Welcome to the portal of the the NATO Communication and Information Agency’s Cyber Security Service Line - NATO’s first line of cyber defence.
The NCI Agency Cyber Security Service Line is responsible for the full lifecycle of NATO Cyber Security activities, designing, implementing and operating:

  • Scientific and technical expertise
  • Supporting Acquisition, Maintenance and Sustainment
  • Conducting Operations and Incident Management

Mr Ian West, Chief Cyber Security Service Line


To strengthen the Alliance through connecting its forces, the NCI Agency delivers secure, coherent, cost effective and interoperable communications and information systems and services in support of consultation, command & control and enabling intelligence, surveillance and reconnaissance capabilities, for NATO, where and when required. It includes IT support to the Alliances’ business processes (to include provision of IT shared services) to the NATO HQ, the Command Structure and NATO Agencies.

What we do

Combating Cyber Attacks - the Agency’s Cyber Security Service Line is NATO’s first line of cyber defence. It operates cyber defence capability development, the NATO Information Security Operations Centre and the NATO Computer Incident Response Capability (NCIRC) Technical Centre, providing integrated cyber defence 24/7, year round. The NCI Agency Cyber Security Service Line is also responsible for planning and executing all lifecycle management activities, including subject matter expertise, research and development, software development, acquisition and operations and maintenance.

NATO Communications and Information Agency Mission

Connecting Forces

The NATO Communications and Information (NCI) Agency was established on 1 July 2012 as a result of the merger of the NATO Consultation, Command and Control Agency (NC3A), the NATO ACCS Management Agency (NACMA), the NATO Communication and Information Systems Services Agency (NCSA), the ALTBMD Programme Office and elements of NATO HQ ICTM.

The establishment of the Agency is part of a broader NATO reform.

The new NCI Agency "connects forces, NATO and Nations"- it is NATO's IT and C4ISR provider, including cyber and missile defence.

The NCI Agency is a key pillar of NATO Secretary General's Smart Defence and Connected Forces initiatives; Supporting NATO operations is our top priority.

The Agency is led by Kevin J. Schneid and is part of the NATO Communications and Information Organisation.

Service Line structure

Operations Branch

The CS SL Operations Branch delivers a suite of services to prevent, detect, respond to and recover from cyber attacks, and incidents. These services are in the specific areas of Cryptography, Identity Management, 24/7 CS Operations Support, Incident Handling, Technical Services (supporting CS Ops) and CS Support to deployed Operations and Exercises.

Coherence Branch

The CS SL Coherence Branch (CS CB) manages Cyber Security Coherence (Level 1 process) across NATO policy, strategy and architectures. Among it's tasks are:

  • Provide lifecycle Security Risk management support to all NATO CIS.
  • Provide long term CS planning input for evolving CS services.
  • Coordinate support to the Defence Policy and Planning Committee (Cyber Defence) (DPPC (CD), Security Committee (SC), the C3Board (C3B) and their substructures and the Cyber Defence Management Board (CDMB) for cyber security-related policy, technical direction and guidance.
  • Provide CS-related support to the architectural development within the Agency.
  • Provide technical and policy support to the NATO Security Accreditation Authorities. Provide CS coherence to NCI Agency innovation, design, acquisition, implementation and operation.
  • Provide CS training programme support, overall CS awareness and CS input to education programmes for the Agency and its customers.
  • Develop and manage an internal CS services training programme for CS SL staff development.
  • Provide the coherence in CS services across the NCI Agency substructure.

Compliance and Audit Branch

The CS SL Audit and Compliance Branch provides services to assess the operational effectiveness and efficiency of the implementation of cyber security controls in accordance with NATO Policy and its supporting guidance in order to improve the overall security posture of NATO systems and networks.

Service Line Management Branch

The CS SL Management Branch (CS SLMB) supports the Chief, Cyber Security, service owners and project managers in the coordination and everyday management of the service line, service portfolio, respective services and associated projects.

  • The SLMB provides direct Executive Officer, administrative, business and Service Level Management (SLM) support across CS SL.
  • The SLMB maintains CS SL system analysis and distributes CS COMPUSEC/COMSEC compliance reports.
  • The SLMB coordinates CS SL logistic requirements, develops and manages CS budgets, leads the submission of Medium Term Financial Plan (MTFP) bids and undertakes all procurement requirements.
  • Responsible for Service Line visits and liaison with other Computer Emergency Response Teams (CERTs), governmental and non-governmental organisations and NATO Entities.
  • Acts as the CS SL SLM focal point, prepares and leads monthly Service Level Management reviews.
  • SLMB is responsible for collaborating in Quarterly Portfolio Reviews with Demand Management (DM) Account Managers.
  • Reviews, approves, and advises Cyber Security project plans and documents, which price proposals, exception reports, and contingency plans.
  • SLMB also initiates pre-financing requests on behalf of the Program Managers, leads project closure process from the release of Project Closure report until projects are formally closed.