<div class="documentdisplayleftpanesectiontextheader"> <div><a class="helplink " href="/?a=p&p=help&e=-------et-25--1--txt-txIN%7ctxTI%7ctxAU%7ctxTA-------------#whyocrerrors" onclick="openHelpPopup(event.target, 'whyocrerrorsContent'); return false;">NB! Tekst võib sisaldada vigu. Loe lähemalt...</a></div> </div> Cyber Security Strategy 2019–2022In October 2018, the government approved the Cyber Security Strategy for 2019-2022. It is a vision of the directions Estonia wants to go in the field of cyber security over the next four years. VISION Estonia is the digital society with the highest level of cyber security. By coping with cyber threats effectively, Estonia is able to ensure smooth functioning of digital society, drawing on the joint capabilities of government institutions, purposeful and involved privet sector and outstanding research competency. Estonia is an internationally valued trendsetter in the field of cyber security, which supports national security and contributes to the growth of global competitiveness of companies operating in the sector. Society as a whole perceives cyber security as a joint responsibility where everyone has their role to play. To realize the vision, Estonia abides by the following fundamental principles in ensuring cyber security. – We consider the protection and advancement of fundamental rights and freedoms just as important on the internet as in the physical environment. – We see cyber security as enabling and amplifying Estonia’s rapid digital development, which is the basis of Estonia’s socioeconomic development. Security must support innovation and innovation must support security. – We are aware that ensuring the security of cryptographic solutions is uniquely important for Estonia as the entire ecosystem of the digital society is based on it. – The basis of the functioning of digital society is transparency and public trust. To maintain it, we adhere to the principle of open communication from the government.OBJECTIVE: Estonia is a sustainable digital society with strong technological resilience and preparedness for coping with crises.– State information systems and digital services must be developed taking into account both technological and organizational requirements, principles and standards. – It is of key importance that government institutions and public sector follow baseline security requirements stemming from information security standards at least at the level mandated by law. – Protection of digital resources that are important for Estonia is guaranteed (basic data on citizens, territory and legislative drafting. It is also important to review secure data communication between government institutions both in ordinary and crisis situations. – To systematically analyse technical monitoring data, tools must be developed to create a close to real-time view ofthe landscape that measures the level oftechnical cyber security as an indicator of Estonia’s development . – The capabilities of different institutions’ security will be determined and on their basis a national situation map is compiled and management of state networks’ security, creating a cyber security centre (NCSC) on the basis of RIA cyber security service. – Strong, cohesive and community culture based everyday cooperation has become the basis for Estonia’s success to date in ensuring cyber security and preventing incidents with broad consequences and this practice will be continued and strengthened during the new strategy period as well.OBJECTIVE: Estonia possesses strong, innovative, research-based and globally competitive enterprise and research and development activity in the cyber security sector, covering all competencies that are important for Estonia.– A cluster called the Estonian Information Security Association (EISA) has been established to coordinate effective cooperation between private sector, academia and the state. – To ensure the more even development of cyber security research areas, focus areas for R&D in the field must next be defined. To leverage export potential, the state will ensure better inclusion of small (businesses) engaged in cyber defiance on business diplomacy mission and delegations. – Startup Estonia will continue promoting the community in cooperation with the Ministry of Economic Affairs and Communications to make progress toward the establishment of a accelerator for companies in the cyber field and offer value for companies that are past the first phase of growth that are looking for global growth.OBJECTIVE: Estonia is a strong partner to be reckoned with on the international arena.– It is important to continue the international cooperation in the field of cyber standards, trust-based measures and international law. – It is in Estonia’s interests to ensure that cyber attacks are successfully dealt with. This requires cross-border cooperation to be maintained and advanced, including ensuring that procedural information can be obtained rapidly and efficiency from other countries and general information exchange and cooperation reinforced. – To maintain up to date cyber competence, rotation of diplomats and officials between establishments and sharing of knowledge and skills must be promoted. – Systematic cyber cooperation with different key countries and the cyber agencies located there is important. – The goal is to develop in Estonia a functioning procedure for attribution of cyber attacks at both the political and technical level and to take part actively in cooperation formats with likeminded countries in the field of deterrence and attribution. It is important to contribute to the discussion under way at NATO on collective defence in cyber space. – Estonia must systematically support the development of cyber capabilities outside the EU and NATO and to do so, it must take part in the establishment of the EU cyber assistance network to develop a competitive and sustainable ability to render cyber assistance that would in turn reinforce that Estonia is one of the leading countries for cyber defiance.OBJECTIVE: Asa society, Estonia is cyber aware and a future supply of specialists in the field is guaranteed.– Following the entry into force of the Cyber Security Act, Estonia takes a central role in growing cyber hygiene, prevention activities at the state level and raising awareness in society. Broader public awareness of cyber threats is ensured in cooperation between different agencies: both the ability to defend against threats and knowledge on how to act after a cyber attack. – To raise the level of cyber hygiene at government departments, it will become obligatory for public servants in central and local government to pass tests on cyber security. – Cyber security knowledge and skills among students and teachers will be measured systematically and a supply of cyber security trainings will be guaranteed for general education and vocational school teachers. – Cyber security should be integrated into the information science syllabus and in-depth study of cyber defence should be taught in as many possible upper secondary schools as possible, thus laying the groundwork for a future supply of cyber specialists through the formal education system. – Academic foreign policy competence, which is already healthy in Estonia, should be integrated with the cyber sphere. Besides this, possibilities for ensuring a future supply of legal experts should be ensured and Estonian competence in the field of cyber law must be reinforced through participation in international projects.