Skip to main content
Cybersecurity Capacity Centre Header

Our aim is to understand how to deliver effective cyber security both within the UK and internationally.

Our work is focused on developing a framework for understanding what works, what doesn’t work and why – across all areas of cybersecurity capacity. This is important so that governments and enterprises can adopt policies and make investments that have the potential to significantly enhance safety and security in cyberspace, while also respecting core human rights’ values and interests, such as privacy and freedom of expression.

What are we doing?

The Global Cyber Security Capacity Centre (GCSCC) is a leading international centre for research on efficient and effective cybersecurity capacity-building, promoting an increase in the scale, pace, quality and impact of cybersecurity capacity-building initiatives across the world. It has created a first-of-its-kind model to measure cybersecurity capacity maturity across five areas (or 'dimensions'), which aims to enable nations to self-assess, benchmark, better plan investments and national cybersecurity strategies, and set priorities for capacity development.

Working with key stakeholders from across the international community, the Centre has begun to successfully apply the model globally, alongside partners such as the World Bank, the Organization of American States and the Commonwealth Telecommunications Organisation. The first report released as a result of this work was launched in June 2015 in Kosovo.

The Centre is also developing a holistic and robust model for understanding the harm experienced by nations as a result of a lack of capacity, and how this can be reduced. Together, these complementary models will provide nations with a comprehensive framework to make better informed decisions to improve planning, avoid duplication and enable better-strategised capacity building investments.

The GCSCC has initiated a regional strategy by establishing regional collaboration partnerships with centres of excellence in key locations around the world. The first collaboration has been established with the Oceania Cyber Security Centre (OCSC), Melbourne, funded by the State Government of Victoria, which will seek to deploy the CMM in the 15 countries of the Oceania region by 2019. In future, the GCSCC hopes to establish further partnerships in both Africa and Asia.

The Oceania Cyber Security Centre (OCSC) is a collaboration of 8 Victorian Universities with substantial support from the Victorian Government and their collaboration with the GCSCC is one of several cyber-related projects they are currently working on. The broad aim of the centre is to engage with the Australian cyber security industry to develop research and provide training opportunities for students, government agencies and the private sector (including executive training) toward resolving cyber security issues.

The OCSC’s key areas of expertise are in:

  • Critical Infrastructure and the Internet of Things
  • Verification
  • Social media and information security
  • Advanced Cryptography
  • Big Data
  • Network Security
  • Automation and Industrial Control Systems

Professor Ian Goldin on the work of the Global Cyber Security Capacity Centre

The Centre has recently created a new cybersecurity capacity portal, a global resource for cyber security capacity building and how best to achieve it, and an online space for sharing experiences, best practice, and new developments. It has been developed with the Said Business School, University of Oxford, and in partnership with The Global Forum on Cyber Expertise (GFCE), a new global platform promoting cyber capacity building.

What are the aims of the Global Cyber Security Capacity Centre?

Why is it important?

Worldwide, actors at all levels, from individuals to nation states, need to ensure that cyberspace and the systems dependent on it are resilient to attack, in the face of constant growth in the scale and complexity of our networks, and enormous volumes of data and applications. Cyberspace and our assets within it need to be protected to ensure that critical digital infrastructures and services can operate effectively now and in the future.

We are working with a wide range of global partners, including governments, international organisations and the private sector. The Centre will ensure that this knowledge becomes a global resource.

Governance of the Centre

The technical direction for the Centre is set by its Technical Board – which consists of the Director and other senior academic staff, with representation by core administration as needed. Please see our People page for more information. The University of Oxford core staff oversee operations with the Director being responsible for overall programme technical management on a day-to-day basis.

The Centre is hosted within the Oxford Martin School at the University of Oxford, which is accountable to a Management Committee with executive responsibility for managing overall strategy. It also benefits from the established Advisory Council of the School.

A joint project Board consisting of representatives of the UK FCO (our main funders) and the Centre exists primarily to monitor the progress the Centre in terms of delivery, management of risks and budgets but also to serve as a sounding board for the Centre on policy, international and strategic issues.

The Centre’s Expert Advisory Panel provides thought-leadership to support its goals. The role of a panel member is to contribute based on their individual expertise, and members are invited to join the working group in a personal capacity. The Centre does not provide fees or honoraria to panel members. Details of current membership of the panel can be found on our People page.


Royal Holloway
Computer Science


Said Business School