Digital societies are built on a foundation of security and trust. That’s why Estonia has invested heavily in its cyber security infrastructure.
Estonia’s expertise in cyber security is already well known in the international community, in particular because of CERT-EE and Critical Information Infrastructure Protection, its unique Cyber Defence League and for being the home of the NATO Cooperative Cyber Defence Center of Excellence.
Since June 1st 2011, the Estonian Informatics Centre has been re-organized to the Estonian Information System’s Authority (EISA). The new authority helps private and public sector’s organizations to maintain the security of their information systems, the authority has also the right of supervision.
The Department of Critical Information Infrastructure Protection (CIIP) evaluates the security of information systems in Estonia and carries out risk assessments. Every provider of a vital service in Estonia is responsible for the security of their system. CIIP advises the owners of information systems on how to assess risks and how to protect vital services.
CERT-EE (Computer Emergency Response Team Estonia) handles security incidents taking place in the .ee domain. The department helps in case Estonian websites or services should fall under cyber attack or if Estonian computers distribute malware. CERT-EE also has the possibility to reverse engineer the malware.
Accredited in 2008, the CCDCoE serves as an international NATO Competence Center, providing NATO nations and partners with cyber security expertise, educational and training resources and assistance in policy development. Estonia was approved as the site for the CCDCoE due to its expertise in the areas of cyber security and e-government.
Estonia’s achievements in cyber security have also benefitted from a strong IT partnership between the public and private sector. This unique spirit of cooperation gave birth to the Cyber Defence League– a volunteer organization operating under the Estonian Ministry of Defence. Tasked with assisting the nation during a cyber attack, the Cyber Defence League is comprised of IT security experts, programmers, lawyers and management specialists from the nation’s top IT companies, banks, ISPs and defense forces. The Estonian Police and Border Guard also have their own Cyber Crimes Unit, to investigate and prosecute online criminal activity.
Estonia’s cyber security achievements received international attention in 2007 when Estonia became the first country in the world to be the target of a coordinated international cyber attack. Thanks to the strength of the Estonian e-Government and IT infrastructure systems, and with assistance from the Cyber Defence League, Estonia’s infrastructure easily survived the cyber attack.
However, the real key to Estonian cyber security lies in the inherent safety and security built-in to every single Estonian e-Government and IT infrastructure system. The secure 2048-bit encryption that powers Estonia’s Electronic-ID, digital signatures and X-road-enabled systems means that personal identity and data in Estonia is airtight. Estonian citizens and businesses operate with confidence, knowing that their data is safe and their transactions are secure. Indeed, the best kind of cyber security is one that everyday people never have to think about.