Cyber security

The cyber defence of information systems will help to ensure the trust of people in the information society’s ICT solutions.

   

In cyber space, malicious people are not held back by state borders. Therefore, cross-cutting and cross-border co-operation will be required in cyber space to anticipate possible threats and respond appropriately. Just like on land, sea and in the air, we need international co-operation partners to protect our country and citizens in the cyber space, both at the level of ICT specialists, legislation, national defence and diplomats.

Cyber environment and the opportunity to manage within the environment safely are as important as secure physical environment for the purposes of the development of a country and its economy.

In 2009, the Cyber Security Council was established at the Security Committee of the Government of the Republic. The task of the Council is to contribute to smooth co-operation between various institutions and conduct surveillance over the implementation of the goals of the Cyber Security Strategy. The Council is chaired by the Secretary General of the Ministry of Economic Affairs and Communications.

 

Areas of cyber security
 

Three main categories can be distinguished for the purposes of cyber security development:

  • Critical infrastructure and vital services
  • Cyber crime
  • National defence

In addition, it is also important to develop cyber security horizontally to create a viable cyber security sector with export capacity and ensure the implementation of the measures developed for the sphere.

For the development of cyber security, attention should be given to educating people and increasing their awareness, by shaping the legal space and international relations.

Estonia needs good, well-working and novel cyber security solutions to enhance its cyber security capacities; world-level partners, specialists, researchers and enterprises will be needed to create and implement such solutions.

The following will enable the development of domestic cyber security sector:

  • Addition of new cyber defence specialists and competences
  • Novel solutions, commissioned by the Government
  • Supporting the development of enterprises that offer cyber security solutions

Areas of cyber defence

Critical infrastructure and vital services

Functioning of the Republic of Estonia and society in general, the economic and social welfare of each individual and even their life and health depend, more and more, on the security of information systems that are used to provide critical and vital services.

One of the aims of cyber security is to ensure the uninterrupted provision of services and their resilience. The reliability of services and infrastructure, including ensured and perceived high security, represents an important success factor for ensuring the attractiveness of Estonia to foreign investors.

The following measures will be used for that purpose:
  • Availability and ensured functioning of alternative solutions
  • Ensuring digital continuity of the governance processes
  • Management of cross-dependence between critical and vital services
  • Ensuring the capacity for sufficient perception and the management of cyber threats faced by enterprises and the state
  • Management of dependence on services offered by foreign countries, in the case of critical and vital services
  • Implementation of a monitoring, analysis and reporting system
  • Ensuring the security of ICT infrastructure and services
  • Management of security risks of new solutions and emerging technologies
  • Increasing the international scope of protection available to the critical ICT infrastructures of Estonia

Cyber crime

Cyber crime is the biggest threat present in cyber space, which may result in major economic damages, a decreased trust in digital services and may even bring about real human victims.

Ensuring the safety of cyber space forms an important component of fighting cyber crime. This includes both the anticipation, detection and processing of cyber crimes.

Awareness of the public of information security risks will be enhanced in fighting cyber crime, supported by the promotion of international co-operation and improving the efficiency of fighting cyber crime. Users of computers and smart equipment must have the ability to deal with cyber threats in both their everyday life and work.

National defence

It is important to observe cyber security as a part of national defence to achieve safe cyber space.

This means that the civil, military and international co-operation-based resources at the disposal of the Government must be sufficient to work adequately within the cyber space – fulfilling both the pre-warning and deterrence and active defence functions.

A well-planned, well-aimed or massive and comprehensive cyber attack may result in undesirable consequences for the state in general. The efficiency of anticipation and fending off a cyber attack will depend on the state’s ability to manage the counter-measures that are adopted to ward off the attack. For that purpose, national defence and military defence cyber abilities will be developed, supported by the promotion of cyber collective defence and international co-operation in national defence, including increasing the awareness of cyber defence in governmental authorities involved in national defence.

The establishment and development of a cyber laboratory of the cyber defence unit of the Defence League and the Estonian Defence Forces is important for ensuring national defence. The establishment of the cyber defence unit of the Defence League represents a remarkable co-operation initiative between the public, private and third sector. In a situation of crisis, cyber defence units of the Defence League will be employed to support civil structure and defend critical infrastructures.

 

Cyber Security Strategy 2014–2017

 

The new Cyber Security Strategy lays down four important objectives:

  • A comprehensive system of security measures, consisting of different levels, will be implemented in Estonia to ensure cyber security at national level.
  • Estonia is a country that is characterised by a very high level of information security competence and awareness.
  • Proportionate legal regulations serve to support the secure and extensive use of information systems.
  • Estonia is one of the leading countries in international co-operation to enhance cyber security.
 

Co-operation and partners

 

 

Last updated: 5 October 2017