Securing the future: The role of the state, education, and AI in cyber defense
Présenté par : Anett Numa
Première diffusion : 1 décembre, de 15:30 à 16:00 UTC−5
Highlights from Cloudflare Immerse: Tallinn — and what an incredible day!
We were thrilled to welcome customers and partners from across Eastern Europe, including speakers from Raiffeisen Ukraine, Latvian Mobile Telephones, Estonia's Railways, Delfi Media, Shiwaforce and TV3 Group, for a day of insightful discussions, bold ideas, and forward-looking innovation.
Together with Cloudflare leadership and our regional technical team, we dove deep into the future of the internet — from the evolving role of AI to building secure networks with Zero Trust.
Massive thank you to everyone who joined us and made it such a memorable event.
English
Transcription (Bêta)
Awesome, thank you very much. I absolutely love to be the last terry on a cake as I understood that I will be the last keynote of the day.
So that's always great and also to be the only lady on the stage today.
So when I was preparing for this presentation, I was thinking which way to start and having my background in seven years working for the Estonian government, both in the Ministry of Defence and the Ministry of Economic Affairs covering both decentralization and cyber security, but now working for I would say the coolest cyber security company across the globe called NeverHack.
I would love to kind of combine this presentation by talking about what the state has to do in order to really build this infrastructure that is safe and sound when it comes to cyber security, but also at the same time how important is the entire collaboration between the state and cyber security companies and I would say even like companies in general.
So Estonia is very well known for the BBP model which is the public-private partnership and I will try to put especially a focus on this, but of course also I'm very thankful that we got to hear a bit more about the AI already.
So as AI is becoming more important also in terms of cyber security and especially the defence part, then I will also focus a bit on this as well.
But I always love to start with presentation with a bit of statistics and just to give you the numbers.
So today a cyber attack actually occurs every 39 seconds.
So if there are still companies and there is actually a new research that just came out from Estonia that only around 30 percent of Estonian companies said that they are likely to be attacked by cyber attacks.
30 percent of companies think that there is a likelihood that they will be attacked and I think this is ridiculous looking at the numbers on that side here.
So speaking a bit more on the money, so I did a bit of comparison here and also just the numbers in terms of euros.
So in 2024 alone the global cyber crime is really projected to cost over 10.5 trillion, which is actually making it more profitable than the global, also the track trace.
So if you make this kind of comparison the numbers are really getting very crazy in that way.
But for Estonia, I don't think cyber incidents are, you know, nothing new.
So we have been used to protect our systems for a very long time already.
So to that our Estonians or who are not Estonians, we started building our governmental services more than 30 years ago.
But building services online also automatically means that you do have to build them very secure.
Luckily we did things in a very secure way already, you know, back in early 2000 when we started building the very much decentralized systems and then also providing a lot of transparency and the entire infrastructure had to be, you know, very safe to protect our systems.
But obviously that requires also a lot of money and Estonia faced the very first cyber attack already in the year 2007.
Obviously the entire trends in the cyber security field were completely different back in that time.
But I always like to say that this was pretty much like a wake -up call to everybody saying that, you know, we might build some services but there is also massive threats that, you know, one of our neighborhood countries and not Finland has a big, big interest in making sure that they always kind of, not even knock on the door, but they try to open the door to see where they can get in.
And they've been trying since 2007 but automatically we have really allocated a lot of money also in terms of the budget to raise our cyber resilience in a lot of ways.
And a year after, so in the year 2008, also we became a home to NATO CCDCOE, so that's the Cyber Security Center of Excellence.
This is the largest NATO center of excellence in the entire world, so we almost have all the NATO members as a member of this center.
Just one missing, this used to be my job to cover that.
And then also we are a host nation for the EU IDC as well, so really showing also that we are not the ones that are thinking here in Estonia that we are the coolest and doing things in the right way, but also NATO and EU have really trusted us to also host these two very important institutions.
But I think everybody can agree with me here that when it comes to cyber security, this has become the entire cornerstone of democracy.
