A police officer maintaining public order, a doctor accessing a patient’s health data to make treatment decisions, a patient checking issued prescriptions in a national mobile app or a citizen digitally signing a document – all of these are public services. Society expects and needs the most critical services to operate around the clock, seven days a week, 365 days a year – even if cables are cut or whatever the threat may be.
The most critical services
The most critical services are those that underpin life and health, public order, the state’s situational awareness and, by extension, national security. Equally important are services that keep the lifeblood of the economy flowing.
The functioning of public services is part of everyday life. Digitalisation of Estonia’s public services is now near-universal, and interacting online has become the norm. Anything less feels inconvenient and sometimes even impossible. Behind this largely invisible convenience lies a web of dependencies on which Estonian society as a whole relies. These dependencies span both public- and private-sector digital infrastructure.
Breaks in subsea cables are a relevant example of incidents that prompt us to act so that society can continue to function as expected under challenging circumstances.
One chain, many links
To illustrate the situation, it helps to think in terms of a single chain that shows the essential steps required for a service to become usable online. A developer writes the code required to provide the service and then uses an internet connection to install and run it on a remote server. The data centre where the server is located must ensure power supply, data connectivity, cooling and physical security. The end user needs an internet connection at home or on a smartphone.
For all of this to work, numerous technical components must function flawlessly. The closer one looks, the more of these components come into view.
Service resilience improves when each component in the delivery chain has a backup solution. If the power supply fails, a data centre switches to generators; if a communications cable is cut, critical locations rely on redundant connections; to prevent failures in servers and the software running on them, services are delivered simultaneously from multiple data centres.
RIA provides the backbone of public services
Many public services depend on the central services provided by RIA. In recognition of this responsibility, we invested significantly in improving the resilience of our services in 2025 and will continue this work in the coming years.
This involves creating backup solutions for internal and external dependencies or eliminating dependencies altogether.
In physical infrastructure, duplication is key, sometimes in multiple layers. When improving the resilience of software-based services, we reduce dependence on physical infrastructure and its providers. At the same time, we must not compromise on cybersecurity.
Rome was not built in a day, and resilience cannot be improved through a single burst of effort. Choices must be made and priorities set. This process allows us to assess what we, as a state authority, must build and operate ourselves and what makes sense to procure as a fully managed service from other providers, whether in the public or private sector.
Improving the resilience of public services is not the task of RIA alone but of the entire public sector.
How successful we are as a country depends on cooperation and on the willingness to revise technological choices and solutions.
Preparing for unpleasant surprises
Good surprises do not require special preparation to respond, but bad ones are easier to manage when preparation is deliberate and systematic. Efforts to strengthen service resilience do not imply that disruptions to the services we take for granted will necessarily become more frequent. We do, however, need to be prepared to address them when they occur.
Last updated: 11.02.2026
