Development of National Cyber Security Strategies (NCSSs), and an Application of Perspective to the Colombian Case
Name
Yuri Andrea Pinto Rojas
Abstract
States around the world face similar cyber-threats that have been addressed
in official statements of policy such as National Cyber Security Strategies (NCSS), towards diverse ends, depending on their capacities, characteristics, ideologies, purposes and/or vision. Generalisations have prevailed resulting in general frameworks and popular practical guidelines that were made to fit the situation of the issuers, commonly from the most developed countries, and departing from assumptions that are not applicable to all of the rest of states in the world. Governments began to realise the times marked a turning point for beginning to think about, and assert, the needs and possibilities of their own countries first, and for issuing more responsive and responsible laws and policies than they have ever had. At the same time, stakeholders recognise that cyber security is a transnational phenomenon that demands global efforts. A smart balance should be reached across levels and sectors to help increase the safe use of cyberspace and unfold its full potential. The general purpose of this work is to conduct conceptual and empirical research with a mixed methodology where the qualitative approach prevails, but also includes a short quantitative exploratory analysis. A comparative analysis of 5 NCSSs, document analysis, a questionnaire administered online and a case study were the methods that resulted in two theoretical contributions: A definition of cyber security, and the formulation of a set of working tools consisting of: the Adaptable and Transferable Guidelines. Both in order to establish the considerations required to complete a process of NCSS development; the suggestions on the Key Performance Indicators self-assessment list that affirms the benefits of measuring parameters; and, the format for essential components to be included in NCSSs. A case study on the Colombian policy formulation follows, and illustrates the applicability of these unbiased guidelines that could help the institutionalization of procedures and standards for more influential public policies and strategies.
Graduation Thesis language
English
Graduation Thesis type
Master - Cyber Security
Supervisor(s)
Maria Claudia Solarte Vasquez; Raimundas Matulevicius
Defence year
2016