And besides this also one of the strongest and definitely the most kind of influential foreign policy instrument.
We're being manipulated all the time, we are being, you know, spread a lot of fake information, there's a lot of algorithms that are also playing with us every day.
And besides this, of course, different kinds of cyber attacks that are actually stealing our information, our money and our privacy.
And so we see also different countries manipulating with the elections, so it is so easy to manipulate and actually threats in our democracy by using the cyber attacks for this.
And that's why I wanted to bring out these four very, very important, the key aspects here.
What I do think that are the most important to really build a strong ecosystem again together with the public and private sector.
So first of all, I think it's really time in the year of 2025 to get over of the fear or ashamed that we are so ashamed that when we have been attacked.
When we work with our different kind of companies and when they are attacked, our message is always let's talk about this.
Let's talk about this incidents, let's go to media.
We don't have to even maybe mention your company, but we will encourage you to do it so that everybody else can also protect themselves.
And the same goes for the state. When I covered NATO and the Minister of Defence, we saw a lot of NATO members that never, never, ever spoke about when an incident had happened.
But we can't do partnerships. We cannot learn from each other if we don't talk about these things.
And the same goes for different kind of sectors.
Let's say if a medical centre, we have a lot of clients also in the medical sector here in Estonia, when they wouldn't talk about the incidents and the trends that are happening, the next hospital might be attacked the same way if they haven't heard about these cases.
So I think it's very, very important to bring that transparency and really talk about when something has happened so that we can learn the patterns and actually support each other.
We do have a common enemy, whether we are coming from Latvia, Lithuania, Poland, Estonia or whatever.
We have the common enemy today. And then that's why also I put it here, the accountability side.
So when we talk about the incidents also automatically, we can take somebody accountable for this.
And Estonia cybercrimes are criminal, also considered as a criminal act so that you will be punished also by the law.
And this is also in our company NeverHack, we're doing a lot of collaboration with police.
So when there is an attack, we also report about these things and provide that information.
And again, solutions for protection from the threats.
Again, every company in the first place have to think about every single little thing that you do by building your services, your systems based on a very secure cyber resilience.
You cannot build your services established as a startup, your service and then think about, hmm, but what about security?
If you already have established your solution, these are the things that you need to think about in the first place.
Very important. And then I'm a massive, massive ambassador for education and especially the cyber education.
I've been talking about this in never-ending ways, just how important it is to also change the way we see our educational system, because one of the most vulnerable groups today are our students and of course the elderly people, and they do lack of education in this field.
I will come back to this as well, which kind of methods Estonia has been using and also NeverHack is very much supporting different kind of initiatives to also raise that awareness and support the younger generation as well to really know what kind of threats are they facing.
And then one of the coolest things that I love to kind of focus on when I was at the defence ministry was the Cyber Defence League.
Is there anybody here in the room that have heard about the Cyber Defence League or which organisation it is?
We have a couple of hands. That's amazing.
So this is an organisation that is a voluntary based organisation. We also have a usual defence league.
You can become a member and go with your gun and run in the forest and you do the exercises, but preparing for the war, but also we are preparing for the cyber war.
And so as I said, it's a voluntary based organisation, but different kind of IT, cyber security company leaders, specialists, there are members and they are coming together, exchanging their expertise, doing work together and preparing for the case when Estonia would be attacked.
So the entire public sector would come and help to protect the state. And I think this is the only mindset that we should have.
But obviously, it's not just that they go and protect the state, but what they actually do is learn from each other.
They have a lot of workshops, they meet up, they exchange ideas, how they have been using different technologies and then how they work.
And I think this is also why this is important.
And then, of course, Cyber Command. So we have people that are working 24-7 there, making sure that our systems are safe and sound.
But one thing that I wanted to talk about that maybe you don't hear often is the cyber attribution.
And I have had this conversation with my friends a lot of times saying that, you know, if you point out that, you know, Russia was behind of that attack, then what happens?
