David Olgart, Director of Cybercampus Sweden, emphasised that we all need to invest in cyber hygiene because even though there are already millions of cyber security experts, there are still many security vulnerabilities – the weakest link is always the person behind the computer. According to him, international cooperation is needed to make cyber education more agile and to engage in raising awareness.
Lauri Tankler, Head of R&D Coordination at the Estonian Information System Authority, told the audience that the number of cyber attacks is on the rise. In 2023, there has been a particularly high number of distributed denial-of-service (DDoS) attacks in Estonia, many of them targeting medical institutions. Millions of dollars have been lost to cyber crooks around the world due to ransomware attacks. Tankler emphasised that everyone should regularly update the software on their devices, patch security vulnerabilities and invest in the security of business correspondence.
Mihkel Tikk, Deputy Commander at Estonian Defence Forces Cyber Command, pointed out that if young people are interested in cyber security, they should definitely be advised to join military service, where they can focus on this field. Cyber service in Estonia started in 2012. According to Tikk, the Cyber Command is the perfect place for young people to start their career in cybersecurity: “Young people start with some existing knowledge that will be developed, and by the end of their service they are specialists in certain fields.” Typically, only a few girls a year apply to join the Cyber Command, and this number could increase. “The first two months, when people learn the usual skills of soldiers, are not too hard and provide experience and knowledge that will definitely come in handy later in life,” Tikk added.
Peer Heldgaard Kristensen, Director of Security Tech Space, said that cybersecurity should move away from silos and join forces. A Nordic-Baltic Think Tank project has been launched in Aarhus for this purpose and its aim is to cooperate with large companies and municipalities, to share cyber skills and find new talent, and to make working in cybersecurity more attractive. He found that there has been a huge shortage of women in the field so far, and since women make up half of the population, this is the reason we are so short of cyber experts. Heldgaard said that women don’t have proper role models in cybersecurity, and it also seems a bit of a niche field, with a lack of understanding of what cybersecurity really means.
The presentations were followed by a discussion session on hacking games. The attendees discussed how to make cybersecurity more attractive to young people as well as the efficient methods of teaching cybersecurity. Pilleriin Sillakivi and Kriset Lisette Margareth Laiuste, students from Tamme Gymnasium, said that cyber hygiene should be taught from an early age – as soon as children start using the internet. They admitted that they themselves became interested in cybersecurity only in secondary school because they are interested in solving problems and their teacher directed them to participate in various competitions, such as Küberpuuring, etc.
Ruta Pirta-Dreimane, Senior Researcher at Riga University of Technology, belongs to a consortium that is trying to find ways to make cyber education more interesting, to make sure it is in line with the needs of the labour market, and to show that cybersecurity is not only about technical skills, but a mix of technical and soft skills, in addition to behavioural aspects.
According to Catlyn Kirna, CGI Estonia’s cyber security expert, children love problem-solving and discovery. She believes that a variety of exciting and engaging games can contribute to cybersecurity education. Typically, cyber learning games are project-based – you get the money, you create the game and that’s the end of it. Another problem is that discovery-based games are very expensive, while cheaper text-based games are linear and not as engaging for children. The more options a game offers, the more expensive it becomes to produce, and companies are just not interested in financing them.
Bodil Ellen Grødem, an IT teacher from Norway, also agreed that funding is a major problem and that governments should allocate more funding to this area. She also found that cybersecurity should not be a hobby that students do in their spare time, but should be part of the curriculum.
You can view the Cybercation – Nordic-Baltic Educators’ Forum 2023 here: https://www.youtube.com/watch?v=p4hn9VOO0X4.
Cybercation was a side event of the Telia Cyber Battle of Nordic-Baltic 2023, organised by the Estonian Office of the Nordic Council of Ministers and CTF Tech.
See a small photo gallery of the Cybercation forumhere. Photographer: Jana Laigo, Barefoot Studios.