Finnish authorities developing interagency interoperability in national cyber exercise
Finnish authorities will be honing their interoperability skills for the eventuality of extensive cyber disruptions in this year’s national cyber exercise, KYHA16, 16- 19 May. The exercise is organised by the Finnish Ministry of Finance with the support of the Finnish Defence Forces C5 Agency.
This is the fourth exercise of its kind and the aim of this year's exercise is to develop interoperability between different sectors of government, to improve the situational picture, the analytical work done across different government sectors and decision-making during serious cyber disturbances.
"Different government sectors have developed their own ways of dealing with things, but preparing for cyber threats and common IT solutions are what tie them together. That is why it is particularly important to rehearse coordinated action. The exercise is an important occasion for the Defence Forces' C5 Agency to train with other security authorities. "When we know each other better, operations run smoother too," explains the director of the C5 Agency, Colonel Mikko Soikkeli, who is also the director of this national exercise.
Exercise to be led by Ministry of Finance from now on
Previously the Defence Forces' C5 Agency has been responsible for organising the national cyber exercise. The responsibility has now been given to the Ministry of Finance but planning and organising have been done in tight cooperation between the ministry and the Defence Forces. The exercise is being run as part of the Ministry of Finance's development project "SecICT", a project led by Senior Adviser Kirsi Janhunen.
The Ministry of Finance's IT and cyber security's most important tasks are to steer IT and cyber security in the public sector, ICT precautionary measures and the central government's common ICT services and infrastructure. The SecIT project, which ends in June, develops interagency cooperation, the detection and management of IT and cyber aberrations and is a way of rehearsing with other security actors.
"One of the things we've learnt from previous exercises is that start preparations in time. An exercise requires great attention to detail, and some aspects need to be planned all over again every year depending on the exercise," is Colonel Soikkeli's advice to the ministry. Senior Adviser Janhunen from the ministry agrees - and praises both the Defence Forces and the IT Institute in Jyväskylä for how they have organised and implemented the exercise.
Keeping in mind the upcoming exercise, the Ministry of Finance will keep an eye not only on the central government but also on the rest of the public sector. An exercise with the private sector is also under consideration. "Last year we were especially happy with the way we were able to develop our situational picture as a result of the exercise." The environment we operate in is made up of networks and although this year we're putting special emphasis on cooperation between authorities, what we're always aiming for is the bigger picture," Janhunen explains.
Gaming corresponds to real situations
The exercise will take place in a cyber security research and training environment called Realistic Global Cyber Environment (RGCE) developed by Jyväskylä's University of Applied Science's JYVSECTEC. The environment mimics the Internet's structures and functions along with its services, telecommunications service providers and geographic locations, i.e. the environment simulates real services, users and internet traffic. The RGCE is a closed entity so rehearsing with it is risk-free; it poses no danger to real data communication networks or services.
The IT services used by the authorities and partners in the exercise have been modelled and are part of the technical platform. Cyber disruptions are created using games that are both technology-based and non-technology-based. A technology-based game in a simulated environment means technical aspects that the blue side can detect. A non-technical "move" can, for instance, be a phone call from a made-up event.
Media representatives welcome to the information event on 18 May
Media representatives are welcome to the exercise's information event on 18 May 10.00-11.30. The event will take place at JAMK Dynamo, meeting rrom Waneri, at the following address: Piippukatu 2, Jyväskylä.
The director of the Defence Force's C5 Agency, Colonel Mikko Soikkeli, will present the exercise and answer questions from the audience. Senior Adviser Kirsi Janhunen from the Ministry of Finance and the director of Jyväskylä University of Applied Science's IT Institute, Jarmo Siltanen, will also be present at the info event.
Media representatives will be given the opportunity to visit Jyväskylä University of Applied Sciences' JYVSECTEC which will be used as the operations centre of the exercise.
For more information on the 18 May event: C5 Agency Public Information Officer Maija Kauppinen tel. +358 (0)299 560261, [email protected]