Humans are the Biggest Risk in the Digital World
By Robin Gurney
At the 5th annual e-Governance Conference in Tallinn, Kimmo Rousku, General Secretary for Finnish Public Sector Digital Security Management Board (VAHTI) stated that countries should be prepared to cyber attacks, but turn much more attention to educating people how to survive and manage in digital world. Humans are the biggest risk in digital world.
Kimmo Rousku claimed that there will be more and more attacks with the advent of Internet of Things, AI and other emerging technologies, services & devices. “These all create a larger cyber attack surface. Put simply, more tech = more attacks,” Rousku said.
Rousku, a self confessed geek and biohacker, who assists the various Finnish government departments and other stakeholders to “work together for a safe Finland” and to protect Finnish e-government services is more worried about ICT incidents and human error which he said are far more prevalent than cyber attacks. “What’s needed,” he said, “is a more human-centric approach to digital security from youth to old age and in all areas of life e.g. work, home, business and travel.”
According to Rousku, government must manage tech risks better and remember digital security is the trust enabler for successful e-governance solutions. “Citizens, governments, institutions and the private sector must have trust in the systems and solutions we provide,” claimed Rousku.
The NSCI detailed data that underpin the NCSI rankings will help us prioritise focus areas.
To that end Finland is launching a digital security education programme initially aimed at civil servants but then to be rolled out to businesses and citizens over time. The aim is to encourage lifelong learning in digital security. After all, he said, our lives are based on risk and risk management is something we should all think about more. “We are, our own risk management officers,” he claimed. “The NSCI detailed data that underpin the NCSI rankings will help us prioritise focus areas,” he added.
According to Rousku the National Cyber Security Index (NCSI) is a valuable tool to measure countries preparedness for cyberattacks. “Higher country rankings in the index are a good indicator that the probability, and likely impact, of a cyber attack are lower in more prepared (higher ranking) countries. “However it’s important to realise that high rankings don’t actually stop cyber attacks,” he added.
Epp Maaten, Programme Director of National Cyber Security at eGA pointed out that NCSI not only benchmarks how states are performing in terms of cybersecurity but it is also a valuable source of shared information detailing how participating countries are handling their cybersecurity challenges. It’s a free resource that every country should tap into, she urged.
Maaten reminded delegates: “All levels of society are affected by IT and threats come from activists, criminals, organised crime, terrorists and even nation states. Cyber security must be embedded in every area of strategy and implementation for all state, and vital service provider, solutions,” she said.
The NCSI provides an overview of the cyber security capacity of countries, pointing out good practices and showing which aspects could be improved.
Maaten concluded by saying that, “We all know that cyber security is a global challenge and one country alone cannot ensure its security in cyberspace. Therefore, it is extremely important to find ways to make our digital world secure together. The NCSI provides an overview of the cyber security capacity of countries, pointing out good practices and showing which aspects could be improved.”
The NCSI is based on publicly available evidence, which is presented on the NCSI website.
The article is based on the presentations held at e-Governance Conference 2019. Watch the videos of presentations below!