Finland plans 30% increase in cybersecurity spending in 2024 to counter AI-based cyber threats

Finland is increasing its cybersecurity investment by 30% in 2024 to address the growing threat of AI-enabled cyberattacks.

AI and security

In response to the escalating risks posed by AI-enabled cyberattacks, the Finnish government, led by Prime Minister Petteri Orpo’s National Coalition-led right-wing administration, is proactively strengthening the nation’s cybersecurity defenses. Their comprehensive strategy aims to safeguard both public and private organizations in Finland from evolving cyber threats.

As part of this initiative, the government is evaluating a significant increase in cybersecurity investments for the 2024 national budget, with a proposed 30% boost compared to 2023 levels, equating to a projected budget of €280 million in 2024. The allocation of these funds for enhancements in cyber AI capabilities will be disclosed once the 2024 budget is finalized in October.

These cybersecurity measures align closely with the findings and recommendations outlined in the “Security Threat of AI-Enabled Cyberattacks” (STAIC) report. This comprehensive report, a collaborative effort between Finland’s state transport and communications agency Traficom, the National Emergency Supply Agency (NESA), and cybersecurity leader WithSecure, forms the foundation for the proposed initiatives.

Sauli Pahlman, Deputy Director General at the National Cyber Security Centre (NCSC), underscores the increasing accessibility and affordability of AI technologies, skills, and tools that could empower cybercriminals. The potential utilization of AI for online scams and other illicit activities poses a significant threat, potentially amplifying the volume of cyberattacks.

While AI may not immediately introduce entirely new attack vectors, it will substantially automate various cyber threats, including phishing, social engineering, and information gathering. To effectively counter these AI-driven attacks, both governmental and corporate entities will need to adapt and implement innovative security techniques. These efforts may encompass non-technical services, intelligence sharing, resource allocation, and comprehensive security awareness training.