Cyber Risk Management: Estonia and the Digital Society Klaid Mägi and Lauri Luht RIA Cyber Security branch

ESTONIA IN FACTS

OECD #1 Tax Competitiveness

Freedom House #2 Internet Freedom

EUROPEAN COMMISSION #1 EU Digital Economy and Society Index

FREEDOM HOUSE #9 Index of Economic Freedom

UNITED NATIONS #15 E-Government Index

WORLD BANK #16 Ease of doing business

WORLD ECONOMIC FORUM #22 Networked Readiness Index

Simple Everything can be done online except for marriage, divorce and selling your house

ONCE-ONLY PRINCIPLE

NO LEGACY

DIGITAL BY DEFAULT

SINGLE POINT OF ENTRY

USER FRIENDLINESS

OMNI-CHANNEL SERVICES

OPEN STANDARTS

24/7

Easy e-Solutions simplify and benefit our lives.

E-CABINET: 5 HOUR MEETINGS TO 30

MIN

TAXES DECLARATION TAKES 3 MINUTES

99% OF STATE SERVICES AVAILABLE

ONLINE

BANKING IS ONLINE 99.8%

PAPER-FREE ADMINISTRATION

INVISIBLE GOVERNANCE

EASY BUSINESS IN 18 MINUTES

I- VOTING 30% COME ONLINE

E-TAXES 98% ONLINE

E-PRESCRIPTIONS 99%

Time-efficient electronic solutions save money DIGITAL SIGNATURE SAVES 2% OF GDP

PER YEAR

50 TIMES MORE EFFICIENT POLICE

INTERNET VOTING IS 2.5 TIMES CHEAPER

1/3 LESS QUEUES IN THE HOSPITALS

SAVING TIME: 1 WEEK PER CAPITA

Efficient

Everywhere

Broadband in 88% of homes, 100 MB by 2018 3G, 4G cover the whole country, 5G pilot in 2018 WIFI areas all around

Internet is a social right

IDENTIFICATION

TRAVELLING

DIGITAL

SIGNATURE

STATE SERVICES

HEALTHCARE

VOTING

BUSINESS, BANKING

DRIVING LICENSE

PUBLIC TRANSPORT

LOYALTY CARD

e-Identity It all relies on collaboration through engagement.

ID-card penetration is over 94% Mobile-ID

e-Residency Become an e-Resident like >10 000 others

Future The future starts with E

SMART CITY

X-ROAD THROUGH EUROPE

E-RESIDENCY

INVISIBLE GOVERNMENT

CROSS-BORDER COOPERATION

REAL-TIME ECONOMY

INDUSTRY 4.0

DATA EMBASSY

Technology is never perfect.

CYBER THREATS

DATA PROTECTION

RIGHT BALANCE

5 Myths of Cyber Security • Cybersecurity Is Unlike Any Challenge We Have

Faced • Every Day We Face “Millions of Cyber Attacks” • This Is a Technology Problem • The Best (Cyber) Defense Is a Good (Cyber)

Offense • “Hackers” Are the Biggest Threat to the Internet

Today Peter W. Singer and Allan Friedman (http://www.wired.com/2014/07/debunking-5-major-cyber-security-myths/ )

Defend your values!

Critical Infrastructure and PPP “ICT” dependency >95% >40% >20%

Solution: Smart & proactive cyber security

• Monitoring, incident analysis, reporting

• Situational awareness • Preparedness • Smart risk management –

smart decision-making

The Future of Cyber Security • Complexity growth → Challenges • Growing dependency (& interdependencies) • New “Pearl Harbour” will happen (K. Alexander) • Isolation creates stagnation

• Building the “Collective Brain”

Information System Authority (RIA)

- Central e-government systems - Coordination of national cyber security - Funds for IT development 2016

RIA-OAS MoU 2014

Colombia: 2014 and 2015 • Developing cyber policy

Dominica: 2014 • Technical training, supporting CSIRT development

Trinidad ja Tobago: 2014

• National cyber security center development support

Jamaica: 2014 • Law enforcement training

Tallinn 2015: Experts from Americas • Training for Central and South America cyber

experts and introducing Estonian set-ups • CSIRT training

Peru 2015: Risk management support

Washington DC 2015: OAS and FIRST cooperation

• OAS–FIRST TC

Mexico 2015: Cyber policy support

Visit of Estonian President 2015

2016 • St Kitts and Nevis – risk management • Dominican Republic – cyber strategy support • OAS high level experts in Tallinn

Trinidad and Tobago 2016: CARICOM support

• Regional CSOC/CSIRT development

– Economic development – Transparency through

efficiency – Modernization by Government

innovation and efficiency

Why digitalization matters?

Thank you!

Klaid Mägi klaid@cert.ee

Lauri Luht lauri.luht@ria.ee