Logo

Ensuring the state's cyber security

Cyber security has become an integral part of the functioning of the state and economy as well as domestic and external security.

Since there are no national borders for malicious activities in cyberspace, cross-sectoral and cross-border cooperation is necessary to prevent and effectively respond to threats in cyberspace, and all relevant parties from the private and public sectors and international cooperation partners are involved in the implementation of the cooperation, including ICT specialists, legal advisors, national defense, and diplomatic levels.

The cyber environment and the ability to operate securely in it, are as important for the development of the state and its digital services as a secure physical environment.

From 2009 the Cybersecurity Council operates under Security Committee of the Government of the Republic and develops a coordinated position on cybersecurity issues between institutions. Council ensures monitoring of the implementation of the activities agreed in the cybersecurity strategy at least twice a year and is led by the Secretary General of the Ministry of Justice and Digital Affairs.

Since 2016, the e-Government Academy has been developing the NCSI Cyber ​​Security Index, which measures the level of cybersecurity in countries and defines areas for developing national cybersecurity. In addition, the index provides an overview of countries' readiness to prevent and deal with cyberattacks and crimes.

The level of cybersecurity in EU countries is assessed based on the EU-CSI cyber index developed by the European Union Agency for Cybersecurity (ENISA) and the International Telecommunication Union (ITU) global cybersecurity index.

In June 2021, European Union regulation entered into force, establishing the European Cyber ​​Competence Centre (ECCC) and a network of national coordination centres (NCCs). These two structures have been established to support the development and innovation of the cybersecurity industry in Europe. The ECCC will operate as an institution in Romania and will direct investments for the development of the European cybersecurity industry (and community) in cooperation with the national coordination centres. European Cybersecurity Competence Centre and Network

Since effective and active international cooperation is needed to ensure national cybersecurity, and as cyber ecosystems are structured differently from country to country, the Estonian Information System Authority, which operates as the Estonian Cybersecurity Centre (NCSC) from spring 2023, will help to stand out as a national point of contact for cyber security, both domestically and internationally. The Cybersecurity Centre is established to ensure cybersecurity of the public sector and critical infrastructure and to act as a competent authority and single point of contact for the purposes of the Network and Information Systems Security Directive (NIS). Cybersecurity centres with a similar structure and tasks can be found, for example, in Latvia, Lithuania, Finland, Sweden and Denmark. National Cyber Security Centre NCSC-EE | RIA

The national risk analysis is the first step in the process of assessing risks and creating plans for crises. The assessments presented should be considered in the preparation of various resilience and contingency plans, in the planning of preventive measures, and in the preparation of development and planning documents. Read more about cyberspace and the cyber risk environment here: National risk analysis | Riigikantselei

Read more: 

Cyber security: Estonian Information System Authority (RIA)

e-Governance Academy (eGA)

National Cyber Security Index (NCSI)

Cybersecurity Strategy 2024-2030

THE CYBER SECURITY STRATEGY HAS FOUR IMPORTANT GOALS:

The first NCSS was adopted in 2008 and constantly updated to address evolving cyber threats and changed cyber landscape.  Current Cybersecurity Strategy sets goals for 2024–2030 in four key areas:

  • Managing the development of national cybersecurity
  • Enhancing Societal Resilience
  • Strenghtening CYBER-SHIELD (including incident monitoring and prevention)
  • Shaping a secure cyber environment

The vision of the updated strategy is to ensure the trustworthiness and resilience of Estonia’s digital services in a rapidly changing and insecure global environment. Compared to the previous cybersecurity strategy, the focus is primarily on strengthening security and defence.

You can find the ENISA NCSS Interactive Map, that provides a comprehensive overview of all National Cybersecurity Strategies (NCSS) across the EU, including their strategic objectives, implementation measures, roadmaps and good practices. 

National Cyber Security Strategies | ENISA

Strategy and Documents

Cyber Security Strategy 2019–2022

THE CYBER SECURITY STRATEGY HAS FOUR IMPORTANT GOALS:

  • Estonia is a sustainable digital society with strong technological resilience and readiness to cope with crises.
  • Estonia has strong, innovative, research-based and globally competitive cyber security sector entrepreneurship and research & development activities, which cover important key competences for the state.
  • Estonia is a respectable and strong partner in the international arena.
  • Estonia as a society is cyber-aware, and the subsequent growth of specialists in the field is guaranteed.

Strategy and Documents

Last updated: 03.09.2025

Stay up do date!

Ministry of Justice and Digital Affairs on social media.

Ministry of Justice and Digital Affairs

  • Suur-Ameerika 1, 10122 Tallinn
  •  (+372) 620 8100
  • [email protected]

  • The Ministry of Justice and Digital Affairs is open from Monday to Friday from 8.30 am to 5 pm.

Accessibility