The Cybersecurity Tech Accord is proud today to announce the release of a new whitepaper, Cybersecurity Awareness in the Commonwealth of Nations developed in partnership with the UK’s Foreign & Commonwealth Office (FCO). The paper, a draft of which was first released for comment last October, discusses the importance of national efforts to develop cybersecurity awareness at all levels of a society, provides industry guidance to support such programs, and catalogues awareness raising activities taking place across the 53 states that make up the Commonwealth of Nations.
The wide diversity of this collection of nations – which spans 5 continents and includes some of the world’s largest and smallest countries – is reflected in how they each approach promoting cybersecurity awareness based on their respective capacities, needs and cultures. Indeed, we are grateful for the many contributions we have received on these programs from organizations like the International Telecommunications Union (ITU), Get Safe Online, and the FCO, as well as representatives of respective Commonwealth member states. This input has been invaluable in completing this paper and beginning to paint an overarching picture of what different approaches to cybersecurity awareness look like throughout the Commonwealth.
All told, the paper includes information on more than 65 cybersecurity awareness initiatives across 43 of the Commonwealth states. And what is most surprising, and encouraging, is how many of them have only been developed just in the past year or two, suggesting a growing recognition of how important these efforts are. Amidst escalating numbers of threats and attacks online, there is no better defense than a robust culture of cybersecurity among individuals and organizations. Far from trying to evaluate the particular merits of one program or another, this paper simply seeks to capture how different countries are approaching this issue. We hope that by sharing the wide range of different approaches we can help governments to learn from one another and continue to develop and improve their own programs, both in the Commonwealth and beyond.
That said, in addition to identifying the different approaches states have taken, the paper also provides high-level guidance from an industry perspective about what characteristics make for effective cybersecurity awareness campaigns and programs. The Cybersecurity Tech Accord believes such initiatives should strive to be:
- Up-to-date – This is essential in order to keep pace with a constantly changing threat environment online;
- Recursive – Cybersecurity awareness is not a box to be checked, but rather something that needs to be revisited and reinforced regularly;
- Inclusive – All who use, or will use, ICTs should be aware of cyber risk so they are not victimized, so awareness efforts need to cut across cultural, gender, and any other lines of difference;
- Culturally responsive – While there is much we can learn from one another across nations and stakeholder groups, awareness campaigns need to be tailored to the needs of their local contexts; and
- Multistakeholder – To be effective, cybersecurity awareness efforts should leverage the expertise and insights of relevant industry and civil society organizations.
We were reminded, in particular, of the importance of multistakeholder cooperation in these efforts during our recent participation in the UN dialogues on cybersecurity in December. A consistent theme throughout the three-day meeting was the challenge of matching needs with expertise when it comes to cybersecurity, and the value of building relationships across stakeholder groups to facilitate this exchange. Cybersecurity is a shared responsibility and we are glad for the opportunity to partner with the FCO in producing this paper; to take steps to bridge the gap between needs and expertise. We hope you find the insights included valuable in considering awareness programs in your own country, and stand ready to provide further support for such efforts in the future.