The more advanced digital economy and society a country has the more exposed it is to cyber threats. Consequently, countries with advanced digital economy and digital infrastructure naturally need to pay more attention to protecting cyber space. Today it is a national security issue and it can no longer be argued that cyber security is its indispensable part. Accordingly, a national cyber security strategy has to be built on national security strategy. That is the main reason for using the word “cornerstone” in the title of this study. The relation between national security and national cyber security means a specific context, which is one of the subjects of our examination in this study. Today, most countries have a cyber security strategy. However, these strategies are mostly static documents that do not or only partially can handle the dynamism that characterizes cyberspace. This paper focuses on the key issues that are needed for developing a usable cyber security strategy.
If the inline PDF is not rendering correctly, you can download the PDF file here.
European Network and Information Security Agency (ENISA). (2012). National Cyber Security Strategies Practical Guide on Development and Execution available at: https://www.enisa.europa.eu/publications/national-cyber-security-strategies-an-implementation-guide/at_download/fullReport accessed on: 29 May 2018.
European Network and Information Security Agency (ENISA). (2016). NCSS Good Practice Guide Designing and Implementing National Cyber Security Strategies available at: https://www.enisa.europa.eu/publications/ncss-good-practice-guide/at_download/fullReport accessed on: 29 May 2018.
HM Government United Kingdom (2016). National Cyber Security Strategy 2016-2021 available at: https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/567242/national_cyber_security_strategy_2016.pdf accessed on: 29 May 2018.
International Telecommunication Union (ITU). (2007). Global Cybersecurity Agenda (GCA) available at: https://www.itu.int/en/action/cybersecurity/Pages/gca.aspx accessed on: 29 May 2018.
International Telecommunication Union (ITU). (2011). ITU National Cybersecurity Strategy Guide available at: http://www.itu.int/ITU-D/cyb/cybersecurity/docs/ITUNationalCybersecurityStrategyGuide.pdf accessed on: 29 May 2018.
Klimburg A. (ed.). (2012). National Cyber Security Framework Manual available at: https://ccdcoe.org/sites/default/files/multimedia/pdf/NCSFM_0.pdf accessed on: 29 May 2018.
Ministry of Digital Affairs Poland. (2017). National Framework of Cybersecurity Policy of the Republic of Poland for 2017-2022 available at: https://www.enisa.europa.eu/topics/national-cyber-security-strategies/ncss-map/Cybersecuritystrategy_PL.pdf accessed on: 29 May 2018.
Netherlands. (2018). Nederlandse Cybersecurity Agenda Nederland digitaal veilig available at: https://www.rijksoverheid.nl/binaries/rijksoverheid/documenten/rapporten/2018/04/21/nederlandse-cybersecurity-agenda-nederland-digitaal-veilig/CSAgenda_def_web.pdf accessed on: 29 May 2018.
NIS Directive (2016). Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union available at: http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016L1148&from=EN accessed on: 29 May 2018.
Premier ministre. (2015). French National Digital Security Strategy available at: https://www.ssi.gouv.fr/uploads/2015/10/strategie_nationale_securite_numerique_en.pdf accessed on: 29 May 2018.