NATO signs up IBM to build and run a custom cybersecurity offering
IBM is providing a custom "Asset, Configuration, Patching and Vulnerability” service with a special focus on vulnerability management.
NATO has contracted IBM to deploy a “custom” cybersecurity offering across the military alliance that will function as a “‘single source of truth” on information about assets, configurations, vulnerabilities, and patches.
The contract was signed by the NATO Communications and Information Agency (NCI Agency) and is intended to strengthen the Alliance’s cybersecurity resilience. It is effective as of January 2024, the two said.
The contract was announced the same day that Allies agreed NATO’s civil and military budgets for 2024 at a meeting on Wednesday (13 December 2023) – stting a civil budget at €438.1 million, and a military budget at €2.03 billion; a 18.2% and 12% increase respectively over 2023.
It comes as NATO continues to invest in a significant digital overhaul that included it hiring its first Chief Information Officer in 2021 and signing off on a sweeping NATO digital transformation strategy this summer.
See also: A Q&A with NATO's first CIO
“Collaboration with industry is essential to enhance our collective cyber resilience and respond more quickly to cyber threats and vulnerabilities,” said NCI General Manager Ludwig Decamps, adding that the agreement marks a significant milestone in a newly enhanced procurement process, enabling more agile and faster approaches to complex sourcing to deliver solutions that help strengthen the Alliance’s cybersecurity posture.”
“This new service will be built on top of the existing asset, configuration, and patching solutions across NATO,” IBM said. “Additionally, the service will help in creating an enterprise framework that will eventually support the needs of other key functional areas, such as IT service management and finance and auditing departments, which rely on asset configuration, and patch management information through a federated approach.”
The contract was signed after what IBM described as NATO’s new “dynamic and competitive procurement process - featuring regular workshops, sprints and continuous communication with industry” and the two said in a canned statement that the set of tools and centralised platform will “improve the Alliance’s visibility into cyber risks and empower it to manage potential issues with more ease and speed across its network.”
Cybersecurity functions across the NATO Enterprise will be able to use IBM Consulting’s custom ACPV (“Asset, Configuration, Patching and Vulnerability”) service as the “interface to access and dynamically query asset and configuration data, with a special focus on vulnerability management” the two said. The terms of the contract were not disclosed.
The contract was signed as NATO’s IT leaders have been working to take a more "enterprise approach" to IT procurement ( the Alliance spends upwards of €1 billion on ICT annually) as well as to improve coordination across its 41 civil and military bodies and more than 25,000 users.
Speaking to The Stack’s Ed Targett in 2021, NATO’s then-Assistant Secretary-General Camille Grand, who at the time was leading the alliance’s defence investment strategy, explained: “If I look at where we invest in the IT domain, we primarily invest in two domains. One is our command and control structure. The way I would describe it in layman’s terms, is… the glue that brings the allies and the NATO common structure together.
"Then a second group of IT investment has to do with our communications network. We need to bring all these NATO entities or missions and operations in the field together in a secure environment.”
The Alliance, he emphasised at the time, was also looking to improve and secure a “digital work environment” upended, like many, by Covid.
IBM's NATO contract comes weeks after the Alliance wrapped up its annual flagship cyber exercise; one of the world's largest. This year’s event featured over 1,300 cyber defenders from 28 NATO Allies and seven partner countries, as well as the European Union and participants from industry and academia. The 2023 scenario was based on "real-life cyber challenges, including attacks on critical infrastructure such as electrical substations, energy grids and water treatment plants, as well as the disruption of NATO and Allied assets while in operations.
"The aim is to enhance NATO’s, Allies’ and partners’ resilience to cyber threats and their ability to conduct cyber operations together."