Kurkime modernią Lietuvos ateitį kartu

Registruotis
Grįžti

Nacionalinis kibernetinio saugumo centras

Cyber security: How can the nation help ensure the management of third parties (contractors)?

7 September 2023 - 1 March 2024

Problem

The National Cyber Security Center (NCSC) reported and observed data showing that in 2021, the number of cyber incidents in Lithuania remained similar to 2020. However, there was an increase in larger and more complex incidents, which have a more significant negative impact. This trend is of serious concern because the consequences of such incidents can have long-term effects on both public and private sector entities. 

According to the presented data, cyber incidents involving third parties are a major problem globally and can significantly impact businesses financially. In 2021, 39% of major organizations worldwide reported being impacted by a third-party cyber incident in the past two years¹. Research by “Kaspersky” revealed that third-party incidents were the costliest corporate data breaches in 2021, with an average financial impact of $1.4 million USD per event, marking it as the most expensive incident type to date². Furthermore, a report from “CRA Business Intelligence” indicates that 66% of organizations have seen an uptick in third-party security incidents in the past 12 months³. 

Managing third parties represents one of the most intricate areas within the realm of cyber security. While the NCSC is the primary institution overseeing cyber security in Lithuania, its activities are mainly centered around ensuring the security of state and municipal institutions. Conversely, the security of third parties like contractors and suppliers is not as robust due to the absence of regulatory measures and standards that could be applied in this sector. 

Currently, Lithuania lacks clear regulatory structures and procedures that would facilitate the effective management of third-party cyber security. This means that despite having strong cyber security measures in state institutions, the private sector, along with its third-party partners, remains exposed to potential security breaches and threats. These risks cannot be adequately addressed without established regulatory and cooperative mechanisms. 

Goal

A collaboration between the public and private sectors is crucial for the effective governance of third parties in cyber security. However, for this partnership to be successful, there’s a need to put forth clear operational principles and regulatory guidelines. These measures will ensure that third parties comply with the necessary security standards and procedures. Implementing such standards will not only diminish cyber threats but also bolster the overall cyber security maturity in Lithuania. 

Project progress

2023/10/31

Analysis of documents

2023/11/15

Interview with various stakeholders

2023/11/30

Current situation analysis

2023/12/22

Good foreign practices analysis

2024/01/19

Preliminary proposals for solutions

2024/02/08

null

Result

Participants

2023/24
Aurelija Požytė Grinė
Aurelija Požytė Grinė
2023/24
Paulius Bagdonas
Paulius Bagdonas

Related projects

5 March 2024 - 6 September 2024

Fostering green innovation export through the instruments of development cooperation

Ministry of Foreign Affairs

The aim of the project is to form a model of green innovation development into the markets of partner countries through development cooperation measures.This model will be based on the unique Lithuanian financial mechanisms to support business in terms of climate, will contribute to the implementation of economic diplomacy goals, will promote the export of green products and will have an impact on the implementation of sustainable development goals.  

Participants: Aušra Raulušonytė

5 March 2024 - 6 September 2024

Analysis and development of the Lithuanian cryptocurrency market

Invest

The aim of the project is to analyse the crypto asset markets of Lithuania and foreign capital to formulate a value proposition for Lithuania’s crypto assets for the strongest foreign capital companies. The project seeks to attract the most reliable and significant players in the global crypto asset market by initiating and encouraging dialogue with foreign capital companies. 

Participants: Viktorija Orlovaitė

5 March 2024 - 6 September 2024

Incentivising reuse of electronics in the Lithuanian public sector

Ministry of Economy and Innovation of the Republic of Lithuania

The aim of the project is to promote the reuse of electronics in the public sector by identifying and expanding opportunities for prioritising the reuse of electronics in the acquisition, use and disposal of assets. 

Participants: Rūta Kukulskytė

5 March 2024 - 6 September 2024

The algorithm of knowledge: application of artificial intelligence in Lithuanian journalism

Ministry of Culture of the Republic of Lithuania

The aim of the project is to conduct a study on the practice of using AI tools in Lithuanian journalism: Reveal the scope and variety of AI use in journalism,  Understand the fears, stigmas, and challenges surrounding the use of AI,  Promote ethical, safe, and transparent use of AI tools in journalism. 

Participants: Agnė Mikštienė

5 March 2024 - 6 September 2024

Learning from the relocation experiences of highly skilled migrants in Lithuania

Work in Lithuania

The aim of the project is to reveal the main factors, expectations and personal relocation experiences of high-skilled foreign nationals living in Lithuania.

Participants: Barbora Sharrock

5 March 2024 - 6 September 2024

Bridging the labour market skills gap: education solutions for the unemployed

Ministry of Social Security and Labour of the Republic of Lithuania

The aim of the project is to encourage greater employer participation in education for the unemployed

Participants: Agnė Pakšytė, Gintarė Petrauskaitė