The NPS-NSO partnership goes beyond the Cyber Security Program, and when the partnership initially started it offered different courses in the fields of maritime security, energy security and cybersecurity. The cybersecurity program has been the most sought-after of the courses provided due to its rising need. To date, the program has successfully graduated over 1,200 students who together strengthen the organization.
Deciding who can instruct, as well as deliver, these courses is determined during an annual conference through NATO to identify its members and partners' educational needs and priorities. With NPS being a leader in cyber security and having programs already in place, the choice was obvious for NATO on who will teach these highly-valuable courses.
The NPS-NSO relationship began with a conversation between Alan Howard, who now serves as NPS Energy Academic Group (EAG) Associate Chair, and, at the time, NSO's Commandant U.S. Army Col. Mark Baines, who were determining how to align education and training throughout NATO.
"I said, how about we offer some of our education from NPS to the alliance at the NATO school?" Howard said. "I saw an opportunity for the NATO school to be, in a way, like the Naval Postgraduate School's European campus. Why not have a campus in Germany where people could go and take our classes, experience the kind of capabilities that NPS has and can offer, and ideally some percentage of those numbers that attend our courses at the NATO the school, would later become full-time resident students at NPS."
"The collaboration between NPS and the NSO allows the U.S. and, by extension, NATO to build internal and partner capacity in cyber expertise and capability," said NSO Dean of Academics and Senior National Representative for Student Affairs U.S. Air Force Col. Ryan B. Craycraft. "Having this capability throughout NATO and among NATO's partners adds a buffer of security that enhances the security of the alliance."
The Cyber Security Program officially started in 2010 with one course, and has since developed into what it is today, with seven different courses; Network Security, Network Vulnerability Assessment & Risk Mitigation, Cyber Incident Handling & Disaster Response, Network Traffic Analysis, Principles of Software Reverse Engineering, Mobile Applications, and Big Data Analytics.
"The first four courses are part of the Cyber Security Professional Program started in 2012 and the students spend more than 400 hours with lectures, labs, self-paced readings, quizzes, distance learning problem challenges, final exams and final projects," noted Howard
The program has had increasing popularity in recent years and has seen a tremendous increase in attendance within NATO. This rise has caused rapid expansion, offering classes more frequently and in some cases doubling the classroom size from 30 to 60 students.
"For anyone who has been even casually skimming the headlines for the past decade, the reason for this growth is rather obvious," said NPS Senior Lecturer and Cyber Security Professional Program developer Dr. J.D. Fulp. He attributes the increase in class size to three primary causes.
"First is the increase in the number and type of devices that rely on the proper and secure functioning of an operating system, application, or network service,” Fulp explained. “Second is the increase in the degree of interconnectivity of these devices, something that will increase further as 5G technology brings higher bandwidths, think 10Gbps or more, to a greater number and variety of devices and people. And, the third is the increased exploitative sophistication of certain nation states investing heavily to enhance their offensive cyber capabilities."
Each course in the certificate program runs for 10 weeks, with two of those weeks taught in-residence with an NPS instructor, and the remaining 8 conducted virtually. After completing the Cyber Security Professional Program, students will understand operations, use, investigation and troubleshooting of cyber systems. The students also receive Certification as a Cyber Security Professional that is recognized within NATO and is a mandatory requirement by many of its members and partners.
"I would not have it any other way,” said German Air Force Maj. Tim Schleimer. “I have only experienced NPS while on these courses but have never been disappointed. From the material presented to the instructors delivering it, it has all been great from my point of view."
"Without this collaboration, I don't think a program of the same caliber would be possible at NSO," added Schleimer, "which, in turn, would mean less NATO personnel trained in cyber security."
The collaboration not only benefits the students and countries who take the course, but also enables NPS professors to get insight from other countries on the things they see happening within cyberspace.
"It's common for students in the class to bring up new technology or new techniques that I was not aware of and a great thing about that is I can turn that around and incorporate it in the course for when I offer it at NPS," said NPS Distinguished Professor of Electrical and Computer Engineering Dr. John McEachen. "Our NPS students get the benefit of perspectives that are being used in other parts of the world. So, we see a lot of collaboration from these other countries."
McEachen noted that we are only as strong as our weakest link and mentioned that many smaller countries rely on contractors for their cyber needs making them more vulnerable.
"What we're doing is helping these countries develop an organic effort where they are vested in defending their nation," noted McEachen.
Not only are the courses offered at the NATO school in Germany, but also in several partner nations around the world.
"There's a huge demand for it," said Howard. "In addition to the courses we offer at the NATO School, NATO headquarters has asked us to deliver some of these courses directly to the receiving country." Direct courses have been available in Morocco, North Macedonia, Montenegro and Kuwait.
With cyber an integral part of everyday life and increasing threats within cyberspace, the need for this higher education in cyber security is imperative.
"Unlike direct physical attacks, many cyber-based attacks can go undetected, or even un-attributable, meaning we can't prove who did it even when they are detected," said Fulp. "Such exploitation can be executed to steal intellectual property, conduct espionage, manipulate opinion, deceive, degrade operations, or even bring about physical damage. NATO countries, among others, are aware of this threat and are pushing their people to get up-to-speed as quickly as possible."
The joint venture between NPS-NSO will continue to adjust its curriculum for new needs adding new courses as cyber is constantly changing.
Subject specific information for the media
Events or announcements of note for the media
Official Navy statements
Given by Navy leadership
HASC, SASC and Congressional testimony