Publication
GFCE Global Good Practices: Assist with Cyber-Risk Mitigation and Keep Score of Successes
Authors
Year
- 2017
Description
- Weight loss does not happen by learning theory, but by practical exercises — and certainly by keep…
GFCE Global Good Practices: Assist with Cyber-Risk Mitigation and Keep Score of Successes
Weight loss does not happen by learning theory, but by practical exercises — and certainly by keeping records of successful steps. Similarly, network operators need help with monitoring the systemic risks, providing training materials and practical experience for mitigation, but also keeping track of successful actions.
Publication
GFCE Global Good Practices: Produce and Present Trusted Metrics about Systemic Risk Conditions
Authors
Year
- 2017
Description
- All those figures on a medical test report do not mean much to us — we need a doctor to analyse va…
GFCE Global Good Practices: Produce and Present Trusted Metrics about Systemic Risk Conditions
All those figures on a medical test report do not mean much to us — we need a doctor to analyse various data, contextualise it for our body and lifestyle, and present us with the findings in a comprehensive way. The same goes for network health — trusted data needs […]
Publication
GFCE Global Good Practices: Establish a Clearinghouse for Gathering Systemic Risk Conditions Data in Global Networks
Authors
Year
- 2017
Description
- We assess our personal health based on the trusted data we receive from doctors. Cybersecurity is li…
GFCE Global Good Practices: Establish a Clearinghouse for Gathering Systemic Risk Conditions Data in Global Networks
We assess our personal health based on the trusted data we receive from doctors. Cybersecurity is like public health: if CERTs and operators have trusted data — regularly updated — about weaknesses in our networks, this helps them mitigate vulnerabilities, preserve cyber-health, and prevent incidents.
Publication
Best Practices for Establishing a National CSIRT by the Organisation of American States (OAS)
Authors
Year
- 2016
Description
- This guide analyzes several types of CSIRTs, including National-level CSIRTs, which respond to incid…
Best Practices for Establishing a National CSIRT by the Organisation of American States (OAS)
This guide analyzes several types of CSIRTs, including National-level CSIRTs, which respond to incidents at the nation-state level. These usually monitor and respond to incidents in government networks, and also serve as a coordinator of information security for the private sector or other sectors and institutions. They may or may […]
Publication
GFCE Global Good Practices – National Computer Security Incident Response Teams (CSIRTs)
Authors
Year
- 2017
Description
- Even the best cyber security posture and practices cannot guarantee that key organisations and infor…
GFCE Global Good Practices – National Computer Security Incident Response Teams (CSIRTs)
Even the best cyber security posture and practices cannot guarantee that key organisations and information infrastructures within a nation will not be vulnerable to malware, software failures, human errors, and other mishaps. The cyber threat landscape changes rapidly. Cyber incidents occur on a daily basis and may be of cross-border, […]
Publication
GFCE Global Good Practices: Assess National Cybersecurity Capacity Using a Maturity Model
Authors
Year
- 2017
Description
- Capacity building is most effective when it builds on existing capacities. How can we have a better …
GFCE Global Good Practices: Assess National Cybersecurity Capacity Using a Maturity Model
Capacity building is most effective when it builds on existing capacities. How can we have a better picture of current capacities and capabilities? Assessing national cybersecurity capability and readiness using a maturity model provides a comprehensive review of existing capacities which can be further developed, and offers recommendations for setting […]
Publication
The Internet of Things Security Landscape Study: Adoption and Harmonisation of Security Solutions for the Internet Of Things
Authors
Year
- 2019
Description
- The Internet of Things (IoT) provides a core technology for the digital world. It unlocks tremendous…
The Internet of Things Security Landscape Study: Adoption and Harmonisation of Security Solutions for the Internet Of Things
The Internet of Things (IoT) provides a core technology for the digital world. It unlocks tremendous value for people, organisations and governments. But more importantly, IoT is growing exponentially. Statistics show that the number connected things will surge from 8.4 billion in 2017 to 20.4 billion by 2020. However, such […]
Publication
Global Cybersecurity Capacity Program. Lessons Learned and Recommendations Towards Strengthening the Program
Authors
Year
- 2019
Description
- The Global Cybersecurity Capacity Program, which was generously financed by the Korea-World Bank Gro…
