CCD COE was established upon the initiative of Estonia together with six other nations – Germany, Italy, Latvia, Lithuania, Slovak Republic and Spain – on 14 May 2008. The North-Atlantic Council decided to award full accreditation and International Military Organizaton status to the Centre the same year in October. Estonia proposed the concept for a cyber defence centre of excellence to NATO already in 2004, after joining the Alliance. While the concept was approved by Supreme Allied Commander Transformation in 2006, the first politically motivated cyber attacks against Estonia in 2007 acted as a wake-up call to other nations and the Alliance, alarming everyone of the growing relevance of potential threats in the cyber domain.
CCDCOE conducted its first cyber security conferences in 2009, one focusing on legal and technological aspects and the other on research on cyber conflict. In the ten years of its existence, the annual International Conference on Cyber Conflict, CyCon has become a community-building event for cyber security professionals, adhering to the highest standards of academic research.
Since 2010, CCDCOE organises annually the largest and most complex international live-fire cyber defence exercise in the world, Locked Shields. This technical exercise has expanded considerably over the years, simulating the entire complexity of a massive cyber incident – in addition to defending regular IT and military systems together with critical infrastructure, cyber security experts can practice strategic decision-making, legal and media communication.
One of the most well-known and internationally recognised research accomplishments for CCDCOE has been the Tallinn Manual process, launched in 2009. The process has involved CCDCOE experts, internationally renowned legal scholars from various nations, legal advisors of nearly 50 states and other partners. Authored by nineteen international law experts, the “Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations” published in 2017 expanded the first edition published in 2013 with a legal analysis of more common cyber incidents that states encounter on a day-to-day basis and that fall below the thresholds of the use of force or armed conflict. The Tallinn Manual 2.0 is the most comprehensive analysis on how existing international law applies to cyberspace.
As of January 2018, CCDCOE is responsible for identifying and coordinating education and training solutions in cyber defence for all NATO bodies across the Alliance. NATO Allied Command Transformation has provided CCDCOE with an unconditional quality assurance accreditation for its contribution to high-quality NATO Education and Training. CCDCOE took on these new responsibilities with the status of Department Head for Cyber Defence Operations Education and Training Discipline, granted by the Supreme Allied Commander Transformation (SACT), one of NATO’s two strategic commanders.
By 2020, in a dozen years, the CCDCOE has grown and expanded, joining together already 28 member nations, both NATO Allies and like-minded partners beyond the Alliance.