Cybersecurity Capacity Maturity Model for Nations (CMM) 2021 Edition Launch

Past Event

25 March 2021, 2:00pm - 3:00pm


Disney 1149179 1920

Prompted by the changing threat landscape and corresponding cybersecurity practice, the Global Cyber Security Capacity Centre (GCSCC) has led a review of its Cybersecurity Capacity Maturity Model for Nations (CMM).

To produce this CMM 2021 Edition the GCSCC undertook a global collaborative consultation exercise whose goal was to extract and synthesise the community’s latest knowledge. The result is a model that addresses new and evolving cybersecurity capacity needs and requirements that nations need to address to ensure that cyberspace and the systems dependent on it are resilient to increasing attacks.

At this webinar, the researchers and academics who lead the CMM revision will present the rationale behind the new additiom and the process of the revision. They will also provide a snapshot of the changes done in each dimension of the CMM. Followed by Q&A.

This event is organised by the Global Cyber Security Capacity Centre and will take place on Zoom. Please register here:
Creese Sadie

Prof Sadie Creese
Professor of Cybersecurity

Sadie Creese is Professor of Cybersecurity in the Department of Computer Science at the University of Oxford. She is Co-Director of Oxford’s Cyber Security Centre, Director of the Global Cyber Security Capacity Centre at the Oxford Martin School, and a co-Director of the Institute for the Future of Computing at the Oxford Martin School.

Her research experience spans time in academia, industry and government. She is engaged in a broad portfolio of cyber security research spanning situational awareness, visual analytics, risk propagation and communication, threat modelling and detection, network defence, dependability and resilience, and formal analysis. She has numerous research collaborations with other disciplines and has been leading inter-disciplinary research projects since 2003. Prior to joining Oxford in October 2011 Creese was Professor and Director of e-Security at the University of Warwick’s International Digital Laboratory. Creese joined Warwick in 2007 from QinetiQ where she most recently served as Director of Strategic Programmes for QinetiQ’s Trusted Information Management Division. Recent publications include papers on topics including insider threat detection, visual analytics for cyber attack, cyber risk propagation prediction, identity attribution across physical and cyber spaces, personal privacy in the face of big data, vulnerability of identities in social networking contexts, and trustworthiness metrics for openly sourced data.

Eva Nagyfejeo

Dr Eva Nagyfejeo
Research Fellow

Eva is a Research Fellow at the GCSCC supporting the delivery of global cybersecurity capacity-building expertise by promoting the Centre’s CMM through country reviews.

In particular, her role involves developing knowledge-transfer material and supporting the Oceania Cyber Security Centre (OCSC) in Melbourne, Australia, in their deployment of the CMM across the Pacific island states. Her work also includes close work with high-level stakeholders in governments, regional and international organisations, academia and industry. By the end of 2019, she participated in nine country reviews around the world: Ghana (January 2018), North Macedonia (January 2018), Brazil (March 2018), Samoa (April 2018), Tonga (June 2018), Bosnia and Herzegovina (October 2018), The Gambia (October 2018), Georgia (November 2018), and Tunisia (June 2019). She is also leading the revision of the Centre’s CMM.

Before working with the GCSCC, Eva was an Associate Fellow at the European Union Institute for Security Studies (EUISS) in Brussels working on the project 'EU Cyber Capacity Building Toolkit'. She obtained her PhD in Politics and International Studies from the University of Warwick (UK) and her thesis examined EU-US cooperation in cybersecurity focusing on the fight against cybercrime. Her field research was conducted in Brussels, Washington, D.C. (Georgetown University) and The Hague. She holds an MSc in International Relations & Global Issues from the University of Nottingham. Prior to joining the EUISS, she worked at NATO, Europol/European Cybercrime Centre (EC3), the European Parliament and at the Center for Security Studies at ETH Zürich. Her experiences included working on the EU Cyber Security Strategy, the Network and Information Security (NIS) Directive and the GDPR. Eva was also acting as the coordinator of the IAS Cyber Security Research Network at the University of Warwick and is a member of Swansea University's Cyberterrorism Project.

Jamie Saunders

Dr Jamie Saunders
Strategic Security Consultant

Dr Jamie Saunders is a strategic security consultant and visiting professor at UCL. The majority of his career has been spent in UK Government, including GCHQ, Cabinet Office, the Foreign and Commonwealth Office and the National Crime Agency. At Director International Cyber Policy at FCO, he was responsible for the establishment of the UK’s cyber security capacity building programme, which (amongst other things) led to the creation of the Oxford capacity centre.

At the NCA his roles included Director of the National Cyber Crime Unit, where he helped to build up new operational partnerships with international allies and with business. Since leaving government in he has provided specialist cyber and other security advice to government and to businesses in the financial, technology, and manufacturing sectors.

William dutton

Prof William Dutton
Emeritus Professor, University of Southern California (USC)

William H. Dutton is an Emeritus Professor at the University of Southern California (USC), where he was a Fulbright Scholar to Britain, was elected President of the University’s Faculty Senate, and taught until 2002, when he became the first Professor of Internet Studies at the University of Oxford.

At Oxford, Bill was founding director of the Oxford Internet Institute (OII), and a Fellow of Balliol College. He left Oxford in 2014 to become the Quello Professor of Media and Information Policy in the College of Communication Arts and Sciences at MSU, where he served as Director of the Quello Center, until returning to Oxford as an Oxford Martin Fellow to support research for the GCSCC.

He has recently edited the Oxford Handbook of Internet Studies (OUP 2013), four volumes on Politics and the Internet (Routledge 2014), and a reader entitled Society and the Internet, with Mark Graham (OUP 2014), with a 2nd edition in progress. His book entitled Society on the Line (OUP 1999) has been influential to social sciences of the Internet. Currently, he is writing a book on his concept of the Fifth Estate of the Internet realm.


Prof Michael Goldsmith
Senior Research Fellow

Michael Goldsmith is a Senior Research Fellow at the Department of Computer Science and Worcester College, Oxford. With a background in Formal Methods and Concurrency Theory, Goldsmith was one of the pioneers of automated cryptoprotocol analysis. His research work has investigated a range of Technology Strategy Board and industrial or government-funded projects ranging from highly mathematical semantic models to multidisciplinary research at the social-technical interface. He is an Associate Director of the Cyber Security Centre, Co-Director of the newly launched Centre for Doctoral Training in Cybersecurity and is active in the IAAC Academic Liaison Panel.


Prof Basie von Solms
Research Professor, University of Johannesburg

Prof SH (Basie) von Solms is a Research Professor in the Academy for Computer Science and Software Engineering at the University of Johannesburg in Johannesburg, South Africa. He is presently the Director of the UJ Centre for Cyber Security of the University of Johannesburg.

Basie is a member of the World Economic Forum’s Global Future Council for Cyber Security as well as a member of the UK Government’s Cyber Fellows Program for Africa. Apart from his special interest in Cybersecurity Capacity building, he is supervising several PhD students in the areas of Cyber Counterintelligence, Cybersecurity Maturity and national Cybersecurity Strategies and Policies.