PM Kulbergs dissatisfied with cybersecurity in state companies / Article

PM Kulbergs dissatisfied with cybersecurity in state companies / Article

PM Kulbergs dissatisfied with cybersecurity in state companies / Article

https://eng.lsm.lv/article/politics/politics/02.07.2026-pm-kulbergs-dissatisfied-with-cybersecurity-in-state-companies.a653590/

Publish Date: 2026-07-02 06:05:00

Source Domain: eng.lsm.lv

Author:

Using an unordered list, summarize the following article with between 4 and 8 key points. The first signs of a breach in the system at AS “Latvijas Valsts meži” (LVM) cyberattack were detected as early as June 11, when suspicious activity was identified, while the actual malicious activities took place on the night of June 22–23, said Prime Minister Andris Kulbergs (United List) on July 2.

Following a Cabinet meeting on Thursday, the prime minister criticised the current situation, pointing to insufficient preparedness and a lack of accountability in the protection of critical systems. He has instructed the ministries to prepare proposals by July 30 on how to improve the implementation of business continuity plans for critical infrastructure.

Kulbergs also added that responsibility for the cyberattack on LVM is still being assessed, including an explanation of why the cybersecurity requirements stipulated by law have not been fully implemented over the past two years and why risks related to software updates were not identified in previous audits.

The Prime Minister acknowledged that he is not satisfied with the current situation and that Thursday’s meeting was insufficient.

Kulbergs pointed out that critical infrastructure facilities, companies, and institutions must have a clear business continuity plan for various crisis situations – cyberattacks, natural disasters, or other threats. He said that currently only 21% of government agencies and 31% of private-sector organisations have such plans.

“Four-fifths have no plans, which means they haven’t given this any thought. Another question is: if a plan exists on paper, does it actually work in practice?” said Kulbergs.

The prime minister emphasised that the requirements of the Cybersecurity Law have been in effect for two years, but in practice they are not always implemented.

“It is unacceptable to me that we have to wait for something – that action is taken only when it is written into law, when the Cabinet of Ministers’ regulations have been drafted,” said Kulbergs, noting that, in his view, any responsible manager takes action even when it is not yet mandatory.

Kulbergs also said: “We really lack a single point of responsibility, because everyone is looking to each other.” In the Prime Minister’s view, the Crisis Management Centre should be the entity that takes responsibility and coordinates communication.

Defence Minister Raivis Melnis, for his part, stressed that cybersecurity is the responsibility of every organisation and that cyber incidents will continue to occur.

Seen a mistake?
Select text and press Ctrl+Enter to send a suggested correction to the editor
Select text and press Report a mistake to send a suggested correction to the editor

Tell us about a mistake