We consider cyber security as a multi-dimensional concept that spans:
- devising cyber policy and cyber defence
- encouraging responsible cyber culture within society
- building cyber skills into the workforce and leadership
- creating effective legal and regulatory frameworks
- controlling risks through technology and processes
The Centre is researching the nuances of capacity across and within these multiple dimensions, the types of activities which can deliver and increase capacity, where best practice exists, the conditions under which increases in capacity should be sought, and the ways in which the dimensions relate to and depend upon each other for success.
The Centre has developed an innovative model to assess cybersecurity capacity maturity through a wide-ranging evaluation of these five areas. Find out more about the model and our work on the new cybersecurity capacity portal.
The Centre's research adopts the following principles:
Avoid reinvention: seek to identify best practice wherever it arises;
Inclusivity: to consider relevant global and multi-cultural issues;
Objectivity: to maintain an objective approach, with members of working-groups representing their individual and community knowledge, not commercial or partisan interests;
Rigour: seek evidence to support and challenge their hypotheses, and avoid confirmation-bias;
Mutually Supportive: to identify and investigate relationships which may exist with other dimensions