They will never be punished in any ways. You can use your sanctions and so on, but these things don't work.
But when it comes to the cyber attribution, I wanted to bring out one of the cases that actually happened by the end of last year, that Estonia together with, I think, seven, eight different countries attributed the cyber incident that happened in the year 2020 against the state to Chiru.
And there are actually six names that are really pointed out. So we even managed to know by the names who these guys were that were behind of the attack.
So whenever they would stop by in any of the NATO country or the EU country or our partners, then they will be arrested straight away.
And that's the message.
First of all, this is a message that we are sending, saying that we will take you accountable for these actions.
But not just this. It's very much related, of course, also what I said before in terms of learning and how do we allocate our resources, how do we plan these things.
If we talk about and publish these very clear cases, what has happened and how we took these people accountable.
Very important.
Every kind of different response strategy is going to be related to the attribution processes.
And also, I think we do need to have an upholding international law in cyber security.
I know it comes as a surprise, but today there is not one existing.
We can have the internal ones, saying that there is an Estonian criminal law that says, you know, if you attack another entity, another person, then you'll be punished by these things.
Do you think there is one existing on international scale today?
No. Again, the attribution sides, we have organizations like the UN and NATO that have been trying different methods and so on, but we need a one that is really upholding and internationally approved, so that everybody will kind of act in the same way, or at least our partners.
So that's why it's not just pointing fingers, but it's taking people accountable and planning your future strategies.
But going a bit on the part of the AI, and so what our company is doing is also, I mean, if you think at a larger scale, I talked about the education, how we're also lacking the workforce in the field of cyber security.
And if I'm correct, there is a bit less than one million cyber security experts missing in Europe, working in this field, which is a massive, massive number.
So obviously, we need to find ways how to replace that and actually use also new technology.
And I was happy to hear about also Vido pointing it out, like how important also AI will be in the field of cyber security.
Our company Neverhack is also about to come out now with a global security operation center that will heavily be based also on AI solutions.
So if you think about these analysts that have to work 24-7 and see if there is any changes in different kind of, you know, the patterns or the trends in some of the systems, we don't have enough people, obviously.
And also, it's a much slower process than actually AI is capable of doing.
So AI is able to really protect and also really stop cyber incidents before they even occur.
And there's a lot of cases already across the globe that there has been, again, the AI solutions implemented in the cyber security field, and they have managed to completely stop and protect the system before somebody even gets in, because there is a lot of ways that you can see the threat intelligence and also really get the behavior analytics for detection of different kind of anomalies.
So that's also very, very important. So this is the reason why we started providing that solution, and this will be now launched very, very soon.
So really, I can tell you that AI will change the entire landscape of cyber security very heavily.
But again, I will come back to this a bit later. So what I wanted to do a kind of a summary for is also just bringing it out here that some of the key elements that I think are the most important ones that we have to focus on together with the public and private sector is, first of all, like I said, really building a clear international law.
And this is also something that we can only do with a collaboration.
So there can't be just the decision makers, the policy makers in a public sector thinking about these laws, but we have to give the case studies, we have to talk about our incidents and so on, and working closely together with different kind of, you know, also police and border guard board and so on.
So to really understand how to behave in this kind of actions and then how to, you know, protect yourself as well.
Then investing into education.
So I will kind of jump in the cyber security and curriculum. Last week, I managed to get some stage time at the Ministry of Education and Research here in Estonia.
We had a very long chat about this and even like such simple things as TikTok, kids using TikTok.
And even if you think about this, that everybody, every kid has a TikTok on their phone, you know, they don't really understand what's happening on a background there.
And if we now compare what our kids are taught in the schools, it's, you know, how to create the PowerPoint and how do you use a word, like how do you do this and that.
But nothing about these things that, you know, what kind of application you should have on your phone, what kind of application you shouldn't have, what's the background, who owns that, what kind of data they're accessing.
And there is different kind of, I could continue that conversation for over an hour now to bring it out, different kind of examples, like the cases that students and then kids are attacked and by very, very simple ways.
