By Rovena Berga-Minkeviča
On 12–13 October 2025, parliamentarians from across the Baltic Sea region convened in Tallinn, Estonia, for the inaugural meeting of the Baltic Sea Parliamentary Conference (BSPC) Working Group on Strengthening Cyber and Information Resilience to Promote Democracy (WG SCIRPD). Delegates from the Åland Islands, the Baltic Assembly, Denmark, Estonia, Finland, Germany, Hamburg, Mecklenburg-Vorpommern, Schleswig-Holstein, Latvia, Lithuania, Norway, Poland and Sweden joined officials and experts to discuss strategies for enhancing cybersecurity, protecting critical information infrastructure and promoting democratic resilience across the Baltic Sea region.
Chair of the WG SCIRPD, Mr Meelis Kiili, opened the meeting by emphasising that digitalisation uses data and technology to boost efficiency and create new value. As artificial intelligence reshapes economies and governance, up to 20% of jobs may be affected. At the same time, non-democratic states exploit digitalisation for strategic gain, threatening democratic stability and resilience. He underlined that this poses a direct and growing challenge to democratic governance, economic autonomy, cognitive resilience and societal stability.
On the Frontlines of Cyber Resilience
Participants of the WG SCIRPD engaged in a series of high-level site visits, gaining first-hand insights into Estonia’s leading institutions in cybersecurity and digital resilience.
- NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE): Established in 2008, the CCDCOE is a NATO-accredited institution dedicated to advancing cyber defence capabilities and international cooperation. As of January 2018, CCDCOE is responsible for identifying and coordinating education and training solutions in cyber defence for all NATO bodies across the Alliance. By 2025, the CCDCOE has grown and expanded, bringing together 39 member nations, both NATO Allies and like-minded partners.
Director of the CCDCOE, Mr Tõnis Saar, introduced participants to the Centre’s work in research, training and exercises, including the renowned Locked Shields live-fire exercise - the largest and most complex international cyber defence drill in the world. The visit highlighted the Centre’s role in fostering interoperability, testing defensive strategies, and promoting collaboration among NATO partners and allies.
- Tallinn University of Technology (TalTech): Founded in 1918, TalTech is the only university of technology and is currently the most innovative university in Estonia. About 10,300 students study at TalTech, of which 1350 are international degree students coming from nearly 100 different countries. TalTech Centre for Digital Forensics and Cyber Security works towards enhancing the competence and ability of the Estonian computer security field through education, research and development.
Head of the Centre, Mr Rain Ottis, presented it as Estonia’s leading academic and research institution in cybersecurity. Participants learned about its wide-ranging research in network security, digital forensics, cyber operations, cryptography, including post-quantum and blockchain technologies, maritime cybersecurity, legal aspects and human factors. The visit underscored the importance of combining academic research, innovation and practical training to enhance national and regional cyber resilience.
Expert Perspectives on Cyber and Information Resilience
Manager of the Cyber Security Masters Programme at the Tallinn University of Technology, Dr Adrian Venables, informed about the programme, which equips students with the expertise to protect information systems. Courses in human factors, law, threat intelligence, space cybersecurity and the Internet of Things provide specialist knowledge, opening opportunities across various industries. Students also have the possibility to learn directly from top cybersecurity experts, alongside industry professionals. The programme is taught in English and is tuition-free for EU citizens. Each year, approximately 50-60 students are admitted, with about half coming from Estonia and the remainder from other EU member states.
Head of International Cyber Security Cooperation at the Estonian Ministry of Justice and Digital Affairs, Mr Kaido Tee, and Cyber Security Legal Adviser at the Estonian Ministry of Justice and Digital Affairs, Mr Guido Pääsuke, provided information about the management of national cybersecurity in Estonia. For example, Estonia is currently implementing its fourth Cybersecurity Strategy, developed in response to the growing complexity and frequency of cyber threats. The strategy builds on lessons learned from numerous cyberattacks, including the large-scale attacks of 2007, and reflects the continued commitment of Estonia to strengthening national resilience, protecting critical infrastructure and enhancing international cooperation in the digital sphere. It was concluded that the overall goal of cybersecurity is to keep digital data and systems protected by confidentiality, availability and integrity.
Afterwards, Head of International Relations of the Information System Authority (RIA), Ms Carolina Leis, informed about the role of RIA in strengthening cyber and information resilience. It is the central government agency responsible for cybersecurity, information security and the management of state information systems. It operates under the Ministry of Economic Affairs and Communications and plays a key role in ensuring the security, availability and reliability of the digital infrastructure. She also emphasised that the number of cyber incidents is on a rising trend, the largest part consisting of fraud, such as scam pages and phishing attempts, used by both cybercriminals and state-sponsored threat actors.
Lastly, Commander of the Estonian Defence League Cyber Defence Unit, Col Andres Hairk, informed that the Cyber Defence Unit is a specialised volunteer unit within the Estonian Defence League that protects information infrastructure, supports crisis management and enhances national cyber defence capabilities. It leverages the expertise of IT professionals from the private sector to bolster national cyber resilience and provides an opportunity for volunteers who are not physically present in Estonia to contribute to the defence of the state. The presentation emphasised that the basics of national defence are the need for each citizen to play his or her part in defending the nation.
Looking Ahead
During the meeting, WG SCIRPD members discussed the chairmanship, approved the work programme and set the agenda for future meetings, establishing a strong foundation for their work over the next two years. It was agreed that the next session will be hosted in Poland and that the group will operate with a permanent and rotating co-chair to ensure continuity and shared leadership.
The participants also drew key conclusions regarding regional cybersecurity and information resilience. Members underscored the essential role of every citizen in contributing to national resilience and highlighted the urgent need to prepare for emerging challenges, including quantum technologies and the increasing frequency of cyberattacks. They emphasised the importance of reviewing and assessing existing cybersecurity regulations, noting that in cyberspace, geography is irrelevant, as threats can emerge from anywhere. It was also agreed that a coordinated, proactive approach to cybersecurity is critical. Early planning enables effective reaction, which in turn builds public confidence and strengthens societal security, resilience and cohesion, promoting democracy.
Photos
© Erik Peinar (Riigikogu) and Secretariat of the Baltic Assembly
