A new research on Lithuania’s cybersecurity capacity reveals that we have made significant progress in some areas of our national cybersecurity but more efforts are needed to reach overall strategic maturity.
According to the report, facilitated by the Global Cyber Security Capacity Centre(GCSCC) at the University of Oxford, Lithuania has reached a strategic stage in national capacity to design a cyber resilience strategy and lead its implementation as well as in the existence of reliable Internet services and infrastructure. Areas, where Lithuania is reportedly moving into a strategic level of maturity include national incident response, critical infrastructure protection, legal frameworks and responsible disclosure as well as formal and informal cooperation frameworks to combat cybercrime.
However, there are also areas where only some aspects of cyber security are existent or they are ad-hoc, disorganized, poorly defined or simply new, such as cyber security mind-set, user understanding of personal information protection online, reporting mechanisms, framework for education and professional training, and cybersecurity marketplace, among others.
“The CMM review in Lithuania provided us with very interesting insights into our research on the maturity of cybersecurity capacity across the world. Whereas Lithuania is at very advanced stage of maturity, the gaps that we have identified also provide evidence for important needs which are not only specific to Lithuania but which could also be observed in other countries around the globe. Lithuania has commenced the process of developing different aspects of cybersecurity capacity across all dimensions, including through the revision of their National Cybersecurity Strategy and revisiting legal frameworks and regulation. These efforts will establish the foundations for more mature capacity in the future. We hope our work will offer a comprehensive and useful understanding of the country’s capacity and that our recommendations will contribute to the on-going work to enhance cybersecurity capacity across all five dimensions of the CMM”, commented Director of the Global Cyber Security Capacity Centre.
Specialised cyber defence company NRD CS and Vilnius University hosted the researchers from the GCSCC to facilitate the review of the maturity of the cybersecurity capacity of the Republic of Lithuania, based on the centre’s Cybersecurity Capacity Maturity Model for Nations (CMM). More than 20 Lithuanian public and private institutions, including Government Chancellery, relevant ministries, law enforcement and judiciary, national data protection agency, finance sector, and private entities were invited to participate in consultations to provide input to the national review.
„NRD CS efforts are driven by our mission of securing digital environment and we bring and implement recognized global good practices to our home and to other countries where we operate. There is a number of assessments already performed on the status of cyber security in Lithuania, to name a few – ITU‘s Global Cyber security Index and National cyber security index of Estonian e-governance academy. And we are very happy that researchers from the Global Cyber Security Capacity Centre agreed to bring a recognized and reputable methodology to facilitate our national self-assessment and prepared such a comprehensive report. My hope is that Lithuania‘s cybersecurity maturity review will support the debate on how we want to see Lithuania‘s cybersecurity evolve and help to define right priorities in our national cybersecurity strategy that is currently under development“, says dr. Vilius Benetis, Director of NRD CS.
 
The CMM report provides a comprehensive picture on the current status of our maturity in five distinct dimensions: Cybersecurity Policy and Strategy, Cyber Culture and Society, Cybersecurity Education, Training and Skills, Legal and Regulatory Frameworks, and Standards, Organisations and Technologies. The objective of this review is to enable the government of Lithuania to review its cybersecurity capacity in order to prioritise strategic investment in national cybersecurity. It also emphasises the role of civil society in developing a society that is cyber ready.
 
More info here