Advion Group organized a morning meeting and discussion session of the current situation of cyber security and its potential as a Finnish export product. We did not have a clue of how current and important is the topic of cyper security when we started planning the event!
“We have come across in our international undertakings and projects with situations where our customers first want to hear about Finnish Cyber Security know-how and offering, even though our initial agenda has consisted of totally other offering and services. This has been the case both for companies and for the state administration, so the subject is quite acute “-commented Ari Virtanen, Managing Director of Advion Group in the beginning of the event, where the speakers represented to top competence in Finland.
The speakers were Aapo Cederberg from Cyberwatch, Pertti Jalasvirta from Claned Group and Ari Knuuti from Arctic Security. CEO of Cyberwatch, Colonel (ret.) Aapo Cederberg has been involved in establishing Finland’s cyber security strategy as secretary general of the Finnish Security Committee and has worked as an expert at the Geneva Center for Security Police, a GCSP expert in Geneva.
Almost all industries are vulnerable
Cederberg lists industries where he recognizes the greatest threats to cyber-security. These include healthcare, financial services, digital industry, public administration, transport and energy. Health care and its vulnerability to cyber-attacks is a very actual topic in Finland, as the guidelines and decisions of the SOTE reform are currently in the stage of final decisions. Even in the simplest successful attack, the national health register may get into a chaos when it is invaded by anonymity and without knowing that patients’ blood type information, disease records, diagnoses or other information has been altered and tampered with. The traces of such an operation will probably never be revealed.
Cyber criminals seek to find such vulnerabilities in different systems and then strike them. Numerous large companies have already been subjected to attacks but are trying to keep a low profile. In many cases, they do not want to admit that the preparation has been completely inadequate or even worse – the attack has not even been identified.
Infrastructure can be hit from many of the weak links
Today, the interface between society and its key businesses is quite obscure. The role of the private sector is very important as a provider of national services and it is also often the most vulnerable target as well.
Transport and telecommunications networks are extremely critical and cyber-attacks in those may paralyze the infrastructure of the entire country. The collapse or taking over of the data networks of individual carriers already causes much damage, the most serious threats being the takeover and use of air and rail traffic for criminal purposes. “The vulnerabilities are not just related to cybercrime as such but also through individual key persons” says Aapo Cederberg.
Cybercrime is a growing business
Cederberg also presented a hacker’s “service price list”, which was quite breath taking, both from consumers’ and companies’ point of view. Practically anybody can subscribe in the market an attack on somebody’s Gmail, Twitter, or Facebook account with a price tag of about 150 USD. The company’s email system will be broken for a mere compensation of $ 500. Hiring a Distributed Denial of Service (DDoS) run at the daily rate in the price range of $ 30-70, the monthly rates run at $ 1200.
According to Cederberg, Finland would have a great opportunity to be one of the leading countries in the world of cybersecurity services because of the country’s reputation as a reliable partner and high level technical competence but do the companies have the needed networks remain to be seen.
New innovations for cybersecurity industry
Finland should invest more in the startup companies in cyber security segment because they often develop and product the best innovative solutions. Those companies are more likely to find their place in the international market as well.
Investment in cyber security should be considered as an investment in the corporate competitiveness, not merely in expense – yet that expense has emerge to stay as one of the business expenses in the future. At the same occasion, we also got acquainted with the innovations of two Finnish companies, whose services meet the growing international demand.
Pertti Jalasvirta from Claned Group, introduced a cyber security training program for international markets. That product can be easily tailored to the needs of both the public and business sectors.
Ari Knuuti from Arctic Security introduced a service package and a snapshot system that enables companies and governmental actors to evaluate cyber security in their current company system. The Arctic Security product gives a visibility to the companies business and industry risks and enables them to build their own abilities to eliminate the weaknesses found.