To those who commit cyber crimes, national borders are meaningless lines on a map

It can prove rather difficult to explain the digitalised nature of Estonia to a complete stranger, particularly if they have zero experience of e-services and online solutions. But I’ll give it a go.

Margus Noormaa
  • Margus Noormaa
    By Margus Noormaa, Director General, Estonian Information System Authority

It can prove rather difficult to explain the digitalised nature of Estonia to a complete stranger, particularly if they have zero experience of e-services and online solutions. But I’ll give it a go. In Estonia, 98% of all residents have been issued with our national document, which is the ID card. As the name implies, it’s used for personal identification – but more surprising, perhaps, is that it can also be used as e.g. a customer card. The true value of the ID card, and the reason it’s one of the pillars of the e-state in Estonia as a whole, lies in its digital authentication and signing functions.
The ID card was introduced in 2002. Each year thereafter, more and more people started making the most of the digital convenience it offered: for example, you no longer had to go and stand in a line in some state agency to speak to someone and get something done. Estonian law states that digital signatures are equal to handwritten ones. Introduced into legislation, those few words threw the doors wide open.

Estonian residents can now take out a loan, buy a car, register a change of address, officially record the birth of their child, apply to enrol at a school or university and much more online. And provided they use Mobile ID or Smart ID, they can do it all on their smartphone. All they need for identification and signing is their phone and their PINs. Solutions like these, which make life a whole lot easier and kick red tape into the long grass, attract new services and innovative ideas that in the past simply weren’t possible. We’re still at the forefront globally as an e-state, but to remain there demands constant effort and progress. That’s why we, as a nation, and we personally as its Information System Authority, are always looking for new challenges.

The latest challenge we tackled came at us from Brussels. The European Commission saw the need for a centre that could share advice and provide training outside of the EU and support the implementation and maintenance of cybersecurity projects in third countries. This was a challenge we couldn’t turn down, so we took part in the procurement competition for the new centre – and won it. That was last year (2019). The task we’re now faced with is the launch of EU CyberNet, an initiative bringing together cyber-experts from all over the union. To those who commit cyber-crimes, national borders are meaningless lines on a map: online, we’re all neighbours. As such, it’s important to Estonia and to Europe as a whole that its neighbours are doing well in both the real world and the virtual world. If not, one domino could be enough to topple the whole thing. But set up the dominoes smartly, with enough distance between them, and you rule out the chance of the criminals knocking them all down.

Which is to say that cybersecurity isn’t dependent on one single nation. EU CyberNet unites experts and expertise in the field so as to share people and knowledge with countries outside of Europe. Taking on this task means shouldering a lot of responsibility, but I’m convinced that Estonia, as an e-state and with all the knowledge that comes with that, is the perfect growth platform for such a network. We have both the experience and the contacts we need in the field. Of course, we’re not doing it alone – the whole point of the network is to pool our know-how and work together. It makes no sense to take on the entire load yourself and put your back out in the process. We have partners to assist us in Germany’s Federal Foreign Office and in Luxembourg’s cybersecurity centre

Although EU CyberNet has been designed as a four-year project, at least to start with, we hope the network becomes a permanent thing and that it contributes to the implementation of all EU projects in third countries. I have absolutely no doubt our amazing team can make that happen.

So if you’re not yet a member of EU CyberNet, I only have one question for you – what are you waiting for?

Keep reading similar articles
Regional training on “Designing and Executing Cybersecurity Exercises”

The Latin America and Caribbean Cyber Competence Centre (LAC4) in Santo Domingo started the new training year with a regional seminar focused on the foundations of designing and executing cybersecurity exercises.

By Liina Areng, Regional Programme Lead, EU CyberNet
Cyber Capacity Building Collaborative Transformation: Good practice from the Dominican Republic [1]

This article takes a look on lessons from the Dominican Republic on how capacity building endeavours are enhanced if the recipient country adopts and replicates delivered trainings to engage wider local audience.

By César Moline Rodríguez, LAC4 Policy Expert
Regional Cybersecurity Conference for Internet Service Providers in Santo Domingo

The EU CyberNet, in collaboration with Cyber4Dev, Dominican Institute of Telecommunications (INDOTEL) and the National Cybersecurity Centre of the Dominican Republic are hosting a Regional Cybersecurity Conference for Internet Service Providers in Santo Domingo, Dominican Republic from 19-21 October 2021.

By Liina Areng, Regional Programme Lead, EU CyberNet
EU CyberNet – same kid, new and larger block

EU CyberNet, the EU’s external cyber capacity building network introduced in GCEM issue 6, has recently been granted an extended mandate with new tasks. With the CynAct platform now online and regular events taking place for the cyber security experts enlisted in the network, the project is to launch a new competence center for the Latin American and Caribbean region as well as to reach out to the EU Delegations worldwide. Siim Alatalu, Director of EU CyberNet, explains why this would be a good time to get involved.

Global Cyber Expertise Magazine / By Siim Alatalu, Director, EU CyberNet
How COVID-19 became a dominant issue in the cyber threat environment

Ilmar Üle from CERT-EU writes how COVID-19 became a dominating topic in current cyber threat environment as seen from the point of view an experts tasked with protecting the EU institutions, bodies, and agencies. Data related to research offers great interest to data thieves and teleworking from home via unsecured home networks is an additional favour COVID-19 has done to malicious hackers.

By Ilmar Üle, CERT-EU
A trusted and cyber secure Europe

The EU Agency for Cybersecurity (ENISA) aims to act as a centre of expertise in cybersecurity, assisting with the development of Union policy, operational cooperation, cybersecurity certification and standardisation, and promoting capacity building.

By Juhan Lepassaar, Executive Director, European Union Agency for Cybersecurity (ENISA)