Last week the news was out: Mart Noorma will become the new director of the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE). Noorma has been actively engaged with NATO, EU, and international cooperation on innovation and novel technology development and is a member of the Estonian Defense League. During the last five years, he served as the Science and Development Director of Milrem Robotics, the leading European robotics and autonomous systems developer and systems integrator.
The Tallinn-based CCDCOE is a NATO-accredited cyber defense hub focusing on research, training, and exercises. From August 2022, space and technology expert Noorma will take over from Col. Jaak Tarien, who stepped into the role in 2018. Mart Noorma has also served as the vice-rector of Academic Affairs, the head of the Space Technology Department, and a professor at the University of Tartu.
I meet Noorma at our Briefing Centre – he is punctual, prepared, and very approachable. I remember seeing him on TV as a youth science competition host. So he is no stranger to an audience and eloquent expressions. The following interview expresses Mart Noorma’s personal views and is not an official position of NATO or the CCDCOE.
Congratulations! Tell us how the directors of centers such as the CCDCOE are chosen? Is the process extra tenuous, the competition extra tough?
The posts of the Cyber Defence Centre are primarily agreed upon, and the member-states will assign specialists to these posts according to the expertise required. In the case of specific posts, it is also determined which countries fill them, and the position of the director of the center is always the so-called Estonian position. So the head of the center can always be from Estonia. Of course, this is a very, very prestigious and influential position. You can directly help a billion NATO states’ people live happier and sleep more peacefully. Naturally, many people would like to contribute, and the leader selection process was long.
How many hoops does the candidate have to jump through then? Is it comparable to some of the coveted startups where the candidate goes through five interviews, several home tasks, etc.?
Leaders must demonstrate their vision and ability to lead a complex international organization. Principles in all aspects of management and your previous experience must show you can implement your vision. This organization leader has the most critical managerial experience and competence, an understanding of the sensitive field of defense, and the work of international organizations. I was the best person for this position (laughs).
But were there any doubts? “Is this what I want to do now?” Discussions in the family – will I accept this position?
It was a long process, and both sides had to make decisions. When I was invited to participate in this process, I entered without the conviction that I really wanted to do it. Above all, I wanted to share with the team my vision of how the Centre could take the following steps in its development. It is essential that life is exciting and I keep developing professionally. This way, it is not possible to stay in one position for too long a time, and now it was time for me to move on. And CCDCOE was the next logical step.
From there, the logical next step would be the Secretary-General of NATO?
From there, many jobs can benefit my country and my people.
Can you tell us what the NATO CCDCOE does daily in layman’s terms?
NATO’s CCDCOE works every day for world peace and the welfare of its people. The digital world plays an essential role in our everyday lives, and the CCDCOE aims to make sure that we are safe in that world and that the bad guys can’t rule over us. And to do this, countries need to put in place regulations and rules and develop technical solutions and operational concepts for cyber warfare and cyber defense. And all this needs to be done in co-operation between all countries sharing the same values. Here the primary function of the CCDCOE is to support and co-ordinate this cooperation between countries. There are several directions where this collaboration is most important: technology, the legal aspects, strategies, and the operational level, plus education. In other words, to develop principles, methods, curricula, how people in different roles among these billion NATO citizens, how they can contribute, or what training they need.
What will the near future of CCDCOE bring?
CCDCOE has made a significant contribution to making the cyber environment safer not only for the people from NATO member states but also for everybody sharing the free world’s values. Unfortunately, our enemy doesn’t sleep, and we have to be alert and ready to react to any cyber threats that may arise in the future. The Centre should be even more flexible and efficient in the coming years.
Did it come as a surprise that World War III is not taking place – as much it had been predicted – in cyberspace, but that Russia is, once again, invading a sovereign country with tanks and soldiers?
The world is evolving rapidly, and we see fundamentally different conflicts according to different stages of a society’s development. It is the same with military conflicts – on the one hand, there may be one side’s will forced upon the other through cyber methods, and on the other hand, through conventional warfare. What is happening in Ukraine is an example of a predominantly 20th-century conflict or a traditional conflict, if you will. Although there is a cyberwar simultaneously, we do not yet see all the effects. We only see some of them, and for the next ten years, we have reason to analyze what happened and the actual outcomes. But it is also a fact that our cyber addiction is growing and becoming more and more critical in conflicts with each passing year. And if it is not secured, the cyber realm will become such that our lives will simply come to a standstill if the adversary can force their will on us. In the case of Ukraine, we have seen methods of imposing that will, such as hacking Ukrainian websites aimed at the public but also hacking Russian websites, then important information mining – publishing lists of soldiers who are at war in Ukraine; the soldiers who carried out the massacre in Bucha, etc. Disclosure of such information is, in fact, critical, and I think it will continue to discipline people significantly in the future because this responsibility becomes more and more personal when the opponent can no longer hide who the real bad guys are.
Have we overestimated Russia’s cyber capabilities? Or it’s just very uneven. Top-notch in the troll farms, but a typical soldier calls home with a regular cell phone, and all this information is easily accessible?
The war in Ukraine shows very well that the actors at every level play a role in a cyber battle. Whether we are talking about managers, cyber-pros, or a soldier on a mobile phone, they can positively and negatively affect cyber warfare. Whether our assessment of Russia’s cyber warfare capability was inadequate is not possible. This war is still a predominantly traditional conflict, with cyber being a more supportive weapon. In the future, some other conflict may present a danger that is 100% in cyberspace, and we simply see our systems crashing, self-driving cars crashing into people, and other military activities where there is no conventional warfare. Speaking of the CCDCOE, one of our main tasks is to prepare for the future, to support the current situation. There is much to learn from the Ukrainian war, but we must certainly not underestimate Russia’s abilities.
Do our history and geographical location also give us an advantage in cyber competence to better understand how Russians think and act?
Leaders and decision-makers need to be aware of the situation. Awareness of the situation allows one to control the situation and impose one’s will on the opponent. So you have to be yourself or have sensors close to or among your opponent. There are no borders in cyberspace, and it cannot be said that Estonia is closer to Russian cyberspace than any other country. Still, there are many aspects that we understand better because we are closer to the traditional conflict zone. We can also better understand the reasons, the approach, and the effect that Putin’s Russia is trying to achieve.
But wouldn’t that be the most effective cyber warfare if we shut down all the critical systems in the aggressor state? Not that suits convene somewhere in international organizations decide to impose the umpteenth package of sanctions before enjoying some raclette and wine.
First of all, we do not want to shut down all the systems; in cyber warfare, it is imperative to influence the population of the other party. It is therefore crucial that communication channels are maintained and controlled. We’re seeing this happening with Russia right now – companies like Microsoft are saying they will stop offering support in Russia. This is perhaps one of the most potent cyber operations we have ever witnessed because if accountants can no longer use Excel, the whole economy will eventually decline. Cyber activities that hit the economy have a harsh effect.
Working in such a field, how much does it make you more paranoid? Do you constantly warn your loved ones to be careful? Do you place your cell phone in the microwave at home?
It does require that special care must be taken. But it could and should be part of everyone’s professionalism to perceive and fight cyber threats. This is very similar to how we assess and prepare for threats daily. We learn to drive a car before we get into traffic, and we know first aid to help our loved ones if something happens. Despite everything, things can still happen; we can only do our best and be prepared. But we are never really 100 percent protected from these accidents. And so it is in the cyber realm you can build the best firewall or monitoring system, but in the end, everything can be hacked and broken into. I promise that CCDCOE will continue to be the best partner and supporter for the people of the free world to establish defences against aggression in cyberspace.
communications manager at the e-estonia briefing centre