Cyberspace is contested at all times and malicious cyber events occur every day, from low-level to technologically sophisticated attacks. The NATO Cyber Security Centre (NCSC) defends NATO networks from these attacks 24 hours a day, seven days a week.
We are the heart of technical expertise for cyber security within the Alliance, leading technical collaboration in NATO and with Allied cyber defenders. We operate NATO's centralised hub for cyber defence, allowing the Alliance full situational awareness and operational resilience for all cyberspace activities across its networked infrastructure.
Our experts provide effective, agile and resilient cyber defences to prevent, detect, respond to and recover from cyber security incidents across NATO.
We respond to any cyber incidents affecting NATO, handle and report incidents, and disseminate important incident-related information to system/security management and users. This capability evolves on a continual basis and maintains pace with the rapidly changing threat and technology environment.
Our experts are responsible for the provision of technical cyber security services throughout NATO. We provide cyber security services to NCIA customers and users, as well as to all other elements of NCIA.
All reported cyber security incidents are considered normal priority unless they are explicitly labelled EMERGENCY or URGENT, or are categorized by our teams as significant or major.
Please review the cyber incident checklist before proceeding. A report should be made if any of the following criteria are met:
- The event is clearly a security breach of classified information.
- The event affecting a NATO system and/or a specific technology in use at NATO.
- Are people, devices, services, or networks affected by the event?
- The affected NATO system providing services to ongoing operations or exercises?
Co-operation, Interaction and Disclosure of Information
The NCSC exchanges necessary information with partner Computer Security Incident Response Teams and with affected party administrators within the boundaries of existing information sharing frameworks. Neither personal nor overhead data are exchanged unless explicitly authorized.
All sensible data (such as personal data, system configurations, and known vulnerabilities with their locations) are encrypted if they must be transmitted over unsecured environment.
Communication and Authentication
The NCSC operates within the confines imposed by NATO policies and directives on information sensitivity and classification.
For unclassified information that the NCSC deals with, civilian telephones will be considered sufficiently secure to be used even unencrypted. Unencrypted e-mails will not be considered particularly secure, but will be sufficient for the transmission of low-sensitivity data.
If it is necessary to send sensitive data by e-mail, encryption (preferably PGP) will be used.
For classified information the NCSC only uses properly accredited systems and networks.
Disclaimers
While every precaution will be taken in the preparation of information, notifications and alerts, NCIA assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.
The NCSC supports all NCIA-managed networks. Requests for support coming from all other entities will be evaluated on a case-by-case basis.
Please submit your completed form to [email protected] along with the PGP Fingerprint: D9E5 81BF 46A5 7F7B D540 CE1C 10BC C16B 11B4 DCE7. Download the key here.