Key policy documents and cyber security strategies of different countries
Let us now consider the policy perspective of international cyber security.
There are key policy documents on cyber security for different countries on a national level.
The cyber security policy making report by the OECD (2012) provides a table of the key policy documents for numerous countries (see pages 66–70).
There are also intergovernmental agreements to tackle cyber war. Two examples are given below.
North Atlantic Treaty Organization
As Choucri, Madnick, and Ferwerda (2014) analyse, a key initiative has been demonstrated by NATO. Given the coordinated cyber attacks against Estonia (a NATO member) in 2007, NATO established a response. The Cooperative Cyber Defence Centre of Excellence (CCDCOE) is responsible for training NATO member states, conducting attack exercises, and supporting NATO in the event of an international cyber attack (Choucri, Madnick, and Ferwerda 2014).
However, not all NATO states have joined the CCDCOE program. There is no strong evidence that all members of NATO want to engage in a mutual approach to cyber security, perhaps because they are developing their own strategies for cyber warfare (Choucri, Madnick, and Ferwerda 2014).
European Network and Information Security Agency
Although the EU has published numerous resolutions on cyber crime, and the European Police Office (EUROPOL) is involved in investigations, the EU has created the European Network and Information Security Agency (ENISA) ‘to enhance the capability of the European Union … to prevent, address and respond to network and information security problems’ (Europa 2009 cited in Choucri, Madnick, and Ferwerda 2014).
Read pages 66–70 of the 2012 OECD report, which outline the key policy documents and cyber security strategies.
Browse the legislation on cyber security in your own country. Focus on the strengths and weaknesses of such legislation.
Having looked at the different types of legislation, which do you consider to be the most effective and why? Discuss your findings in the comments.
Choucri, N., Madnick, S., and Ferwerda, J. (2014) ‘Institutions for Cyber Security: International Responses and Global Imperatives’. Information Technology for Development 20 (2), 96-121
OECD (2012) Cybersecurity Policy Making at a Turning Point: Analysing a New Generation of National Cybersecurity Strategies [online] available from https://www.oecd.org/sti/ieconomy/comparativeanalysisofnationalcybersecuritystrategies.htm [5 September 2019]
© Coventry University. CC BY-NC 4.0