Information System Authority takes charge of EU CyberNet

On 1 August 2019 the Information System Authority and the European Commission entered into an agreement establishing the European Union’s cyber-expertise centre, otherwise known as EU CyberNet.

For Estonia, this not only means a boost to its reputation and developments in entrepreneurship, but above all even greater cybersecurity.

The virtual world is a global village in which all are neighbours. This is reflected in the words of Juhan Lepassaar, the head of the European Union Agency for Cybersecurity (ENISA). As such, European cybersecurity needs to be coordinated both centrally and along the same lines – because if your neighbour’s cybersecurity leaves something to be desired, your own security is at risk. And the central point from which it will now be coordinated is Estonia. The cyber-expertise centre, which brings together all of the Member States of the European Union, was initially established as a department of the Information System Authority. With a budget of four million euros, the centre will coordinate the launch of all of the cybersecurity projects run by the EU in third countries. By the time the EU CyberNet project comes to an end, its network is hoped to include more than 500 experts and 200 international organisations.

Cybersecurity is not always dependent on one nation

The aim of EU CyberNet is to guarantee the more effective use of training, instruction and investment beyond Europe’s borders. The network will also be tasked with advising the various units of the European Commission. “The European Union’s running more and more cybersecurity-related projects outside its own borders every year,” said former head of cybersecurity services at the Information System Authority Uku Särekanno, who has been coordinating the introduction of new, large-scale systems in the Schengen area in the EU IT agency eu-LISA since October 2019. “But honest feedback from partners has pointed out that a lot of what that involves is often duplicating what’s being done elsewhere, and that a more targeted approach is needed.”

Every year, we are recognising more clearly that cybersecurity requires effective cooperation and exchange of information with other countries. The scams and malware campaigns that sweep through Estonia are international in scope. It is vital that we are capable of keeping our networks clean, but ongoing cooperation with other countries is growing in importance all the time. Back in 2017, two malware campaigns which caused a great deal of damage were waged with just a month between them – WannaCry and Petya/NotPetya. The WannaCry ransomware infected hundreds of thousands of devices, with medical institutions, banks, telecoms, industrial companies and logistics firms in 150 countries being hit. Those who suffered most were Spain’s Telefonica, the French carmaker Renault’s domestic production facilities and the NHS (National Health Service) in the UK. The NotPetya malware spread via accounting software of Ukrainian origin and was aimed at business systems. Maersk and FedEx alone estimated the damage caused to them by NotPetya at up to 300 million dollars. Other high-profile victims included the pharmaceutical company Merck. Cyber-crime causes billions of euros in damage every year, but less attention is turned to it because the damage never seems to have as much of an impact on us as that of physical crime, whose consequences are easier to gauge.

A procurement won by Estonia

Recognising the need for a centre brimming with cyber know-how, the European Commission launched a procurement to establish one. The winning tender was the one submitted by the Information System Authority in partnership with Germany’s Federal Foreign Office, the Finnish cybersecurity centre Trafficom and Luxembourg’s cybersecurity centre “Basically, the management of future cybersecurity projects in third countries will be outsourced from us, because that’s a field we have experience and contacts in,” explained Särekanno. The task of the Information System Authority over the next four years will be to establish the databases it needs, bring together experts and launch training programmes. The thinking behind all of this is that if other countries are better protected, so too will Estonia be.” During its initial four-year period of operations, EU CyberNet is being provided with four million euros in funding by the European Commission. “That’s start-up money, to all intents and purposes,” Särekanno said. “The assumption being that once the network’s up and running, it’ll take on other responsibilities and projects and find other sources of funding.” The Information System Authority hopes to see the network become permanent and that it continues to support the implementation of EU projects in third countries. This will hopefully happen in much the same way as Belgium, for example, has led and supported the pan-European RAN network combatting terrorism, which today boasts more than 6000 experts from different Member States and which helps to draft and implement programmes against radicalisation. More than 94.5 billion euros is planned for foreign operations within the framework of future financial prospects. During Estonia’s presidency of the Council of the European Union in 2017 an agreement was reached at the ministerial level that at least some of the funding set aside for foreign operations should be used for protecting critical infrastructure – including boosting cybersecurity – in partner states. “Considering the context and the fact that cybersecurity is likely to be one of the biggest priorities for the new commission, the centre coming to Estonia is something that has enormous potential,” Särekanno remarked. Särekanno feels the project will be of benefit to the country’s reputation and also from the point of view of promoting entrepreneurship. “Put simply, our job is to work with the most important agencies around the world as the middleman in EU projects and funding,” he explained.

This will place Estonia at the very heart of the organisation of international cyber-cooperation. “It should be a great springboard for companies here in the country as well,” Särekanno added. All of the major cybersecurity agencies in EU Member States – including the ANSS in France, NASK in Poland and the NCSC in the Netherlands – contributed to the project during its preparatory phase, along with EUROPOL, ENISA, the European Centre of Excellence for Countering Hybrid Threats and a number of international organisations (such as AfricaCERT and ASEAN) and universities.
“We’ve got a good starting point, but there’s a huge amount of work ahead of us,” Särekanno remarked. “We need to get the project off the ground as quickly as we can, actively recruit partners and develop an environment for information exchange that supports that.” Work began on the project on 1 September 2019, led by the former head of foreign relations at the NATO Cooperative Cyber Defence Centre of Excellence, Siim Alatalu. The project team is initially planned to feature five people, one of whom will be based in Brussels. The budget for the project includes resources for the hiring of a further 50 cybersecurity experts to fill temporary positions.

Keep reading similar articles
EU Cyber Diplomacy Fellowship Concluded with a Visit to New York

The EU Cyber Diplomacy Fellowship, aimed to enhance global cooperation and contribute to the United Nations’ framework for responsible state behaviour in cyberspace, concluded this week after series of monthly activities with a visit to New York where the Fellows participated in the 8th United Nation’s session of the Open-ended Working Group (OEWG) on ICTs and several side-events.

Marcel Gerardino: “Technology has great value for advancing societies but in the wrong hands it has the potential to cause a lot of harm.”

Mini-interviews with EU CyberNet experts. Marcel Gerardino has been part of the Expert Pool for 3 years and has contributed to the work of EU CyberNet.

At CAMP 2024: AI-age incident response needs to evolve with technology

This week, Liina Areng, the Director of EU CyberNet participated in the CAMP 2024 Annual Meeting in Seoul to share Estonia’s and Europe’s perspective in cybersecurity with special emphasis on ransomware and artificial intelligence.

Conclusions from the Workshop to Strengthen Regional Cyber Norms Guidance through Practice-Based Approaches and the Case of Ransomware

EU CyberNet and LAC4 co-hosted on 8th July a workshop in New York in the premises of Estonian Mission to the UN to strengthen regional cyber norms guidance through practice-based approaches and the case of ransomware as a side-event of the UN Open-ended Working Group on ICTs together with RUSI, Estonia, Chile and the Dominican Republic.

EU Cyber Diplomacy Fellowship to conclude with the visit to New York

EU Cyber Diplomacy Fellowship (EU:CD Fellowship) will have its final activity this week with the fellows’ visit to New York to participate at the UN’s Open-Ended Working Group on ICTs.

C-DAYS Conference “+Prevention”: Level your skills UP to advance efforts in building cyber capacity worldwide

Cecilia Popa, Experts Lead of EU CyberNet, participated as a Keynote Speaker at the 10th edition of the C-DAYS conference on the topic of “EU projects for Skills”, highlighting the EU CyberNet’s skillset framework which forms the foundation of our Experts Pool deployed worldwide to build cyber capacity.