Article content
Amid escalating threats and increasing reliance on digital solutions, our resilience is shaped by how deliberately we manage risks and sustain trust – at every level, from the state and organisations to individual citizens, writes Gert Auväärt, Director of the National Cyber Security Centre, NCSC-EE.
Threats that strike without warning
Cyber threats worldwide are growing in scale and sophistication. Zero-day vulnerabilities are exploited within hours, ransomware attacks inflict direct financial losses while corroding trust, and state-backed threat actors operate with a long-term view, seeking persistent access to critical systems. At the same time, advances in artificial intelligence are making attacks faster and harder to detect. Responding after the incident is no longer enough – continuous situational awareness and preventive readiness are now essential.
Cyber threats are also affecting ordinary people more directly. For victims of fraud, the damage extends beyond money, eroding their sense of security and confidence. Last year brought this into sharp focus: people in Estonia lost 29 million euros to fraudsters. The disappearance of language barriers and the skilful use of social manipulation have made fraud pervasive, particularly through phone calls that exploit urgency, fear and perceived authority. This shows that the security of the digital state depends not only on technical solutions but also on the decisions people make when their trust is deliberately manipulated.
Prevention begins with decisions
In this environment, the key question is how we collectively understand and mitigate risks. A large share of cyber incidents remains preventable through better cyber hygiene and well-considered management decisions. An organisation’s level of cybersecurity reflects its maturity, sense of responsibility and willingness to confront uncomfortable scenarios honestly.
Not all major digital disruptions, however, are the result of malicious attacks. The most extensive global outages in 2025 stemmed from technical failures at major cloud service providers, simultaneously affecting thousands of organisations and millions of users. These incidents exposed just how tightly our everyday lives and economic activity are bound to a small number of critical global providers.
The strength of a digital state is measured by its capacity to innovate and, crucially, by its ability to remain functional when things go wrong. Achieving a unified view and stronger preparedness requires a comprehensive picture. A significant step in this direction was the establishment of RIA’s operations centre, which brings together situational awareness of developments in Estonia’s cyberspace and the status of national critical services. This shared awareness enables faster responses, closer cooperation and clearer leadership.
Cyberspace knows no borders
All these themes are tied together by a single underlying principle: cybersecurity is, above all, a matter of leadership, responsibility and cooperation. Technologies and standards are indispensable, but they are not sufficient on their own. A responsible state understands its risks and prepares for uncomfortable scenarios.
Estonia’s experience and expertise are also needed – and valued – internationally. Cyberspace has no borders, and a weak link elsewhere can quickly affect others. International cooperation, information sharing and joint exercises are essential to building resilience.
This invisible yet critical resilience is perhaps most clearly seen in CERT-EE’s 20-year journey. It is a story of continuity and persistence that rarely attracts public attention but keeps services running, crises at bay and trust intact. Our shared goal is a resilient Estonian state: one where the lights stay on, water keeps flowing, and digital services continue to function – and where trust, our greatest and often least visible capital, remains secure.
For more information, explore the Cyber Security in Estonia 2026 collection on the Information System Authority’s website.
