharing of knowledge, ideas and lessons learnt among the countries represented in the CCDCOE,” explains Colonel Bešker.

Another person heavily involved in the accession process is Col. Vladimir Štimac, head of the Department for Security and Surveillance of Information Systems in the Croatian MoD’s Independent Sector for Information and Communications. Colonel Štimac emphasizes that the authority and jurisdiction of the CCDCOE are broad, but clearly defined. “Since 2018, the CCDCOE has been responsible for identifying and co-ordinating educational and training solutions that will serve the cyber defence of NATO’s bodies. NATO’s Allied Command Transformation (ACT) has awarded the CCDCOE with an unconditional quality assurance accreditation for providing NATO’s staff and partner states with high-quality education and training. Moreover, NATO runs courses of diverse formats in multiple locations and these courses cover a wide range of topics from the technical, legal, strategic and operational domains of cyber security,” points out Colonel Štimac. Of individual activities conducted by the CCDCOE that CROMIL has already written about, the most memorable one is the international cyber defence exercise Locked Shields, the world’s largest and most complex exercise of that kind. “It has been taking place annually since 2010. Over the years, it has grown significantly, thus simulating the complexity of great cyber incidents. Along with the defence of common IT and military systems as well as critical infrastructure, cyber safety experts can practice strategic decision-making as well as legal and media communication through it,” describes Colonel Štimac.

Researchers, analysts and lecturers at the CCDCOE hail from military, governmental organizations, academia and industry (Photo by CCDCOE)

Enhancing Resilience

Among other activities, the CCDCOE organizes the annual International Conference on Cyber Conflict (CyCon), an important event for researchers who conduct studies in the domain of cyber security. The CCDCOE is also involved in the application of international law in cyberspace. One of its best known, internationally recognized achievements in research is Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations. The manual was written by experts from the CCDCOE, internationally acknowledged professors of legal sciences from multiple countries, legal advisers from over 50 countries and other partners. The first edition of the manual from 2013 was expanded in 2017 with a legal analysis of the most common cyber incidents that member states encounter on a daily basis.

Colonel Bešker says membership in the CCDCOE will affect Croatia’s entire cyber defence system, i.e. it will greatly enhance the Croatian society’s resilience to cyber threats. “At the moment, the quickest way one can attain resilience to such threats is by investing into education, training, exercises and research – just the thing that the CCDCOE offers. Membership will help us quickly attain knowledge, skills and a critical mass of personnel so that we could safely use cyberspace, adequately respond to threats stemming from it and raise awareness in our entire staff,” says the head of the Croatian MoD’s Independent Sector for Information and Communications emphatically.

In recent months, the Cyber Command was constituted within the Croatian Armed Forces, personnel of the Croatian MoD and military took part in several domestic and international cyber defence exercises and a number of acts and documents related to cyber defence have been adopted on the level of the whole country and individual ministries. Membership in the CCDCOE is yet another factor that will ensure the readiness of the Croatian defence and security system for the so-called fifth dimension of warfare, if the need should call for it.

Flags of sponsoring nations in front of the headquarters of the CCDCOE in Tallinn. Soon, the Croatian flag will be amogn them (Photo by CCDCOE)

Member States of the CCDCOE

Austria, Belgium, Bulgaria, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Spain, Sweden, Turkey, United Kingdom, United States of America.

Private photo

Capt. Tomislav Žarinčić, CCDCOE, staff officer for training coordination and eLearning

“No Information System Is More Complex than Croatia and NATO’s Defence System”

What are your first impressions of Estonia?

After Estonia had gained independence, the country’s leadership recognized the economical potential offered by internet technologies in the management and operations of institutions in the domains of judiciary, education, health, military and the police as well as in the operations of the government itself. It is no wonder that Estonia has capitalized on the experience acquired during the development of information security and cyber activities. One cannot avoid mentioning the experience from 2007, when the country was threatened by a grave hack attack that jeopardized its advantage previously attained through high-level information technologies. Because of its intensity and duration, the event has been branded as a cyber attack; today, it would fit the bill of what is normally called cyber warfare. As e-Estonia, which entails citizen interaction with a dozen public on-line services, Estonia is the frontrunner in the on-line society not just of Europe, but of the whole world.

What does your normal working day look like?

I recently began working at the CCDCOE’s training branch and am yet to become acquainted with all of its activities. As a staff officer for training coordination and eLearning, I work with about sixty people from 25 countries. My day is made up of attending daily briefings with the head of my branch as well as going through daily, weekly and monthly duties and tasks. We co-ordinate numerous activities offered by the CCDCOE in the domain of cyber defence and evaluate training programmes of other centres within NATO. The mechanism of evaluating programmes is not simple, but it yields positive results through lessons learnt, an exchange of experiences among staff members at the CCDCOE and in NATO as well the initiation of new pilot projects with the countries in the Partnership for Peace. None of that would be possible if I did not undergo the training programme required for my branch and specialty.

How is the CCDCOE equipped? Does it have a futuristic appearance?

The CCDCOE is a modern centre of excellence. The first thing you notice in it is the physical safety of the workspace – one’s identification must be verified before one enters a safe zone and the management of user identities and authorities is regulated. Further, NATO member states enjoy a rich and healthy business co-operation; they devise material and application solutions, and test IT equipment that is used by them and developed to suit the needs of NATO.

What are your greatest working challenges?

Within my branch, co-ordination in the creation of new NATO courses requires a scientific approach, i.e. the application of methodology learnt in training. What is wanted is our expertise and experiences stemming from lessons learnt that can be applied in the next iteration of newly-created courses and exercises. I am still learning about this new domain and am yet to take specialization courses. Learning about the teaching process, planning it and updating it is a long undertaking and a skill that is continuously developed. It is based on the flexibility of collocutors (in this context: interested parties within NATO), expertise and, finally, the co-operation among subjects involved in training development.

Is engagement in the cyber safety of Croatia and NATO’s defence systems the fulfilment of an information scientist’s ambition?

Of course. On the one hand, nowhere in the world can you find more complex information systems and applied technologies than here. On the other hand, nowhere in the world can you find such an abundance of application solutions implemented so as to secure the coherence, integrity and availability of the information in the IT systems of the Croatian MoD and armed forces as well as NATO. Over the years, as you acquire the best experience possible in your working environment or through training, courses and exercises, you become aware of your personal growth and the advantages it brings to the system that you are operating.


Translation by IVA GUGO