Analysing Trends in International Cybersecurity Capacity Building Initiatives
Lead Research Organisation:
University of Oxford
Department Name: Computer Science
Abstract
There is a large investment being made by the international community aimed at helping nations and regions to develop their capacity in cybersecurity. The work of the Oxford Martin School's Global Cyber Security Capacity Centre GCSCC studies and documents this.
One key output of the GCSCC is the Global Forum on Cyber Expertise (GFCE) Inventory which provides a central point of reference for current international and regional capacity building efforts around the world in the key areas of cybersecurity.
https://www.sbs.ox.ac.uk/cybersecurity-capacity/explore/gfce
Another core component of the GCSCC is the Cyber Security Capacity Maturity Model (CMM) which benchmarks a country's cybersecurity capacity across five distinct dimensions of cybersecurity capacity
This research project has twofold objectives; firstly to analyse regional trends in capacity building in cybersecurity, the nature of the work and the partnerships that exist to support it. That analysis of the initiatives will be guided by the Cyber Security Capacity Maturity Model (CMM), aiming at identifying gaps in the funding of capacity building and misallocation of these funds in less important factors. The second and main objective is to provide the principles for successful cybersecurity initiatives based on a rigorous analysis of a small number of them.
The research question to be addressed is "What are the lessons learnt from the current cyber capacity building activities and what aspects of these initiatives are crucial for their success?" The focus will be on a specific region and on a specific maturity dimension of the GCSCC model. These will be determined after the initial analysis of the capacity building activities.
This research comes under the EPSRC Cyber Security theme
One key output of the GCSCC is the Global Forum on Cyber Expertise (GFCE) Inventory which provides a central point of reference for current international and regional capacity building efforts around the world in the key areas of cybersecurity.
https://www.sbs.ox.ac.uk/cybersecurity-capacity/explore/gfce
Another core component of the GCSCC is the Cyber Security Capacity Maturity Model (CMM) which benchmarks a country's cybersecurity capacity across five distinct dimensions of cybersecurity capacity
This research project has twofold objectives; firstly to analyse regional trends in capacity building in cybersecurity, the nature of the work and the partnerships that exist to support it. That analysis of the initiatives will be guided by the Cyber Security Capacity Maturity Model (CMM), aiming at identifying gaps in the funding of capacity building and misallocation of these funds in less important factors. The second and main objective is to provide the principles for successful cybersecurity initiatives based on a rigorous analysis of a small number of them.
The research question to be addressed is "What are the lessons learnt from the current cyber capacity building activities and what aspects of these initiatives are crucial for their success?" The focus will be on a specific region and on a specific maturity dimension of the GCSCC model. These will be determined after the initial analysis of the capacity building activities.
This research comes under the EPSRC Cyber Security theme
Planned Impact
It is part of the nature of Cyber Security - and a key reason for the urgency in developing new research approaches - that it now is a concern of every section of society, and so the successful CDT will have a very broad impact indeed. We will ensure impact for:
* The IT industry; vendors of hardware and software, and within this the IT Security industry;
* High value/high assurance sectors such as banking, bio-medical domains, and critical infrastructure, and more generally the CISO community across many industries;
* The mobile systems community, mobile service providers, handset and platform manufacturers, those developing the technologies of the internet of things, and smart cities;
* Defence sector, MoD/DSTL in particular, defence contractors, and the intelligence community;
* The public sector more generally, in its own activities and in increasingly important electronic engagement with the citizen;
* The not-for-profit sector, education, charities, and NGOs - many of whom work in highly contended contexts, but do not always have access to high-grade cyber defensive skills.
Impact in each of these will be achieved in fresh elaborations of threat and risk models; by developing new fundamental design approaches; through new methods of evaluation, incorporating usability criteria, privacy, and other societal concerns; and by developing prototype and proof-of-concept solutions exhibiting these characteristics. These impacts will retain focus through the way that the educational and research programme is structured - so that the academic and theoretical components are directed towards practical and anticipated problems motivated by the sectors listed here.
