RSU researcher Vitālijs Rakstiņš: Security will become an asset in itself

Rakstiņš delivers courses on national security and the prevention and solving of cybercrime to RSU students, and is currently writing the monograph Nacionālā drošība (National Security).

What do you think the role of RSU is in shaping Latvian security policy?

I think that the role of higher education institutions in shaping security policy is often not properly appreciated and understood.

Higher education institutions, including RSU, influence future policy makers, as all students take courses related to national security, civil protection, cybersecurity, etc. as part of their compulsory curriculum. Many higher education institutions train security professionals and their research activities are often related to security issues or dual-use technologies essential for national security.

The Internal Security Academy was established to strengthen security policy in Latvia. It is an association formed by several institutions (the Ministry of the Interior, the State Police College, RSU, and the University of Latvia) with a common goal to pool resources and train highly qualified specialists to work in law enforcement institutions of Latvia. Part of the Academy's study process is implemented at RSU.

What security strengthening projects are you involved in?

We have just finished the project #DrošaLatvija ("secure Latvia" - Ed.) implemented by the State Chancellery and LATO (Latvian Transatlantic Organisation), in which we studied societal resilience and information security. I am currently involved in two RSU projects – a joint project between RSU and Kharkiv Aviation University, Best Practice University: Transformation and Adaptation Process in Challenging Environment, and a RSU Applied Research Project No RSU-PAG-2024/1-0015 Prevention of Security Threats and Risks in the Political Protection, Social, Socio-Economic and Informative Fields.

In the first project with Kharkiv Aviation University, we are working on the development of a security and business continuity manual for higher education institutions, which includes material based on the experience of our Ukrainian peers. At the same time, we have produced scientific articles, video lectures, and conference presentations on the aforementioned topic.

The second project is related to studying security issues. It includes our participation in conferences and writing several scientific articles. It is as part of this project that I plan to write the scientific monograph on national security.

What made you interested in specialising in security and what is your experience in this field?

During my service with NATO and the Ministry of Defence, I was specifically responsible for cybersecurity policy issues. At that time, the Crisis Management Department was also responsible for national cybersecurity and cyber-defence policy, so I was inside these processes until mid-2021. When delivering lectures to young people, I realised that I was only able to reach a few dozen young people. That is why I decided to write books and also make board games on cybersecurity and information security issues to protect them from the long-term risks of publishing sensitive information, leaving a digital footprint and data about themselves that could be used to influence them later.

I graduated from the Police Academy of Latvia, worked at the Ministry of the Interior and have been with the Ministry of Defence for more than 16 years. I headed the Legal Department, was part of the Latvian delegation to NATO, then the director of the Crisis Management Department, including during Covid-19. From 2021, I was a defence adviser in the UK and a non-resident adviser to the Ministry of Defence of Ukraine. I have been back in Latvia since January this year. Since 2023, I have been teaching the National Security course at RSU. I am a visiting lecturer on issues related to societal resilience, cybersecurity and information security, total defence, and business continuity planning. In parallel, I produce educational materials on non-violent resistance, board games on cybersecurity and information security, and have written two books for children on cybersecurity.

How do you see the security sector developing in the future, especially in the light of technological developments?

I believe that security will become an asset in itself - in the age of polycrises, any place where people can feel safe will become increasingly in demand. Unfortunately, every year public institutions will be less and less able to guarantee the foundations of Maslow's pyramid, meaning people's and families' safety in the streets, public places, or even in the digital environment.

As the era of relative peace comes to an end, society will have to accept many risks as the new normal. With each passing year, the capacity of state institutions to guarantee public safety will decrease, placing more responsibility on society and the private sector, which will have to invest in resilience and security themselves.

How can public awareness of security issues be raised?

I am convinced that mandatory training and information campaigns do not produce great results. We see that people queue up for training or courses as soon as they feel threatened. A real example is the huge public interest in security and defence at the outbreak of the Russia-Ukraine war, but of course such public demand happens in waves and is not systemic.

The public should certainly be informed about all possible risks and threats, promoting a so-called culture of preparedness, while those who want to deepen their knowledge have every opportunity to do so both in secondary schools (national defence training) and in higher education institutions (such as RSU or the Internal Security Academy).

How do you assess Latvia's preparedness to respond to cyber threats, and what is the role of RSU in this area?

I would look at this question a bit more broadly - the question of how to respond to all threats is important. For example, there was recently an unprecedented global incident concerning updates by the cybersecurity company CrowdStrike. This was not a cyber-attack, but resulted in paralysing airports, banks, and businesses around the world. The primary focus should therefore be on how to ensure the continuity of critical functions in any crisis. My personal assessment is that most large companies have such business continuity capabilities and are also investing in cyber security, as required by EU directives. The challenges are usually with smaller companies and users, who tend to be the weakest link in the system.

Higher education institutions, including RSU, play an important role in mitigating cyber threats, both through providing general education to students, training cyber security professionals, and participating in research projects on cyber security.

What new technologies do you see as essential for improving internal and external security?

Any technology can be a shield or a sword. Especially today, when every technology has a dual use; in English it is called "the weaponisation of everything".

The biggest challenge is not the disruptive technologies themselves, but the fact that these technologies are entering our lives very quickly alongside other technologies. The consequences and cascading effects of how they interact cannot be predicted. As a result, the regulation of the use of disruptive technologies is lagging behind the real use of the technologies.