The role played by information communication technologies (ICTs) and by the networks they generate and underpin has continuously increased throughout recent decades. From an economic perspective, the potential positive impact of the Internet and ICTs on growth and development has now been widely recognised. However, the cloak of immunity and anonymity that these technologies can provide, have led to a growth in illicit activities across cyberspace.
This document is a proof-of-concept operational toolbox designed to facilitate the development of national-level cybersecurity capacity building programmes and of holistic policy and investment strategies to tackle challenges in the cyber domain. The document seeks to enable a better translation of the results of national cyber maturity reviews and assessments into tangible policy recommendations and investment strategies, allowing policymakers to develop their countries' cybersecurity capacity.
The proof-of-concept toolbox constitutes the output of a project commissioned by the United Kingdom Foreign and Commonwealth Office. This project comprised two main research and development phases. The first phase of the project entailed a requirements analysis and architecture-design effort. The second phase of the project entailed the development of a proof-of-concept toolbox. The toolbox builds on the framework of the Cybersecurity Capacity Maturity Model for Nations (CMM) created by the Global Cyber Security Capacity Centre (GCSCC) at the University of Oxford. The toolbox was designed to provide policymakers and decision makers with instruments facilitating the operationalisation of recommendations generated through a capacity review report completed using the GCSCC CMM.
This proof-of-concept toolbox presents guidelines and recommended approaches as identified through a review of existing literature for cybersecurity capacity building. The document would be best used to act upon the results and the capacity-building recommendations generated following a review of national cybersecurity capacity conducted by external experts employing the Cybersecurity Capacity Maturity Model for Nations created by the Global Cyber Security Capacity Centre.