Strategies of Cyber Crisis Management: Lessons from the Approaches of Estonia and the United Kingdom


This paper compares the cyber crisis management strategies of Estonia and the United Kingdom—two leading nations in the field of cyber security.

The two countries’ strategies differ significantly. The most important variables influencing these differences are history, size (both demographic and material resources), political philosophy, digital dependence, and the nature of the threats and adversaries each country faces in the cyber domain.

Given the importance of these factors in determining Estonia’s and the United Kingdom’s cyber crisis strategies, it is difficult to draw from these two cases any generalisable recommendations that apply to other states; rather, the main significance of this study is another: it draws attention to the important role that political, historical, and cultural variables play in the definition of a nation’s cyber crisis strategy—and, consequently, the need to fit specific policy approaches within the bounds set by these factors.

The paper seeks to demonstrate that while cyber attacks may be highly technical in nature, organisational responses to them have crucial political and social determinants that may supersede the significance of technical factors.


Jamie Collier is a DPhil student at DPIR