But as the country prepares to implement technologies from 5G to big data to meet its digital transformation goals, challenges persist – with cybersecurity chief among them.
Experts estimate that Iceland loses nearly USD 72 million (ISK 10 billion) to cybercrime each year – equivalent to roughly 0.3 per cent of the north Atlantic island nation’s gross domestic product.
Tackling cybersecurity head on
Bringing together the wide range of institutions and experts that regulate, implement, and maintain cybersecurity systems can be a daunting task.
Nevertheless, Iceland’s Cyber Security Council convened relevant ministries and authorities to complete this year’s Global Cybersecurity Index (GCI) questionnaire, devised by the International Telecommunication Union (ITU), to take stock of national cybersecurity commitments.
The GCI measures each country’s level of development and engagement in terms of five dimensions of cybersecurity: legal measures, technical measures, organizational measures, capacity development, and cooperation. The result is aggregated into an overall score and ranked among others worldwide.
In fast-moving fields like cybersecurity important steps related to documentation, coordination, and deliberation are easily neglected. To address this challenge, the Cyber Security Council used the GCI framework to review and revise national cybersecurity priorities, considering the framework in the context of Iceland’s priorities.
At the 2020 ITU Global CyberDrill online events, a series of sessions promoting hands-on exercises for national Computer Incident Response Teams (CIRTs), discussions on current cybersecurity issues and information sharing sessions, Iceland’s Cyber Security Council worked with practitioners from across the island to document the island’s readiness to withstand cyberattacks. Identifying best practices from around the world, the local experts discussed ways to improve their own ecosystem.
Efforts like this helped Iceland boost its GCI performance from 87th to 77th in the global rankings between 2017 and 2018 – and the results of this continued commitment will be revealed in the forthcoming 2020 edition of the Global Cybersecurity Index.
Room to improve
Iceland’s mapping of its cybersecurity progress demonstrates the GCI’s versatility. While such tools are mainly promoted to build capacity in developing countries, similar kinds of engagement can also benefit the most developed.
Iceland still has some way to go in fostering cooperation, such as through public-private and inter-agency partnerships.
Technical measures, such as its frameworks for implementing cybersecurity standards, are similarly ripe for improvement. These actions would complement the country’s existing Computer Emergency Response Team (CERT-IS) and the Icelandic National Cybersecurity Strategy.