Open AccessMitigating Global Cyber Risk Through Bridging the National Incident Response Capacity Gap
Author(s) -
Elisabeth Dubois,
Unal Tatar
Publication year - 2022
Publication title -
proceedings of the ... international conference on information warfare and security/the proceedings of the ... international conference on information warfare and security
Language(s) - English
Resource type - Journals
eISSN - 2048-9889
pISSN - 2048-9870
DOI - 10.34190/iccws.17.1.66
Subject(s) - cyberspace , business , critical infrastructure , computer security , harm , government (linguistics) , capacity building , bridging (networking) , variety (cybernetics) , national security , cyber attack , public relations , the internet , economic growth , computer science , political science , economics , linguistics , philosophy , artificial intelligence , world wide web , law
Cyber-attacks know no borders. Given the globally connected environment, no region or country is secure against cyber-attacks unless the entire world is secure or has cyber capabilities. Yet, whether preventive or reactive, cyber countermeasures require coordination and engagement of various organizations, government bodies, and citizens of different countries. Although a variety of countermeasures exist, Computer Security Incident Response Teams (CSIRTs) have been deemed necessary systems in defending against and preventing cyberattacks, further supporting a nation’s cyber capacity and limiting the harm to citizens, businesses, and governments. Despite calls for establishing CSIRTs at the national level, especially toward protecting critical infrastructure and lives from cyber threats, various discrepancies exist based on a nation’s resources, capabilities, and needs. Limited research delves into the cyber capabilities of low-income countries despite an emphasis on improving global cyber capacity, leading to a need to establish a framework for low-income countries to address the unique needs with lessons learned from existing standards. CSIRTs can improve the cybersecurity posture of countries, so we seek to investigate how low-income countries can better mitigate cyber threats through cyber capacity building, including the creation of CSIRTs. This work-in-progress paper aims to investigate cyber incident response capacity building at the national level in low-income countries and identify challenges they may face in contributing to a more secure global cyberspace. Stemming from this paper, we will conduct a survey of national CSIRTs in low-income countries and conduct semi-structured interviews to further investigate their role. The implications of our research are far-spreading, assisting academics, practitioners, and governments in developing research, processes, and policies to aid low-income countries in their national cyber capacity building.