The Norwegian Minister of Defence Anne-Grete Strøm-Erichsen is educated as a computer engineer, and with twenty years private and public sector experience in computers and information technology in the fields of system development and management understands in depth the importance of ICT. Interviewed by Editor-in-Chief David John Smith; Minister Strøm-Erichsen looks at the importance of ICT in societal infrastructure and security.
Q: Ensuring Societal Security is an important task in any country. Can you say a few words regarding how ICT tools and technology come into Norwegian governmental efforts to coordinate with the country’s different regions to ensure the necessary level of civil protection and civil preparedness in relation to this Societal Security?
A: Today the Internet is part of our critical infrastructure and everything from important societal functions to small companies is completely dependent on Internet connections. Therefore the vulnerability in both private and public sector has increased considerably and attacks against functions which require well-functioning computer networks have the potential to strike Norway – or any country - severely. In 2006 Norway established the NorCERT (Norwegian Computer Emergency Response Team), which main tasks are to prevent serious attacks against the critical societal infrastructure and information on the ICT side, presage severe attacks, threats and vulnerabilities, and co-ordinate the response in the event of serious security attacks.
In addition, the Ministry of Defence is able to provide secure ICT systems employed by Norwegian Armed Forces. The systems can be used in crisis management for selected public organizations in handling classified information and providing services such as information exchange, storage, secured communications and command and control.
There is close co-operation between the Ministry of Defence and the Ministry of Justice in many issues related to ensuring Societal Security.
Minister Strøm-Erichsen at the official opening of Security Valley, here picture with Security Valley CEO Morten Schelderup. © Security Valley
Q: Security is not a one-time investment, but an ongoing process. This certainly concerns ICT security, where dynamic technology constantly changes the “playing field”. Can you reflect upon how the Norwegian government and the Ministry of Defence work with organizations such as Security Valley, the Norwegian Center for Information Security (NorSIS) and others in maximizing the use of innovative talents of the Norwegian ICT sector in staying on the cutting-edge of developments?
A: ICT security is an area which requires indefatigable work and the Defence Sector co-operates closely with a number of military and civilian partners. Further, the threats and the challenges we are looking into require co-operation amongst the different sectors, both civilian and public. The Ministry of Defence is working closely with the Ministry of Government Administration and Reform which is the lead department related to Information Security. However, the CIS School at Jørstadmoen co-operates with some of the institutions within Security Valley in training and education of their students and NorCERT with the NorSIS..
Q: We live in an information and media society that is becoming increasingly dependent on ICT, which can have both positive and negative ramifications. This was the background for the establishment of the 2007 – 2010 National Guidelines for Strengthening Information Security, in which the Ministry of Defence has had a key involvement. Now that we are several years into this program, are you satisfied with the results thus far?
A: There is a lot of good work in the defence sector related to improving and strengthening the Information Security. Within the Armed Forces technology, in particular ICT, is instrumental to the transformation of the Armed Forces. Secure exchange and distribution of information through networks will provide our forces with more comprehensive and updated bases for decision and enable rapid and synchronised action, with the appropriate means to respond to all types of situations. In that context focusing on Information Security is a prioritized area.