Benchmarking Estonia's Cyber Security: An On-Ramping Methodology for Rapid Adoption and Implementation
USMA Research Unit Affiliation
Army Cyber Institute
In April of 2007, Estonia fell victim to a series of distributed denial of service (DDoS) attacks that crippled its government websites, email servers, media outlets, and banking system for nearly a month. Due to the devastating effects of these cyber attacks, Estonia took great efforts to strengthen its cyber security protocols. This research analyzes the reforms that Estonia has implemented in its domestic and foreign policies and attempts to determine if any of it systemic improvements can help to also bolster cyber security in the United States (US). The findings from this research are that Estonia’s policy reforms in cyber security have been the most significant in areas that the US currently lacks. Domestically, Estonia has a cyber education program that significantly highlights awareness of the risks to its critical cyber infrastructure. Estonia has also promoted public and private partnerships to jointly analyze, assess, and defend itself against future cyber attacks.. In foreign affairs, Estonia has bolstered its relationship with allied nations in new ways and has synchronized its foreign policies to improve stakeholder engagement on cyber defense. The critical changes that Estonia has adopted and implemented throughout the past decade are what this research endeavors to recommend for the US to consider into its defense of the cyber domain. Furthermore, this research proposes an on-ramping methodology that helps to frame how an organization can more easiliy integrate new processes, practices, and procedures that have worked well for others.