On 24 January 2013, the Government adopted a resolution on Finland’s Cyber Security Strategy. The Strategy defines the key goals and guidelines which are used in responding to the threats against the cyber domain and which ensure its functioning.
The President of the Republic and the Cabinet Committee on Foreign and Security Policy decided at their joint session, on 8 March 2011, on launching the work on a national cyber security strategy as part of the implementation of the Security Strategy for Society. Finland’s Cyber Security Strategy was drawn up by an intersectoral working group which was led by Mikko Kosonen from the Finnish Innovation Fund Sitra. Both authorities and the business community made substantial contribution to the work of the working group.
The purpose of the Cyber Security Strategy is to build a common understanding of cyber security and strengthen comprehensive security in society. The Strategy presents the vision, approach and strategic guidelines of cyber security. By following the Cyber Security Strategy’s guidelines and the measures required, Finland can manage deliberate or inadvertent disturbances in the cyber domain as well as respond to and recover from them.
A well-functioning cyber domain provides Finland with a competitive edge and a resource. It is easier for both individuals and businesses to plan their activities in a safe cyber domain, which in turn boosts economic activity. A properly working environment also improves Finland’s appeal for international investors.
Finland’s Cyber Security Strategy starts the contingency planning and continuity management as required by comprehensive cyber security for the whole society. The functions vital to society will be secured also in the future. The principles of cyber security management and the arrangements of disturbance management as well as cyber security regulations and the implementation plan of the Cyber Security Strategy are depicted in the background dossier which is closely connected to the Strategy.
Led by the ministries, separate action plans will be drawn up during spring 2013. These will include concrete measures by the administrative branches and the key actors related to the administrative branches, which create the preconditions for implementing the guidelines of the Cyber Security Strategy and the premise of the related background dossier by 2016.