Given the global nature of cyber threats, assurance of a cyber security policy is very important not only at the local organisation level, but also at national and international level. Currently, cyber security as such is not suitably regulated internationally; therefore, the role of national cyber security strategies has become particularly significant. Lithuania is among the leaders in the EU and globally in the development of the optical fibre network. FTTP coverage has already reached 95%, the highest in the EU. Regardless of that, the cyber security programme effective in Lithuania does not provide conditions to ensure an appropriate level of cyber security and may not be regarded as a high-level contemporary strategic document in the area of cyber security. This article presents a study the main outcome of which are guidelines for a contemporary model of the Lithuanian national cyber security strategy. Based on comparative and historical studies as well as expert interviews conducted by authors and on the best practice of other countries, the article presents the elements of a model of the Lithuanian national cyber security strategy as well as guidelines on the content of these elements of the model. The article also reveals which elements of the model of the national cyber security strategy should most of all reflect the national situation and which elements may be unified and possibly also adapted in the cyber security strategies of other countries.
In the last few decades, the understanding of security has been changing. New areas emerged which may influence security facets, which were not urgent earlier. Now those facets can endanger individual persons or even states. Breaches of cyber security, separate attacks or intense cyber wars are becoming more usual than conventional wars in the physical space; violations of cyber security may cause great damage, ruin businesses or even temporarily paralyze full-fledged functioning of individual states or regions. Many countries of the world, realizing that such a threat is real, adopted Cyber Security Strategies; for some countries, this is not the first version of such a strategy. This article examines the place of Cyber Security Strategies in the system of state documents, the nature and importance of such strategies as well as whether they are binding on individuals and institutions. The article explores in more detail the principles of ensuring cyber security provided for in such strategies, i.e. the principles identified by the states, as important for ensuring cyber security. It is discussed why these principles are so different in the strategies of individual states.