The growing dependence on technology and cyber space has made cyber security an integral part of the 21st-century security system. Estonia is at the forefront in the field of cyber security, which is confirmed by the NATO Cooperative Cyber Defence Centre of Excellence, opened in Tallinn in 2008, where specialists from 28 allied countries are represented. Additionally, Estonia is home to NATO's Cyber Range, used for conducting some of the world's largest international cyber exercises.
The Ministry of Defence collaborates closely with the Estonian Defence Industry Association, which has established smaller working groups for developing technologies related to defence, such as communications, cyber security, artificial intelligence, and more. Furthermore, the Ministry organises annual competitions for defence industry development projects, where companies developing cyber security solutions can also participate.
Since 2019, the Ministry of Defence, together with Startup Estonia, has supported the CyberNorth cyber accelerator, aimed at creating and developing new cyber security-oriented companies in Estonia, whose products could potentially be used in the defence sector. Each year, up to 10 of the best ideas are selected, and the developers register their companies in Estonia to bring their ideas to life. In addition to financial support, the Ministry offers idea validation, mentoring, networking, and guidance on the specifics of the defence sector. Estonia actively participates in the European Defence Industrial Development Programme (EDIDP) and supports the participation of Estonian companies in international consortia and project calls.
Key sectoral activities
NATO
The need to develop capabilities to defend against cyberattacks was confirmed at the NATO summit in Prague in 2002. Since Estonia joined the alliance in 2004, we have been active in shaping NATO’s cyber security policy, and since 2008, the NATO Cooperative Cyber Defence Centre of Excellence (NATO CCDCOE) has been located in Tallinn.
In 2014, NATO confirmed that a cyberattack could trigger the activation of Article 5 of the North Atlantic Treaty, the collective defence clause, and in 2016, NATO recognised cyberspace as a separate military domain alongside land, air, and maritime domains. Estonia hosts NATO's largest cyber defence exercise, Cyber Coalition, every year and houses the NATO Cyber Range. In 2018, Estonia confirmed its readiness to offer its cyber capabilities for NATO’s use, if necessary, during the NATO Defence Ministers' meeting.
In 2024, the NATO DIANA defence accelerator regional hub was opened in Tallinn for allies to join their strengths in developing and adopting new and breakthrough technologies in the area of security and defence.
Bilateral Cooperation
Estonia's reputation as a successful digital country extends to the defence sector, and there is significant interest in cooperation. The main cooperation partners have been the United States, the United Kingdom, France, and Germany, with closer collaboration also taking place with Georgia and Ukraine.
As in general defence cooperation, the United States remains Estonia’s key foreign partner in cyber security, with cooperation taking place in several formats, including high-level meetings, working groups, and exercises. Key cyber security partners include the U.S. European Command, Cyber Command, and the Estonian partner state, the Maryland National Guard.
British units are stationed in Estonia as part of NATO's enhanced forward presence (eFP), and in addition to other cooperation, we exchange information on cyber security matters.
The management of the information and communication technology needed for defence operations – the Cyber Command is responsible for ensuring the functioning and development of the Ministry of Defence’s information systems, frequency management, cryptography management, and other activities to support daily national defence operations.
Defending the defence sector from cyberattacks – the Cyber Command ensures the protection of the Ministry of Defence’s information systems and the data processed within them from cyberspace-based threats and attacks.
On August 1, 2018, the Cyber Command (CyberCmd) was established, directly subordinated to the Commander of the Defence Forces.
Its main tasks include organizing:
- Command support and cyber security within the Ministry of Defence;
- Information and cyber operations;
- Development and functioning of the Ministry of Defence’s information and communication technologies.
The Cyber Command includes a staff and communications battalion, an information and communication technology center, a cyber and information operations center, a strategic communications center, and a staff and rear company.
Cyber conscription
To go through cyber conscription, an individual must first notify the Defence Resources Agency of their preference. Upon joining the Cyber Command for compulsory military service, an ICT-based test must be passed, the result of which determines the individual's specialisation.
