论文信息 - Analysing trends and success factors of international cybersecurity capacity−building initiatives

Analysing trends and success factors of international cybersecurity capacity−building initiatives

The global community has been engaged extensively in assessing and addressing gaps in cybersecurity commitments and capabilities across nations and regions. As a result, a significant number of Cybersecurity Capacity Building (CCB) initiatives were launched to overcome cyber-risks and realise digital dividends. However, these efforts are facing various challenges such as lack of strategy, and duplication. Although extensive research has been carried out on CCB, no single study exists which focuses on analysing CCB initiatives. This gap presents an opportunity for investigating current trends in CCB efforts and identifying the principles for successful CCB initiatives. In this paper, we aim to bridge this gap by collecting and analysing 165 publicly available initiatives. We classify the initiatives based on Oxford’s widely accepted Cybersecurity Capacity Maturity Model (CMM) and perform a descriptive statistical analysis. We further reflect on these initiatives, drawing on well-established success factors from the literature of capacity-building. Towards this end, we also conduct qualitative analysis based on CMM reports for two countries which have experienced socio-economic challenges, Mexico and Brazil, to understand which factors are essential in successful CCB initiatives. We conclude the paper with some interesting results on regional trends, key players, and ingredients of success factors. Keywords–Cybersecurity; Capacity Building Initiatives; Capacity Maturity Model.

Ioannis Agrafiotis | Ioannis Agrafiotis

[1] Stephanie L. Tennyson. About the Potomac Institute for Policy Studies , 2004 .

[2] Richard Heeks. ICT4D 2016: New Priorities for ICT4D Policy, Practice and WSIS in a Post-2015 World , 2014 .

[3] J. Weaver,et al. The World Bank Group , 1986 .

[4] Patryk Pawlak. Capacity Building in Cyberspace as an Instrument of Foreign Policy , 2016 .

[5] Liam Nevill,et al. Cyber maturity in the Asia-Pacific region 2015 , 2014 .

[6] Patryk Pawlak,et al. Politics of cybersecurity capacity building: conundrum and opportunity , 2017 .

[7] Jean-Marc Chaduc,et al. The International Telecommunication Union (ITU) , 2008 .

[8] L. Muller. Cyber Security Capacity Building in Developing Countries: Challenges and Opportunities , 2015 .

[9] Sadie Creese,et al. Cyber Harm: Concepts, Taxonomy and Measurement , 2016 .

[10] cyberdetective. Convention on Cybercrime , 2007 .

[11] Nir Kshetri,et al. Cybercrime and Cybersecurity in the Global South , 2013 .

[12] Heli Tiirmaa-Klaar. Building national cyber resilience and protecting critical information infrastructure , 2016 .

[13] Sadie Creese,et al. Cyber Security Capacity: Does It Matter? , 2017, Journal of Information Policy.

[14] Mathias Vermeulen,et al. Towards a values-based European foreign policy to cybersecurity , 2016 .

[15] T.W.J. van Ruijven,et al. the GFCE-Meridian Good Practice Guide on Critical Information Infrastructure Protection for governmental policy-makers , 2016 .