The Global Cyber Security Capacity Centre

The Challenge

Our work is focused on developing a framework for understanding what works, what doesn’t work and why – across all areas of cybersecurity capacity.

This is important so that governments and enterprises can adopt policies and make investments that have the potential to significantly enhance safety and security in cyberspace, while also respecting core human rights’ values and interests, such as privacy and freedom of expression.

The Global Cyber Security Capacity Centre (GCSCC) is a leading international centre for research on efficient and effective cybersecurity capacity-building, promoting an increase in the scale, pace, quality and impact of cybersecurity capacity-building initiatives across the world. It has created a first-of-its-kind model to review cybersecurity capacity maturity across five areas (or ‘dimensions’), which aims to enable nations to self-assess, benchmark, better plan investments and national cybersecurity strategies, and set priorities for capacity development.

Worldwide, actors at all levels, from individuals to nation states, need to ensure that cyberspace and the systems dependent on it are resilient to attack, in the face of constant growth in the scale and complexity of our networks, and enormous volumes of data and applications. Cyberspace and our assets within it need to be protected to ensure that critical digital infrastructures and services can operate effectively now and in the future.

Working with key stakeholders from across the international community, the Centre has begun to successfully apply the model globally, alongside partners such as the World Bank, the Organization of American States and the Commonwealth Telecommunications Organisation. The first report released as a result of this work was launched in June 2015 in Kosovo.

The Centre is also developing a holistic and robust model for understanding the harm experienced by nations as a result of a lack of capacity, and how this can be reduced. Together, these complementary models will provide nations with a comprehensive framework to make better informed decisions to improve planning, avoid duplication and enable better-strategised capacity building investments.

The GCSCC has initiated a regional strategy by establishing regional collaboration partnerships with centres of excellence in key locations around the world. The first collaboration has been established with the Oceania Cyber Security Centre(OCSC), Melbourne, funded by the State Government of Victoria, which will seek to deploy the CMM in the 15 countries of the Oceania region by 2019. In future, the GCSCC hopes to establish further partnerships in both Africa and Asia.

The Oceania Cyber Security Centre (OCSC) is a collaboration of 8 Victorian Universities with substantial support from the Victorian Government and their collaboration with the GCSCC is one of several cyber-related projects they are currently working on. The broad aim of the centre is to engage with the Australian cyber security industry to develop research and provide training opportunities for students, government agencies and the private sector (including executive training) toward resolving cyber security issues.

The OCSC’s key areas of expertise are in:

  • Critical Infrastructure and the Internet of Things
  • Verification
  • Social media and information security
  • Advanced Cryptography
  • Big Data
  • Network Security
  • Automation and Industrial Control Systems

Why is it important?

Worldwide, actors at all levels, from individuals to nation states, need to ensure that cyberspace and the systems dependent on it are resilient to attack, in the face of constant growth in the scale and complexity of our networks, and enormous volumes of data and applications. Cyberspace and our assets within it need to be protected to ensure that critical digital infrastructures and services can operate effectively now and in the future.

We are working with a wide range of global partners, including governments, international organisations and the private sector. The Centre will ensure that this knowledge becomes a global resource.

The Cybersecurity Capacity Portal

The Centre has created a cybersecurity capacity portal, a global resource for cyber security capacity building and how best to achieve it, and an online space for sharing experiences, best practice, and new developments. It has been developed with the Said Business School, University of Oxford, and in partnership with The Global Forum on Cyber Expertise (GFCE), a new global platform promoting cyber capacity building.

Visit now

Research dimensions

The Centre's research adopts the following principles:

  • Avoid reinvention: seek to identify best practice wherever it arises;
  • Inclusivity: to consider relevant global and multi-cultural issues;
  • Objectivity: to maintain an objective approach, with members of working-groups representing their individual and community knowledge, not commercial or partisan interests;
  • Rigour: seek evidence to support and challenge their hypotheses, and avoid confirmation-bias;
  • Mutually Supportive: to identify and investigate relationships which may exist with other dimensions.

The Centre is researching the nuances of capacity across and within these multiple dimensions, the types of activities which can deliver and increase capacity, where best practice exists, the conditions under which increases in capacity should be sought, and the ways in which the dimensions relate to and depend upon each other for success.

We consider cyber security as a multi-dimensional concept that spans five core dimensions. The Centre has developed an innovative model to assess cyber security capacity maturity through a wide-ranging evaluation of these five areas.

Featured video

Professor Ian Goldin, Professor of Globalisation at the Univesity of Oxford and Development, discusses the work and importance of the Global Cyber Security Capacity Centre

Governance of the Centre

The technical direction for the Centre is set by its Technical Board – which consists of the Director and other senior academic staff, with representation by core administration as needed. The University of Oxford core staff oversee operations with the Director being responsible for overall programme technical management on a day-to-day basis. Please see our People page for more information.

A joint project Board consisting of representatives of the UK FCO (our main funders) and the Centre exists primarily to monitor the progress the Centre in terms of delivery, management of risks and budgets but also to serve as a sounding board for the Centre on policy, international and strategic issues.

The Centre’s Expert Advisory Panel provides thought-leadership to support its goals. The role of a panel member is to contribute based on their individual expertise, and members are invited to join the working group in a personal capacity. The Centre does not provide fees or honoraria to panel members. Details of current membership can be found on our People page.

The Centre is hosted within the Oxford Martin School at the University of Oxford, which is accountable to a Management Committee with executive responsibility for managing overall strategy. It also benefits from the established Advisory Council of the School.

Our partners

Unofficial Guideto Medicine UCL Logo 2
Comp Sci logo landscape L rgb corrected
Royalholloway
Said
Oxford Internet Institute