ŠAVŠ/TAČR Digital Czechia in a Digital Europe

28

In cooperation with the private sector, the Czech Republic should not underestimate the role of domestic startups and other small and medium- sized enterprises (SMEs). It is these types of companies that often generate new solutions and innovations. The United Kingdom, which decided to invest approximately CZK 19.5 billion in the National Cyber Security Program between 2011 and 2015, decided that at least 25% of the value of all contracts awarded during this period and of this amount must be reserved for SMEs. Cyber security can often be compromised due to the acquisition of inadequate protection systems. The phenomenon of incorrect acquisitions is very often linked to the acquisition staff who are in charge of the area but are not familiar enough with cyber security to select the appropriate products. Therefore, in matters related to cyber security, the public administration should always seek internal expert opinion when procuring ICT products. In addition, it is necessary to ensure that suppliers of ICT products for public administration comply with strict security measures, as there is a (legitimate) concern that the compromise of purchased products could already take place at the supplier. The public administration should not only require a higher level of security for suppliers of ICT products, but it should also actively carry out monitoring. At the same time, the responsibility for possible failures must be clearly defined. Public administrations must also focus on retaining talented individuals in the field of cyber security. For this reason, it must be able to provide financial rewards and benefits so that jobs in the public sector are also able to attract new ICT specialists. By tying key positions for cyber security with pay tables (including the possibility for the public administration of traditional remuneration), it is not sufficient to ensure sufficiently qualified staff due to the inability of such an evaluation to compete with wages in the private sphere. If the state aims to increase the supply of ICT expertise at the national level in the long term, it must significantly strengthen 1) the level of ICT research and 2) education, especially in bachelor’s and master’s fields. One of the main points must be the coordination of investment in education, both from public and private sources, in order to prevent unnecessary duplication. At the same time, there must be a connection between university education focused on cyber security and institutions that deal with this issue at the state level in real life (e.g. cybercrime authorities or digital forensic analysis). The mere creation of a university cyber security program on campus without a deeper connection proves to be a significantly insufficient solution. Cyber security is gradually becoming an economic interest of the Czech Republic. In the event that the Czech Republic would not be able to ensure quality protection of data and information, it is highly probable that some investors will be discouraged from operations in the Czech Republic. Therefore, certain targeted cyberattacks could bear, in addition to direct costs, indirect

Made with FlippingBook Publishing Software