Global Cybersecurity Capacity Program. Lessons Learned and Recommendations Towards Strengthening the Program
The Global Cybersecurity Capacity Program, which was generously financed by the Korea-World Bank Group Partnership (KWPF) between 2016 and 2019, is one of the first steps that the World Bank has taken in an attempt to bridge existing gaps in cybersecurity capacities, especially in the case of governments that have […]
Publication
Dealing Securely with the Internet of Things – A Guide for Information Security Officers
Authors
Year
- 2016
Description
- Many manufacturers of IoT devices regularly deploy updates, including security updates, while others…
Dealing Securely with the Internet of Things – A Guide for Information Security Officers
Many manufacturers of IoT devices regularly deploy updates, including security updates, while others may be less focused on development and security. In these cases, it could mean that support is not or no longer available. This in turn could mean that vulnerable equipment can not or no longer be updated, […]
Publication
The Italian Cyber Security Skills Shortage in the International Context
Authors
Year
- 2019
Description
- This report, funded by the not-for-profit Global Cyber Security Center, seeks to fill this gap and i…
The Italian Cyber Security Skills Shortage in the International Context
This report, funded by the not-for-profit Global Cyber Security Center, seeks to fill this gap and investigates the cyber security skills shortage in Italy. Through a survey sent to Italian security managers and interviews with relevant government and academic stakeholders, this study presents new data on the Italian CSSS. This […]
Publication
White Paper: Task Force on Cybersecurity Professional Training and Development
Authors
Year
- 2019
Description
- In September 2018 the participants in GFCE’s Working Group D (WG D) identified the need for more i…
White Paper: Task Force on Cybersecurity Professional Training and Development
In September 2018 the participants in GFCE’s Working Group D (WG D) identified the need for more information on existing programs for cybersecurity awareness and professional education and training. Between October 2018 and February 2019, the Chair and Task Force Leaders of WG D, together with the GFCE Secretariat, devised […]
Publication
Addressing the Cybersecurity Skills Gap Through Cooperation, Education and Emerging Technologies
Authors
Year
- 2019
Description
- Cybercriminals are increasingly finding new ways to hack into organizational networks to cause mass …
Addressing the Cybersecurity Skills Gap Through Cooperation, Education and Emerging Technologies
Cybercriminals are increasingly finding new ways to hack into organizational networks to cause mass disruption and steal sensitive personal or valuable corporate data. While achieving good cybersecurity is a multifaceted challenge, the cybersecurity skills shortage we are experiencing today is adding to the problem and leaving many organizations struggling to […]
Publication
Mind the Gap: The Cyber Security Skills Shortage and Public Policy Interventions
Authors
Year
- 2019
Description
- In an era of increasingly sophisticated cyber-attacks with the potential to have crippling effects o…
Mind the Gap: The Cyber Security Skills Shortage and Public Policy Interventions
In an era of increasingly sophisticated cyber-attacks with the potential to have crippling effects on all of our lives, it is wise to educate and train an adequate number of cybersecurity professionals who are able to fend off cyber-attacks. But iss there a worldwide cybersecurity skills shortage? What policies have […]
Publication
Cyber Security Awareness Campaigns: Why Do They Fail to Change Behaviour?
Authors
Year
- 2014
Description
- The present paper focuses on Cyber Security Awareness Campaigns, and aims to identify key factors re…
Cyber Security Awareness Campaigns: Why Do They Fail to Change Behaviour?
The present paper focuses on Cyber Security Awareness Campaigns, and aims to identify key factors regarding security which may lead them to failing to appropriately change people’s behaviour. Past and current efforts to improve information-security practices and promote a sustainable society have not had the desired impact. It is important […]
Publication
Common Taxonomy for Law Enforcement and The National Network of CSIRTs
Authors
Year
- 2017
Description
- The objective of this document is to support the Computer Security Incident Response Teams (CSIRTs) …
Common Taxonomy for Law Enforcement and The National Network of CSIRTs
The objective of this document is to support the Computer Security Incident Response Teams (CSIRTs) and the Public Prosecutors in their dealing with Law Enforcement Agencies in cases of criminal investigations, by providing a common taxonomy for the classification of incidents, named Common Taxonomy for Law Enforcement and The National […]
