Network security

Finnish government strengthens the security of the country’s IT network

Finland has created a national organization to assess home communication network security issues and assess vulnerabilities to cyber domain attacks.

The Network Security Advisory Council (NSAB) will work with state agencies, businesses and municipalities as a national resource for those who need external expertise to improve network security and strengthen defenses against cyber threats. It will provide state and municipal organizations with the ability to implement enhanced security, integrate security technologies, and better monitor cyber risks and threats to communications networks.

It was launched with a specific timeline and mission that includes addressing key cybersecurity issues identified by the Finnish government, and is expected to end in June 2022. The activation of the NSAB follows the ratification of the Finnish Cyber ​​Security Act. electronic communications services, which became law in January 2021.

“By creating the NSAB, our aim is to strengthen the general social importance of cybersecurity and cooperation between important sectors,” said Timo Harakka, Finnish Minister of Transport and Communications. “The prerequisite for economic success is national security, and Finland’s advanced approach continues to attract broad international interest.

For Finland, the creation of the NSAB is a direct response to the European Union Joint Risk Assessment Report on 5G Network Security (JRAR-5GN) published in October 2019. The Coordinated Common Risks Initiative was launched during Finland’s six-month rotating presidency. of the Council of the European Union, which ended on December 31, 2019.

The JRAR-5GN has been approved by Member States, the European Commission (EC) and the European Cyber ​​Security Agency. The EU27-backed project represented the completion of a major milestone in the EC push for a common EU approach to improve cyber defense strategies and 5G network security.

The private sector’s contribution to the NSAB is reflected in its board of directors and funders. These include the telecommunications companies Elisa, Telia Finland and DNA, as well as the Finnish Federation of Communications and Telecommunications (FiCom), which functions as the main lobbying organization for the ICT industry in Finland.

The core membership of the NSAB includes representatives from the Ministries of Foreign Affairs, Transport and Communications, Defense, Interior, Economic Affairs and Finance. Officials from Suomen Erillisverkot and the Finnish security and intelligence service SUPO also sits in the NSAB. Suomen Erillisverkot is the Finnish state’s main provider of ICT and network security services to public authorities.

The timing of the NSAB deployment has been influenced by a current proposal from the European Commission to update the Network and Information Systems Security Directive (NIS Directive). This aims to strengthen the range and reach of cybersecurity and data protection tools available to Member States in a changing cyber environment.

A central feature of the IRS Directive is to encourage EU organizations and Member States to develop their national cybersecurity capacities, preparedness and risk management systems. This rise in risk, threat and defense capabilities comes against a backdrop of a sharp increase in increasingly sophisticated attacks on critical IT and digital networks from the cyber domain.

The IRS Directive incorporates deeper cooperation and harmonization of processes and rules, reporting and information exchange between the 27 EU Member States. The increased levels of cross-border collaboration envisioned in the IRS Directive imply shared obligations associated with common regulations, approaches and practices in support of national cybersecurity strategies.

Nordic governments, especially since 2018, have urged the EU to implement the NIS Directive within a clear regulatory framework that enables member countries to effectively address current and next-generation cybersecurity risks and threats using robust cross-border collaboration mechanisms.

Constructive actions

Constructive actions, whether implemented at EU or national government level, are essential to build and operate computer networks with greater cybersecurity efficiency, said Kalle Luukkainen, Director General of the Finnish National Cyber ​​Security Center.

“From our perspective, it would be helpful to involve the top management of more companies in securing their IT network operations,” said Luukkainen. “In practical situations, operational models extend across organizational boundaries into a network of partners. In Finland, we have worked exceptionally well in networking with organizations and individuals on cybersecurity issues. “

During its EU Presidency, Finland advocated for the development of more effective reporting and exchange of information systems to better manage risks, threats and attacks from malicious actors in the cyber domain. targeting critical public and private computer networks.

The Finnish government has also championed closer cooperation on cybersecurity between the 27 states of the EU, in addition to supporting new powers that would allow law enforcement authorities to obtain information on cybersecurity breaches linked to activities. criminal.

Further steps to strengthen the implementation of Finland’s digital society project are underway. The government has released increased investment funds to strengthen information security and lay the foundations for a fully functioning digital society.

Source link