Key policy documents and cyber security strategies of different countries

Let us now consider the policy perspective of international cyber security.

There are key policy documents on cyber security for different countries on a national level.

Girl in white shirt reading many textbooks on table with many high stacking

The cyber security policy making report by the OECD (2012) provides a table of the key policy documents for numerous countries (see pages 66–70).

There are also intergovernmental agreements to tackle cyber war. Two examples are given below.

North Atlantic Treaty Organization

As Choucri, Madnick, and Ferwerda (2014) analyse, a key initiative has been demonstrated by NATO. Given the coordinated cyber attacks against Estonia (a NATO member) in 2007, NATO established a response. The Cooperative Cyber Defence Centre of Excellence (CCDCOE) is responsible for training NATO member states, conducting attack exercises, and supporting NATO in the event of an international cyber attack (Choucri, Madnick, and Ferwerda 2014).

However, not all NATO states have joined the CCDCOE program. There is no strong evidence that all members of NATO want to engage in a mutual approach to cyber security, perhaps because they are developing their own strategies for cyber warfare (Choucri, Madnick, and Ferwerda 2014).

European Network and Information Security Agency

Although the EU has published numerous resolutions on cyber crime, and the European Police Office (EUROPOL) is involved in investigations, the EU has created the European Network and Information Security Agency (ENISA) ‘to enhance the capability of the European Union … to prevent, address and respond to network and information security problems’ (Europa 2009 cited in Choucri, Madnick, and Ferwerda 2014).

Your task

Read pages 66–70 of the 2012 OECD report, which outline the key policy documents and cyber security strategies.

Browse the legislation on cyber security in your own country. Focus on the strengths and weaknesses of such legislation.

Having looked at the different types of legislation, which do you consider to be the most effective and why? Discuss your findings in the comments.

References

Choucri, N., Madnick, S., and Ferwerda, J. (2014) ‘Institutions for Cyber Security: International Responses and Global Imperatives’. Information Technology for Development 20 (2), 96-121

OECD (2012) Cybersecurity Policy Making at a Turning Point: Analysing a New Generation of National Cybersecurity Strategies [online] available from https://www.oecd.org/sti/ieconomy/comparativeanalysisofnationalcybersecuritystrategies.htm [5 September 2019]

Share this article:

This article is from the free online course:

Network Defence Management Overview

Coventry University