12 Sep Cyber security – who protects, what and against whom?
Although cyber security is not a new concept, discussed both publicly and in everyday life, its meaning has changed over time. Nowadays, the concept of cyber security covers an increasingly wide range of areas and is becoming more and more important, at a national and personal level. This is due to the rapid and all-encompassing development of new technologies, which are bringing many areas of life, including personal life, into the cyberspace.
At first, it was the basic use of email for communication, but eventually it has expanded to much more important areas, such as managing finances in an online bank. Some countries are going even further into the cyber sphere and trying to apply it to even wider range of areas, like the Estonian model of e-democracy which gave the citizens a possibility to take part in universal suffrage without leaving home.
While the development of the sector itself undoubtedly offers many advantages in terms of facilitating certain activities or saving time, there are also inevitable risks that come with the virtual space. The expansion of public services in the virtual space and the steady growth of the new technology sector in general are also attracting entities who are trying to exploit this for illegal activities. Cyber-attacks, data theft and hacking into platform accounts have become almost daily occurrences in cyberspace. This is not only a problem for public authorities, companies and corporations, but also for private individuals who, if they do not take the right steps, risk losing personal information, data and even financial resources when using virtual space.
When a country has relevant regulations and institutions with a monopoly of power, such as the police to enforce public order, it would seem that the organisation of cyberspace should also be handled by an appropriate entity. Indeed, in some places there is such a “policeman” – the internal rules of major social networks such as Facebook, Instagram, Twitter/X or TikTok partially address this issue, whereby certain suspicious/disinforming/deceptive accounts are either identified by the platform itself, or are reported by other users. However, there are still some differences between the major platforms, which include varied treatment of issues related to user data protection and collection, censorship, and so on. Cybersecurity is therefore often a matter of self-interest for each tech giant, which is why there is such a subjective interpretation of one or other element of cybersecurity.
However, it is worth pointing out that the digital realm entails much more complicated media sphere than the public space in real life, mainly because it operates across national borders, and hence, there is no centralised entity to act as a cybersecurity police. Cyber hacking or other illegal activities can be carried out from virtually anywhere in the world, targeting, for example, governmental entities. What complicates this matter further is that cybercrime can be carried out with the support and resources of the relevant hostile state authorities, so that even if the perpetrator is identified, there is no way of actually punishing him. Another aspect is that the screen of a smart device is often seen as a shield that allows the user to hide themselves and remain anonymous, so the limits of freedom of action may go beyond the permissible rules, and the actions taken in the cyberspace are those that a person would have not normally take in real life.
In Lithuania, a role of the public space policemen is performed, though partially, by institutions such as the National Cyber Security Centre or the Department of State Security, which work to ensure that state-protected information and citizens’ data are safe, and that public services on the internet are provided smoothly. However, the resources of the above-mentioned entities are far from being sufficient to fully regulate the cyberspace sector and to provide a guarantee of security for each individual. Thus, a kind of obligation arises for each user to take the appropriate measures by themselves – to feel less vulnerable in the virtual space. As an example, while platforms often require you to create a password that meets certain requirements and is harder to crack, there are a number of platforms that do not, so the strength of the password and the security of the account in question is a personal matter for each individual. Other aspects, such as the ability to select correct and reliable information, regularly updating account passwords, using a reliable antivirus system, or avoiding suspicious websites from countries hostile to Lithuania, such as Russia and Belarus, are also elements of cybersecurity that are unfortunately forgotten by many people.
At the national level, the focus should be on building resilience to cyber threats, for example through preventive measures, training, public education and other similar approaches. Not only is the cyberspace itself multifaceted and constantly evolving, but its regulation is a crucial matter for virtually every state. It can be agreed that, while at the European Union level, countries can share information and cooperate in adopting appropriate regulations or directives to manage and prevent the risks of cyberattacks, it is the national regulations that play a key role in demonstrating the importance of the cybersecurity sector. However, there is another thing to bear in mind, which is that in virtual space there must be appropriate action taken to prevent external risks and to create a sense of security, which is also the responsibility of each individual.
In conclusion, as our reliance on digital technologies continues to grow, it becomes increasingly imperative to address the multifaceted challenges of cybersecurity. To mitigate risks and safeguard both national interests and individual data, we must take proactive measures. Firstly, let’s prioritize continuous education and awareness campaigns at all levels, empowering individuals to make informed decisions and adopt best practices for online security. Secondly, let’s advocate for strengthened international cooperation and collaboration, fostering partnerships between governments, tech companies, and cybersecurity experts to develop comprehensive regulatory frameworks that can effectively address the dynamic nature of cyber threats. Lastly, let’s invest in robust infrastructure and resources for national cybersecurity agencies, equipping them with the tools and capabilities needed to detect, respond to, and mitigate cyber attacks effectively. By working together and implementing these recommendations, we can build a safer and more resilient digital environment for everyone.