Strategies for Cybersecurity and Critical Information Infrastructure Protection (CIIP)

Modern societies have a growing dependency on information and communication technologies  that are globally interconnected. However, this interconnectivity also creates interdependencies and risks that need to be managed at national, regional and international levels. Enhancing cybersecurity and protecting critical information infrastructures are essential to each nation's security and economic well-being.

At the national level, this is a shared responsibility requiring coordinated action related to the prevention, preparation, response, and recovery from incidents on the part of government authorities, the private sector and citizens. At the regional and international level, this entails cooperation and coordination with relevant partners. The formulation and implementation of a national framework for cybersecurity and critical information infrastructure protection (CIIP) requires a comprehensive approach.

Vision

Tool
		ITU National Cybersecurity Strategy Guide This document is a reference model for national Cybersecurity strategy elaboration. It discusses what constitutes a national Cybersecurity strategy and it seeks to accomplish and the context that influences its execution. The Guide also discusses how States and other relevant stakeholders such as private sector organisations can build capacity to execute a cybersecurity strategy and the resources required to address risks.

National Strategies

(some examples)

Australia: Australia in the Digital Economy: Trust and Confidence, 2009

Burkina Faso: La Cyber sécurité Nationale, 2004

Canada: Cyber Security Strategy, 2010

Cote D’Ivoire: Stratégie nationale de cyber sécurité, 2010

Estonia: Cyber Security Strategy, 2008

India: Cyber Security Strategy, 2011

Maroc: La Stratégie Nationale pour la Société de l’Information et de l’économie numérique, 2010

UK: The National Security Strategy, 2010

Tunisie: Tunisie : stratégie nationale en matière de sécurité informatique, 2009

 Finland: National Information Security Strategy, 2006

 Germany:  National Plan for Information Infrastructure Protection, 2005

 Japan:  National Strategy on Information Security – Toward the Realization of a Trustworthy Society (tentative translation), 2006

 New Zealand: Digital Strategy – Smarter Through Digital, 2007

 Singapore:  Infocomm Security Masterplan 2, and Strategy in Securing Cyberspace, 2005

 Sweden:  Strategy to Improve Internet Security in Sweden, 2006

 United States:  National Strategy to Secure Cyberspace

 Report for United States Congress:  Creating a National Framework for Cybersecurity: An Analysis of Issues and Options, 2005

 Committee on the Judiciary, United States Senate:  Critical Information Infrastructure Protection: The Threat is Real, 1999

 OECD:National 'Culture of Security' Implementation Strategies in 19 OECD Members, 2005

ENISA: Report on the Status of Network and Information Security in 30 European Countries, including mapping of stakeholders and trends, 2009