The first ten weeks of the 11-month conscription consists of a basic infantry course. This is followed by an 11-week basic course in cyber skills and an 18-week cyber internship.
During military service, conscripts have the opportunity to familiarise themselves with various communication and information systems and apply the acquired skills in later practice and professional life (e.g., software and hardware development, information operations, etc.).
The Cyber Defence Unit of the Defence League (KKÜ) was established in 2011 with the goal of increasing and supporting the organisation’s cyber security.
The unit’s objective is to bring together voluntary specialists to apply their initiatives and expertise in information technology fields to ensure the e-lifestyle and security of Estonian citizens.
Open Cyber Range (OCR) is a platform developed through cooperation between the Ministry of Defence, the foundation CR14, TalTech, and the Norwegian University of Science and Technology (NTNU) for conducting exercises, building digital twins, and developing and testing products and technologies, regardless of the field of activity. The project is funded by Innovation Norway under the Green ICT program
OCR on Kaitseministeeriumi, sihtasutus CR14, TalTech’i ja Norra Teadus ja Tehnoloogia Ülikooli (NTNU) koostöös loodud platvorm õppuste läbiviimiseks, digikaksikute ehitamiseks ning toodete-tehnoloogiate arendamiseks ja testimiseks, olenemata tegevusvaldkonnast. Projekt on rahastatud Innovation Norway poolt programmi Green ICT raames.
What does the Open Cyber Range (OCR) offer?
OCR simplifies and reduces the cost of creating cyber exercises. Exercises can be organized or ordered in the traditional manner by defining needs and objectives in cooperation with the staff of the CR14 foundation and conducted using the hardware of the OCR. Starting in June 2024, the OCR platform will be fully operational, allowing clients to design the entire exercise themselves using a user interface and scenario definition language (SDL).
What issues does OCR address?
OCR provides a cost-effective platform for cyber training and the development of new technologies based on the experiences in the defence and security sector. The Cyber security Act (KüTS) mandates certain companies, including critical service providers (ETOs), to develop their readiness to respond to cyber incidents and ensure service continuity during a cyber incident. Employee training is a key part of this.
Many small businesses under the KüTS regulation do not have an IT manager or even a security officer, which results in low readiness and potentially disrupts essential or critical services during cyber incidents. In spring 2024, CR14 successfully applied for cyber security funding from the Ministry of Economic Affairs and Communications to create a collective training platform for the IT specialists of small and medium-sized enterprises.
From the perspective of the private sector, another concern is the readiness of new startups. Estonia is known for its strong startup network and support ecosystem, which fosters the creation of many startups, many of which operate in IT or use IT solutions. OCR provides startups the opportunity to validate their technologies and, if necessary, use the capabilities of the cyber exercise range.
What is the future of OCR?
OCR is open-source and hosted on GitHub, meaning its use does not require a paid license and is accessible to anyone online with documentation and usage instructions available. Furthermore, the OCR solution is designed to be compatible with other popular open-source software, so missing functionalities can be added through other software solutions when needed.
Additional information:
- Documentation
- Source code
- OCR in the context of CR14
- CR14 Foundation
- For more information: [email protected]
The NATO Cooperative Cyber Defence Centre of Excellence – NATO CCDCOE is an international center of expertise, think tank, and training facility located in Tallinn, which currently brings together 38 member states.
While not a part of NATO's official structure, the centre is accredited by NATO. Established in 2008, it has grown into a significant source of knowledge in the field of cyber defence for both NATO and its member states.
As an independent international organisation, the centre focuses on applied research, analysis, information sharing, as well as training and exercises in the field of cyber defence.
Main Activities
The CCDCOE’s most notable products include some of the world’s largest and most challenging annual cyber defence exercises, such as Locked Shields, and the CyCon conference held every spring, which focuses on conflicts in cyberspace.
In addition, the centre publishes cutting-edge scientific articles alongside the conference and oversees the development of the Tallinn Manual (and its successor Tallinn Manual 2.0), which addresses various interpretations of the application of international law in cyberspace.
Last updated: 08.04.2026
