Estonia's cyber-space estate has been ranked as having the best cyber-security in Europe, and the fifth best in the world.
This recognition of cyber excellence for a country that is seen as being an innovator in internet-enabled government was announced at the World Summit on Information Society Forum 2017 on Thursday, where the International Telecommunication Union (ITU) introduced the latest iteration of its Global Cyber-security Index (GCI).
The GCI says, “Like Georgia, Estonia enhanced its cyber-security commitment after a 2007 attack.”
This refers to a series of cyber-attacks from 2007 which targeted the websites of a wide variety of Estonian organisations, including the Estonian parliament, banks, government ministries and newspapers. The country has a longstanding dispute with Russia about the relocation of the Bronze Soldier of Tallinn, as well as the location of war graves in Tallinn, Estonia's capital.
The GCI explains that following the attack, Estonia introduced “an organisational structure that can respond quickly to attacks as well as a legal act that requires all vital services to maintain a minimal level of operation if they are cut off from the Internet.”
It adds, “The country also hosts the headquarters of the NATO Cooperative Cyber Defence Centre of Excellence (NATO CCD CoE).”
In the world stage, Estonia ranked fifth after Singapore, USA, Malaysia and Oman. The index covers all 195 world countries – the United Kingdom came 14th.
In Europe, Estonia came out on top, followed by France, Norway, the United Kingdom and the Netherlands in the top five.
The 2017 ITU paper announcing the results explains that it “measures the commitment of Member States to cyber-security in order to raise awareness. The GCI revolves around the ITU Global Cyber-security Agenda (GCA) and its five pillars (legal, technical, organisational, capacity building and cooperation).”
The paper adds, “For each of these pillars, questions were developed to assess commitment. Through consultation with a group of experts, these questions were weighted in order to arrive at an overall GCI score. The survey was administered through an online platform through which supporting evidence was also collected.”
The United Kingdom was praised for its “five year National Cyber Security Strategy”, which “aims to make the country one of the safest places in the world to carry out online business and doubles investment in cyber-security compared to the first plan.”
Only 38 percent of countries listed in the index have a published cyber-security strategy and only 11 percent have a dedicated standalone one; 12 percent have a cyber-security strategy which is being developed right now.
Brahima Sanou, director of the Telecommunication Development Bureau, said in the paper: “First launched in 2014, the goal of the Global Cyber-security Index (GCI) is to help foster a global culture of cyber-security and its integration at the core of ICTs. This second iteration of the GCI measures the commitment of ITU Member States towards cyber-security in order to drive further efforts in the adoption and integration of cyber-security on a global scale.”