The Secretariat of the Security and Defence Committee of Finland’s Ministry of Defence has finally published the long-awaited Cyber Security Strategy.According to the government’s vision for cyber security, by 2016, the country will become a “global forerunner in cyber threat preparedness and in managing the disturbances caused by these threats.”
The national approach for Finland’s cyber security management is based on eight principles. These principles include investing in research and development, proper legislation and incentives, cooperation between private and state organizations, and threat information collecting and sharing.
The strategy will be developed in accordance with 10 guidelines, which create optimal conditions for the materialization of the government’s vision for cyber security.
These guidelines are:
1. The development of an efficient collaborative model between the authorities and other stakeholders for the purpose of advancing national cyber security and cyber defense;
2. The improvement of comprehensive cyber security situation awareness among the key players involved in securing the vital functions of society;
3. Maintain and improve the abilities of businesses and organizations critical to the vital functions of society as regards detecting and repelling cyber threats and disturbances that jeopardize any vital function and their recovery capabilities as part of the continuity management of the business community;
4. Ensure that the police have sufficient capabilities to prevent, expose and solve cybercrimes;
5. The Finnish Defence Forces will be in charge of creating a comprehensive cyber defense capability for their statutory tasks;
6. Strengthen national cyber security through active and efficient participation in the activities of international organizations and collaborative fora that are critical to cyber security;
7. Improve the cyber expertise and awareness of all societal actors;
8. Secure the preconditions for the implementation of effective cyber security measures through national legislation;
9. Assign cyber security-related tasks, service models and common cyber security management standards to the authorities and actors in the business community;
10. The monitoring of the strategy’s implementation and completion.
The complete cyber security strategy is available here.