Authors:
Mohamed Altaher Ben Naseir
1
;
Huseyin Dogan
1
;
Edward Apeh
1
and
Raian Ali
2
Affiliations:
1
Bournemouth University, Fern Barrow, Poole, Dorset, BH12 5BB, U.K.
;
2
College of Science and Engineering, Hamad Bin Khalifa University, Doha, Qatar
Keyword(s):
National Cybersecurity Capacity, Business Process and Modelling Approaches, IDEF0.
Abstract:
Building cybersecurity capacity has become increasingly a subject of global concern in both stable countries and those countries in a transitional phase. National and international Research & Technology Organisations (RTOs) have developed a plethora of guidelines and frameworks to help with the development of a national cybersecurity framework. Current state-of-art literature provides guidelines for developing national cybersecurity frameworks but, relatively little research has focussed on the context of cybersecurity capacity building especially for countries in the transitional stage. This paper proposes a National Cybersecurity Capacity Building Framework (NCCBF) that relies on a variety of existing standards, guidelines, and practices to enable countries in a transitional phase to transform their current cybersecurity posture by applying activities that reflect desired outcomes. The NCCBF provides stability against unquantifiable threats and enhances security by embedding leadin
g and lagging performance security measures at a national level. The NCCBF is inspired by a Design Science Research methodology (DSR) and guided by utilising enterprise architectures, business process and modelling approaches. Furthermore, the NCCBF has been evaluated by a focus group against a structured set of criteria. The evaluation demonstrated the valuable contribution of the NCCBF’s in representing the challenges in National Cybersecurity Capacity Building and the complexities associated to the build.
(More)