Comprehensive Cyber Security Approach: The Finnish Model

Abstract

The cyberspace is evolving quickly and becoming a growing challenge for nations, as well as the international community. The key question is how to improve the preparedness of modern societies and how to build new capacities in the cyberspace. Knowledge is crucial to further development, as the weakest links in the chain are the users, be they individuals, companies or governments. Because of the very whole-of-society nature of cyber threats, preparing for and addressing them require strong measures. Multiple countries may enjoy unrivalled power in many of the areas of cyber security, offensive uses included, but may lack the tools necessary to identify in a timely manner threats that nimbly cross all the neat categories and carefully guarded bureaucratic silos. The idea behind a comprehensive security approach is that society’s security does not rest on the prowess of traditional security providers such as the police and military alone, but all the key sectors of society have been included in the security planning and implementation process . This whole-of-society aspect of a comprehensive security approach makes the political leadership particularly important. Including a wide range of society’s players in the security planning and implementation process aims both at increasing capabilities to respond to a wide range of threats, such as cyber threats, that cross sectoral boundaries, but also to secure the vital functions of society that usually demand tight collaboration between several sectors. This efficient collaboration allows wide and efficient mobilisation of society’s resources.