Towards a national cybersecurity capability development model

Pierre Jacobs, Basie Von Solms, Marthie Grobler

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

2 Citations (Scopus)

Abstract

Nations need to develop cybersecurity capabilities at national level in order to facilitate the requirements expressed through national authoritative and normative documents. These national cybersecurity capabilities typically consist of people, processes and technology or tools. From the research conducted, no publicly available models or frameworks for national cybersecurity capability development could be found. In this paper, the authors identify and compare existing military capability development models and propose a national cybersecurity capability development model based on these models. Military capability development frameworks are a comprehensive way to define work deliverables and work standards, and provides a way to measure the work deliverables (eWorks Moodle, 2016). The use of such a national cybersecurity capability development model is advantageous during the planning phase of the national cybersecurity capability. For example, the using of a model allows for a capability to be broken down into its components, a model serves as a blueprint to ensure that those building the capability considers all components, allows for cost estimation and facilitates the evaluation of trade-offs. One national cybersecurity capability - the incident management cybersecurity capability - is selected to illustrate the application of the national cybersecurity capability development model. This model was developed as part of previous research, and is called the Embryonic Cyberdefence Monitoring and Incident Response Center (E-CMIRC) (P. Jacobs; S.H. von Solms & M.M. Grobler, 2016). The characteristics of national incident management cybersecurity incidents have to be determined, as these would affect each component of the military-based national cybersecurity capability development model. Once the national cybersecurity capability components are identified using the military-based cybersecurity capability development model, it also has to be operated. To achieve this requirement, available organisational operational models are identified and compared, and one operating model is selected to augment the national cybersecurity capability development model. The fusion of the military-based national cybersecurity capability development model with the operations models results in the national military-based cybersecurity capability development model. This paper has three outcomes in mind: firstly to determine the characteristics of national cybersecurity incidents, secondly, the development of the national cybersecurity capability development model, and thirdly, the development of a national cybersecurity capability operational model. This paper describes the methodology followed in describing the E-CMIRC structure using a capability development framework, and organisational operational models. The national cybersecurity capability development model - using a military capability development framework - and the national cybersecurity capability operational models derived from existing organisational frameworks, are presented as a single, integrated model.

Original languageEnglish
Title of host publicationProceedings of the 16th European Conference on Cyber Warfare and Security, ECCWS 2017
EditorsMark Scanlon, Nhien-An Le-Khac
PublisherCurran Associates Inc.
Pages582-592
Number of pages11
ISBN (Electronic)9781911218432
Publication statusPublished - 2017
Event16th European Conference on Cyber Warfare and Security, ECCWS 2017 - Dublin, Ireland
Duration: 29 Jun 201730 Jun 2017

Publication series

NameEuropean Conference on Information Warfare and Security, ECCWS
Volume0
ISSN (Print)2048-8602
ISSN (Electronic)2048-8610

Conference

Conference16th European Conference on Cyber Warfare and Security, ECCWS 2017
Country/TerritoryIreland
CityDublin
Period29/06/1730/06/17

Keywords

  • Cybersecurity capability development model
  • Cybersecurity operational model
  • National cybersecurity capabilities
  • National cybersecurity incident characteristics
  • POSTEDFIT-B

ASJC Scopus subject areas

  • Information Systems
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Towards a national cybersecurity capability development model'. Together they form a unique fingerprint.

Cite this