The legislation which allowed the Lithhuanian cabinet to establish the NKSC was passed last year, formally establishing the centre, but the new entity began its operations in July this year. The NKSC was set up through a transformation of the Lithuanian Defence Ministry's Communications and Informations Systems Service.
The latest move comes amid increased fears by the Baltic States about potential Russia-backed attacks on their critical infrastructure, similar to those experienced by Ukraine following the military intervention that began in 2014.
“The changing security situation highlights the importance of cyber-defence. The practice shows that the number of cyber-attacks on our country is growing,” defence minister Juozas Olekas said at the official ceremony last July.
In the first half of 2016, Lithuanian authorities detected more than 12,000 cyber-incidents, up 13 percent compared with the same period a year earlier, according to figures from the country's Communications Regulatory Authority (CRA).
“The main goal of the NCSC is to consolidate the efforts of public institutions, spread the ideas of cyber-awareness and provide help in dealing with cyber-incidents on government networks. The [establishment of the] NCSC was enabled by the recently-adopted Cyber Security Law,” Rimtautas Cerniauskas, the head of the NSCS, told SCMagazineUK.com. “The NCSC [will] cooperate not only with its counterparts in other Eastern European EU member states, but also with NATO bodies, for example the NATO Computer Incident Response Capability, and international organisations, for example the Forum of Incident Response and Security Teams.”
Meanwhile, Lithuanian efforts are the latest in a string of decisions by Eastern European governments to bolster their cyber-security operations through the establishment of new institutions and adoption of comprehensive strategies.
In Bulgaria, the cabinet recently adopted a new strategy to bolster its cyber-security efforts and plans to establish a Cyber-resilience Council as a permanent advisory body under the authority of the country's Council of Ministers. The proposal was included in the strategic document, entitled National Cyber Security Strategy Cyber Resilient Bulgaria 2020.
Albena Spasova, the president of the management board of the International Cyber Investigation Training Academy in Sofia, told SCMagazineUK.com that while it was positive that “the Bulgarian institutions managed to achieve consensus and finally develop a cyber-security strategy”, the document itself was not “a shield against cyber-criminals or cyber-terrorists”.
“Although 58.5 percent of the Bulgarian population has an Internet connection, neither the society, nor businesses or law enforcement or the judiciary are ready to face the cyber-crime boom,” Spasova said. “We consider that, besides an efficient regulatory framework, we also need to consider proactive measures for sharing information … know-how and modus operandi among law enforcement, business, government, NGOs in order to react fast.”
Four out of ten businesses in Bulgaria do not have a cyber-incident response plan, and 21 percent of the businesses do not know whether they have such a plan, raising doubts over their understanding of the risks related to cyber-security, according to data from the Sofia-based academy.
According to Spasova, the academy is currently developing “an early warning system for cyber-crime prevention. "Our first step was to conduct a needs assessment among government and business institutions and ask them about the issues they encounter in dealing with cyber-security on a daily basis.”