Editor’s Note: Founded in 2002, the e-Governance Academy is a non-profit think tank and consultancy organization that is a joint initiative of the Estonian government, the Open Society Institute, and the United Nations Development Programme. The academy creates and transfers knowledge and best practices in the area of digital transformation with a focus on e-governance, e-democracy, and national cybersecurity. The academy also publishes the national cybersecurity handbook, to support the global development of resilient cyber defense capabilities. Provided below is both an extract and a complete copy of the recently published National Cyber Security in Practice handbook for consideration by data and legal discovery professionals as they consider cybersecurity challenges.
An extract from the handbook composed by Epp Maaten and Toomas Vaks (e-Governance Academy)
National Cyber Security in Practice
By the beginning of the third decade of the 21st century, the digital economy will represent a significant and growing part of the global economy, estimated to reach 15.5% of global GDP. The development of information technology has affected all aspects of the economy and society, and the sharing economy and ‘smart agriculture’ are just a few examples of areas where information and communication technology (ICT) has brought about profound changes. More than half of the world’s population uses the internet, and almost 45% are daily users of social media. Along with changing the way communication works, it is also changing the way societies function. But, in addition to new opportunities, ICT development brings new types of risks that need to be addressed at the national level.
It is important to realize that cybersecurity incidents can never be completely prevented. The rapid development of technology and its accelerated spread also increases the potential for security incidents. Therefore, in addition to preventing incidents, the focus must also be on cyber resilience; that is, the control and reduction of damage caused by incidents. This requires two types of action: first, proactive measures aimed at preventing incidents, and second, reactive ones to control and reduce damage.
It is important to identify and understand potential threats (threat intelligence) and the risks associated with these threats (risk awareness). There is also a need for resources to detect and cope with incidents (incident management) and to plan activities and resources to deal with the damage caused by incidents (recovery). The existence of such measures will, on the one hand, increase the ability to prevent incidents by increasing overall security and, on the other hand, significantly reduce the adverse impact of incidents on society.
National Cyber Security in Practice – Handbook (PDF) Mouseover to ScrollNational Cybersecurity in Practice – 2020
- National Cybersecurity Index (NCSI) via e-Governance Academy (eGA)
- A Relevant Ransomeware Scenario: The Targeting of Municipal Governments and Healthcare Providers