Cybersecurity in Finland has been affected by geopolitical developments connected to Russia and the invasion of Ukraine. With the Scandinavian nation in the process of entering the North Atlantic Treaty Organization (NATO), Finland has suffered cyberattacks, including a Denial-of-Service (DoS) attack that targeted the Finnish Parliament on August 9, 2022, temporarily disabling the organization's website.
To defend against future incidents in critical sectors across Finland, the government will begin distributing vouchers for cybersecurity improvements to Finnish businesses. Vouchers totaling up to 15,000 euros for small to mid-sized businesses (SMBs) and nonprofits and up to 100,000 euros for large corporations could be awarded to help organizations bolster their cyber defense programs, according to the Wall Street Journal.
Security experts have emphasized the importance of this public-private partnership in response to the elevated cybersecurity threat level targeting Finland. "Finland and the Nordic region in general has had a lot of success in driving individual as well as business behavior through government programs, and these cybersecurity vouchers are a valuable and necessary step towards improving cyber resiliency across government and businesses alike," said Rajiv Pimplaskar, CEO at Dispersive Holdings, Inc.
"Cybersecurity and cyber education across the region have been historically underfunded through years of peace, and cybersecurity is now ripe for acceleration in light of rising security threats and the increased focus from nation-state threat actors. An effective private to public sector partnership can advance technology adoption a lot faster than relying solely on general market conditions," Pimplaskar continued.
Businesses who receive the vouchers may use them to improve cybersecurity practices in a number of ways. Rather than focusing solely on cyber technologies, Shawn Surber, RVP, Solutions Architecture and Strategy at Tanium, suggests that companies should prioritize cybersecurity training. "Without sufficient training for their cybersecurity staff, companies — especially small companies — won't get the value out of improved tooling that they're expecting. Whereas improved training on cybersecurity essentials and how to use the tools that are already in place stands to provide greater long-term benefit," he said.