Estonia is famous for its IT development and expansion of digital technologies in its territories, but t present times it cannot be taken seriously without additional cybersecurity measures and precautions. Estonian cybersecurity improvement had been growing drastically for more than 10 years and now it is at a very good level, that our country can even give help and advice to other countries about computer security related questions. According to Kevin Mitnick's three criteria, I can analyze the overall situation with cybersecurity in our country.
Technology
The need for security in the governmental IT environment had emerged at the beginning of 21 century and become clear after the 2007 cyberattacks on Estonia. As a reaction to that, in 2008 the government has founded Cooperative Cyber Defence Centre which became part of NATO Centres of Excellence. The main goals of this organisation are to improve the cybersecurity technologies within NATO countries, enhance information security and develop new ways of cyber defence. In addition, the Estonian Defence League’s Cyber Unit has emerged in 2010. It is a unit with mostly volunteer IT specialists whose main goal is to protect private telecommunications infrastructure from outside-derived cyberattacks. The goals of those two organisations are crucial especially when it comes to different forms of communication. For example, during 2007 cyberattacks one of the main problems was the inability of the government and other structures to communicate with each other. Email services didn’t work because of spam, flooding and other network disruptions made by hackers. News sites were not able to post fresh news and thus were not able to communicate with the audience. Right now it would not be so easy to misuse any Estonian governmental site or communication system. Encryption, firewalls, digital signatures, two-factor authentication and other technologies are used for secure communication in our country.
Training
Training of Estonian government and IT companies to be ready to withstand a cyberattack had been increased since 2007. CERT-EE is an organisation that deals with cybersecurity incidents and manages the response to them in the country. Their main task is to regularly monitor the cybersecurity situation in our country and help governmental organisations and companies to stay secure in the network. They give advice on different types of security incidents and help to implement the best security solution. In addition to that, they understand that security does not end there. Citizens are also given advice and control in our country to stay secure in cyberspace.
Policy
Estonian government understands that any cyberattack may be oriented on absolutely any citizen of our country no matter what office or position it occupies. For example, the 2007 cyber-attacks on Estonia have shown that some cyber-attacks may be sophisticated and oriented on banking systems to suspend accounts or cause major disruptions in the whole banking system but some are simple stupid phishing that may affect thousands of people who were not aware of the attack. Because of that our government security requirements are the same for any citizen. One of the tasks of NATO Cooperative Cyber Defence Centre of Excellence is to create new standards and security requirements. Any service providers on Estonian territory whose resources are vital for society are required by the government to manage their ICT risks. All government authorities must have a mandatory security baseline. By such measures, Estonian government controls and keeps the country secured from cyberattacks.
Analyzing the Estonian cybersecurity situation I can say that our country is indeed a well-secured state, which keeps developing in this field and it is reasonable. Regularly over 300 cyber incidents are recorded by Estonia’s national computer emergency response team which means that the cybersecurity in Estonia should not stop improving.
Sources:
https://e-estonia.com/how-estonia-became-a-global-heavyweight-in-cyber-security/
No comments:
Post a Comment