CMM Review Iraq 2022

Summary

The Global Cyber Security Capacity Centre (GCSCC) undertook a review of Iraq’s cybersecurity capacity maturity levels, with subsequent multistakeholder workshops that provided discussions and better estimations on the state of cybersecurity in Iraq.

Details

Aim

The aim of this project was to carry out a Cybersecurity Capacity Maturity Model (CMM) and provide a review of Iraq’s capacity infrastructure. Such an assessment aims to give stakeholders a better understanding of national and critical infrastructure cybersecurity capacities while being able to prioritise investment and make strategic decisions based on the national assessment.

Context

The GCSCC announced the first CMM review of Iraq in June of 2022 on the invitation of the Iraq Cyber Events Response Team (IQ-CERT) and in cooperation with NATO.

Outcomes

• The GCSCC conducted an online assessment over the period of 7-17 March 2022. The online review involved a series of multistakeholder workshops attended by a selection of representatives with the necessary experience and skills and representing a wide range of backgrounds and responsibilities.
• Following the online review, the GCSCC team presented the preliminary findings of the CMM report at a meeting with an Iraqi delegation over three days (17-19^th May) in Istanbul. The review acted as timely for Iraq, as it will be a key resource in facilitating the implementation of Iraq’s first national cybersecurity strategy (NCS) planned to be published as of February 2022.