Last week saw CWIX, the largest annual NATO interoperability event, come to an end after three weeks of interoperability testing. It is normally held at the Joint Forces Training Centre (JFTC) in Bydgoszcz, Poland. This year, owing to the COVID-19 pandemic, the event shifted entirely into the virtual environment. Since June 8th, representatives across the world, partners and vendors undertook controlled environments to test, identify and fix their issues to continuously improve NATO interoperability and resilience in future crises by developing and experimenting with new ideas, new solutions and capabilities.
The event itself is continuously growing with twenty-two nations attendees this year. NATO introduced a new set of classification markings and conventions – STANAGs 4774 and 4778 – eighteen months ago. These STANAGS, dealing particularly with metadata, are critical to the sharing of sensitive information between allies. Industry is now firmly involved. Below are some of the key takeaway trends we saw over the last month.
Growing Need for Data-Centric Security
Data-centric security is fundamentally a different approach for protecting sensitive data from theft or misuse. Most security technology focuses on where data is—protecting, for example, all the data stored on a specific laptop or server, or all the data that crosses a specific network. The problem with this approach is that as soon as data moves somewhere else, another solution is required, or data is left unprotected. Data-centric security focuses on what needs to be protected—the files containing sensitive information. It applies the appropriate form of protection, no matter where the data happens to be. It is an area where we are seeing growing interest at CWIX every year, with more tests being executed, more visitors attending the virtual visitor day and more integration with the NATO FCS track (Future Core Services).
The use of cryptographic binding is seen as the next step in data security. Binding the labelling of the email to the message helps to identify if the sender has the correct labelling in the original message to combat the challenge of any data being changed through the email process. Following last year’s interoperability issues, working alongside our partners INFODAS, we are the first vendors to undertake testing which has helped us meet these challenges head-on. A key learning exercise has been identifying issues that require- modifications to NATO standards to ensure better alignment.
Demand for Portion Labelling
NATO has highlighted portion labelling as a key solution across military communications. It has led to forces around the world looking to adopt this solution. Portion labelling applies classifications to individual portions of a document. The solution allows sensitive portions of a document to be redacted before the document is accessed in unclassified environments. It enables users to apply uniform, consistent, and comprehensive markings to emails or documents with limited knowledge of regulatory standards. By ensuring properly labelled documents and emails, the solution helps to promote cross-domain sharing. It also reduces the leakage of classified and sensitive information.
Collaboration has always been key to providing sustainable security solutions. Boldon James has been working alongside our partner INFODAS at CWIX on developing a trusted labelling solution required for NATO’s stringent standards to ensure a highly secure approach. Boldon James’ SAFEmail enables the safe handling and control of a wide range of sensitive data from unclassified data to the high levels of restricted Government Classifications across a variety of messaging environments. Partnering with INFODAS SDoT Security Gateway, our military messaging, and data classification solutions, combined with INFODAS cross-domain solutions, enables us to offer an end to end solution that supports the emerging NATO standards. Boldon James provides the data classification element, and INFODAS provides the information exchange gateway (IEG).
Every year CWIX addresses a wide spectrum of technical and procedural interoperability between currently deployed, near-term, future, and experimental capabilities. Interoperability testing is essential for reducing deployment times and cost. It minimises system failure in NATO missions and allows nations to design interoperability into their systems. This year was no different. We feel CWIX fosters innovation by identifying and solving interoperability shortfalls, experimenting with alternative approaches, and exploring emerging technologies. Working alongside NATO and our partners, we believe CWIX helps maintain the military advantage of NATO in an increasingly complex and uncertain global environment.
Boldon James is an industry specialist in data classification and secure messaging, delivering globally-recognised innovation, service excellence and technology solutions that work. Part of the QinetiQ group, a major UK plc and FTSE 250 company, we integrate with powerful data security and governance ecosystems to enable customers to effectively manage data, streamline operations and proactively respond to regulatory change. We’re a safe pair of hands, with a 30 year heritage of delivering for the world’s leading commercial organisations, systems integrators, defence forces and governments.