Critical Information Infrastructure Protection Course


Critical Information Infrastructure Protection Course


24-27 Oct 2016

Registration deadline:

12 Sep 2016

Course dates may be changed until 3 months before the course


Tallinn, Estonia

Number of participants:


Participation fee:

300 € (no fee for the Sponsoring Nations, Contributing Nations and NATO bodies)

Course Overview: This four-day unclassified course is intended for mid-level managers responsible for the protection of Critical Information Infrastructure. Students should be from NATO countries and be civilians of GS 13-15 equivalent or military officers at the O-4 to O-6 level. A maximum 30 students can be accommodated at the site reserved. The Course will be held at the CCDCOE facility in Tallinn Estonia, which will provide requisite classroom, A/V, transportation, social and general material support. The Visiting Instructor for this initial course will be provided by DISA. 

Course Objectives: The purpose of the course is to provide students with the knowledge necessary to analyze, assess and make decisions relative to Critical Information Infrastructure Protection (CIIP).

At the end of the course, students will:

  • be able to understand what constitutes Critical Information Infrastructure and the threats to its operations
  • be able to assess the vulnerabilities and the threat profiles relative to Critical Information Instructure
  • be able to make proper decisions regarding protection of Critical Information Infrastructure, including training of personnel, investment in protection, information sharing and risk assessment
  • be able to oversee and critique a comprehensive Risk Assessment of both cyber and physical vulnerabilities for select Critical Information Infrastructure
  • know how to prioritize the protection of the most critical core information infrastructure for a military operation, institution, government or private sector enterprise

Course Agenda Outline. The Course will be presented primarily by CCDCOE Visiting Instructor Mr. Fred Ruonavar. Mr. Ruonavar is the Director, DISA/DoDIN Critical Infrastructure Protection (CIP) Program, Defense Information Systems Agency (DISA), U.S. Department of Defense. Mr. Ruonavar will be assisted by guest instructors and speakers. Classroom presentations will be augmented by two student group exercises and two off site visits to gain practitioners perspectives on CIIP. A one-page Course Agenda Outline will be published in early September on the CCDCOE website.

Pre-Course Preparation 
Select readings will be identified and made available to registered students by early September. These are to be read prior to course participation.

Chatham House Rule. Speakers during the course will make their presentations under the Chatham House Rule: no remarks may not be attributed to them or their affiliations, directly or indirectly, without their expressed permission.

Dress Code. Business casual or military duty uniform.

Course Instructors
Primary Visiting Instructor – Mr. Fred Ruonavar, Director, DISA/DoDIN Critical Infrastructure Protection (CIP) Program, DISA
Guest Instructor - Mr. Vytautas Butrimas, Lithuanian MOD
Guest Instructor - Mr. Kasper Kaarlep, Elektrilevi OÜ, Estonia
Guest Instructor - Col Rizwan Ali, USAF, CCDCOE legal cyber expert
Guest Instructor - Ms Lorena Trinberg, NATO Cyber policy expert
Guest Instructor - Mr. Ragnar Rattas, Hacking Presentation & Demo

Registration info

To sign up for the course, please complete the registration form before the deadline.