So what we now kind of came up with the Ministry of Education and Research is to start pushing to get cyber security into curriculum, not just the universities, but we need to start teaching these skills from high school.
When a kid goes to school by the age of seven, they need to have the knowledge because I think around 90% of kids that are seven already have a phone.
And that's not a joke.
But this is what you said. This is very sad. It is very sad.
But we cannot go there as a very technical terms and very boring presentations about just the teacher pointing what you shouldn't do and what you should do, because they usually have a different reaction for this.
But we do have to go and actually show the real cases or even providing or asking the, I don't know, social media influencers that they really do trust and they really kind of respect to come and speak in front of the schools what has happened to them or just the very, very kind of simple cases.
In Estonia this summer, there is also one of the camps that is especially meant for young ladies in cyber security called Cyber Wizard.
So together with the Information Security Authority, we are also doing a bit of a workshop there, which is going to be very cool with my lovely colleague Sigrid.
So also asking the students to record these cases and kind of present to us when something has happened or the trends that they know from their friends or so on.
So to really use them also as campaigns and I think it only works if a kid would talk to a kid and again in a very, very simple language.
And then of course the public awareness campaigns, but I don't mean that we need public awareness campaigns just the things that are targeted to the kids or elderly or just the usual, I was about to say human beings, but the citizens, but also we need public awareness campaigns for companies.
A company needs to go to the media and say we were attacked, we are not ashamed, this is why it happened, but that this is what we do now and hopefully what they do now is using our company solution.
But really these are very, very, very important and really continuing this large collaboration between the government and the state.
So exchanging the knowledge, exchanging incidents, exchanging things that we have learned, because if we are kind of stuck here and kind of trying to just hide everything that has happened, these things will continue to happen and nothing will change and we'll see the same trends happening.
Even the worst ones, because what I wanted to kind of also summarize this is that if we are not investing and if there was a question here whether Estonia, Latvia, Lithuania would be, you know, the leading states in terms of using AI, there is a chance to do it in cyber security.
There are pretty many countries across the globe that are doing a massive investment into research of AI and cyber security.
We need to be one of them, because if you are not using AI in your system, I can promise to you that the attackers are already using this long time ago and their attacks are automated, fast and very nicely targeted.
And then your data, your privacy and your money is going to be stolen and nobody wants that, especially if you are a big company leader and have to just simply start everything from the beginning later on.
So, do you end up here? So, I would also love to invite you.
So, NeverHacki is organizing also the Nordic Baltic Security Summit this September, on 11th of September, here in the same building, but we will actually own the entire big building here.
So, we're going to have four different stages. So, three side tracks and then also the main stage.
A lot of cool people coming from all across the world to talk about the cyber security.
So, please save the date.
Also, Cloudflare is our partner and there will be also Sheryl from Cloudflare, who will be on the stage and talking about also your job and how you're making sure that everything is much more secure.
So, I really invite you there, because we are not just doing this in a boring gang with a lot of different kind of panel discussions, but I can promise to you that we have some cool things planned, especially very hands-on presentations and real case studies and companies coming and then also the national representatives from different places.
And besides this, one of my favorite tracks this year is that we will also focus on the media.
So, as I said about talking openly about the cyber incidents, we also have a communication track there, where we will put you in front of a camera and you have to talk about the cyber incident that has happened.
It has happened to me once when I was at the Defense Ministry and Estonia was attacked and I had to give an interview what happened and it is a time to attribute to Article 5.
It was very scary.
So, that's why I'm especially a big fan of this, that when we can practice these things and if there is a case happening, either you are a company leader or a government representative, then you need to have the knowledge to do it.
But that was it for my side.
I would love to just thank the organizers for having me here on the stage and kind of giving you the final words.
Then I would say that we do have to continue to work together, if we are like-minded in terms of our approach to security and how we see the world continuing.
That's why events like this are also incredible, so that we can share this expertise and support each other in building a more secure, but more digital future.
So, thank you very much.