* The IT industry; vendors of hardware and software, and within this the IT Security industry;
* High value/high assurance sectors such as banking, bio-medical domains, and critical infrastructure, and more generally the CISO community across many industries;
* The mobile systems community, mobile service providers, handset and platform manufacturers, those developing the technologies of the internet of things, and smart cities;
* Defence sector, MoD/DSTL in particular, defence contractors, and the intelligence community;
* The public sector more generally, in its own activities and in increasingly important electronic engagement with the citizen;
* The not-for-profit sector, education, charities, and NGOs - many of whom work in highly contended contexts, but do not always have access to high-grade cyber defensive skills.
Impact in each of these will be achieved in fresh elaborations of threat and risk models; by developing new fundamental design approaches; through new methods of evaluation, incorporating usability criteria, privacy, and other societal concerns; and by developing prototype and proof-of-concept solutions exhibiting these characteristics. These impacts will retain focus through the way that the educational and research programme is structured - so that the academic and theoretical components are directed towards practical and anticipated problems motivated by the sectors listed here.
Organisations
Studentship Projects
| Project Reference | Relationship | Related To | Start | End | Student Name |
|---|---|---|---|---|---|
| EP/P00881X/1 | 01/10/2016 | 31/03/2023 | |||
| 1775817 | Studentship | EP/P00881X/1 | 01/10/2016 | 30/09/2020 | Faisal Khan |
| Description | The global community has been engaged extensively in assessing and addressing gaps in the cybersecurity commitments and capabilities of nations and regions. As a result, a significant number of Cybersecurity Capacity-Building (CCB) initiatives have been launched to overcome cyber-risks. These efforts face various challenges, however, such as lack of strategy and duplication of initiatives. To our knowledge, no study has explored the areas where cybersecurity initiatives focus and the possible gaps. In this paper, we have tried to close this gap by collecting and analysing all publicly available initiatives. We have further reflected on these initiatives with respect to well-established success factors in the literature on capacitybuilding. Towards this end, we have also engaged in qualitative research and analysed reports for two countries, Mexico and Brazil, trying to understand which of these factors may have been influential in designing and implementing successful cybersecurity initiatives. Our results suggest that the distribution of CCB initiatives across the regions has been divided evenly, except that North America has received the least, only 7% of initiatives. This is because the gathered initiatives are focused on developing countries. The current focus, as observed from analysing the trends, is on building the foundational aspects of capacity such as devising or enhancing national Cybersecurity strategies, establishing effective CSIRT programmes, or creating reliable regulatory frameworks. These findings are in line with the observations of the ITU 2017 Global Cybersecurity Index. There are, however, evident gaps and imbalances with other CMM dimensions such as Standards, Organisations, and Technologies and Cyber Culture and Society which are vital in ensuring a balanced, capable, resilient, and dynamic cyberspace. As the top 10 active organisations account for (75%) of initiatives it demonstrates that few critical organisations are leading initiatives. The comparison of Brazil and Mexico using the GCI scores demonstrates that Mexico was more committed to cybersecurity than Brazil during the 2014 and 2017 period, while it received a bigger number of initiatives. Our analysis suggests that the socio-economic and geopolitical challenges Brazil experienced over the recent years could be a key factor in why Brazil has apparently regressed or at least not progressed enough concerning cybersecurity maturity in contrast to the key success factors associated with the initiatives conducted by Mexico as highlighted within the conference paper. |
| Exploitation Route | In the future, we intend to perform a comparison of the existing efforts in capacity-building with the economic and technology metrics that exist for a set of countries or a specific region. There is a niche space in exploring what data should be collected from governments and organisation to better reflect capacity-maturity development. We aim to identify gaps in the funding of capacity-building and misallocation of these funds to less critical factors. Once the appropriate datasets are identified, relationships that exist between capacity-building activities may be revealed, hopefully leading to optimisation of the development of countries towards a more secure cybersecurity posture. A deeper analysis over the generic success factors, based on interviews and focus groups of relevant stakeholders, will provide us with more thorough and encompassing insights. |
| Sectors | Digital/Communication/Information Technologies (including Software),Government, Democracy and Justice,Security and Diplomacy |
| URL | https://ora.ox.ac.uk/objects/uuid:50e9c5aa-4f3d-40f0-a0a0-ff538b735291 |