Nations need to develop cybersecurity capabilities at national level in order to facilitate the requirements expressed through national authoritative and normative documents. These national cybersecurity capabilities typically consist of people, processes and technology or tools. From the research conducted, no publicly available models or frameworks for national cybersecurity capability development could be found. In this paper, the authors identify and compare existing military capability development models and propose a national cybersecurity capability development model based on these models. Military capability development frameworks are a comprehensive way to define work deliverables and work standards, and provides a way to measure the work deliverables (eWorks Moodle, 2016). The use of such a national cybersecurity capability development model is advantageous during the planning phase of the national cybersecurity capability. For example, the using of a model allows for a capability to be broken down into its components, a model serves as a blueprint to ensure that those building the capability considers all components, allows for cost estimation and facilitates the evaluation of trade-offs. One national cybersecurity capability - the incident management cybersecurity capability - is selected to illustrate the application of the national cybersecurity capability development model. This model was developed as part of previous research, and is called the Embryonic Cyberdefence Monitoring and Incident Response Center (E-CMIRC) (P. Jacobs; S.H. von Solms & M.M. Grobler, 2016). The characteristics of national incident management cybersecurity incidents have to be determined, as these would affect each component of the military-based national cybersecurity capability development model. Once the national cybersecurity capability components are identified using the military-based cybersecurity capability development model, it also has to be operated. To achieve this requirement, available organisational operational models are identified and compared, and one operating model is selected to augment the national cybersecurity capability development model. The fusion of the military-based national cybersecurity capability development model with the operations models results in the national military-based cybersecurity capability development model. This paper has three outcomes in mind: firstly to determine the characteristics of national cybersecurity incidents, secondly, the development of the national cybersecurity capability development model, and thirdly, the development of a national cybersecurity capability operational model. This paper describes the methodology followed in describing the E-CMIRC structure using a capability development framework, and organisational operational models. The national cybersecurity capability development model – using a military capability development framework - and the national cybersecurity capability operational models derived from existing organisational frameworks, are presented as a single, integrated model.
Reference:
Jacobs, P.C., Von Solms, S.H. and Grobler, M.M. 2017. Towards a national cybersecurity capability development model. 16th European Conference on Cyber Warfare and Security (ECCWS) 2017, 29 - 30 June 2017, Dublin University College, Dublin, Ireland
Jacobs, P. C., Von Solms, S., & Grobler, M. M. (2017). Towards a national cybersecurity capability development model. http://hdl.handle.net/10204/9458
Jacobs, Pierre C, SH Von Solms, and Marthie M Grobler. "Towards a national cybersecurity capability development model." (2017): http://hdl.handle.net/10204/9458
Jacobs PC, Von Solms S, Grobler MM, Towards a national cybersecurity capability development model; 2017. http://hdl.handle.net/10204/9458 .
Author:Jansen van Vuuren, JC; Phahlamohlaka, Letlibe J; Leenen, LDate:Jul 2012This paper investigates different government organisational structures created for the control of national cybersecurity in selected countries of the world. The main contribution is a proposed structure that could be suitable for South Africa, ...Read more
Author:Phahlamohlaka, Letlibe J; Jansen van Vuuren, JC; Coetzee, AJDate:May 2011The aim of this paper is to propose an approach that South Africa could follow in implementing its proposed Cyber security policy. The paper proposes a Cyber Security Awareness Toolkit that is underpinned by key National Security imperatives ...Read more