Line 9: |
Line 9: |
| Government leaders have different understandings and expectations of how involved a government should be in a nation’s cybersecurity. | | Government leaders have different understandings and expectations of how involved a government should be in a nation’s cybersecurity. |
| McKinsey suggests considering several questions to ascertain a government’s role in cybersecurity. [https://www.mckinsey.com/industries/public-and-social-sector/our-insights/asking-the-right-questions-to-define-governments-role-in-cybersecurity#] | | McKinsey suggests considering several questions to ascertain a government’s role in cybersecurity. [https://www.mckinsey.com/industries/public-and-social-sector/our-insights/asking-the-right-questions-to-define-governments-role-in-cybersecurity#] |
− | #Who is accountable? | + | # Who is accountable? |
− | *Some national and state governments have consolidated accountabilities into a clear structure, such as Estonia’s Cyber Security Council, or have crisis-response mechanisms as in Sweden. *Germany has its Bundesamt für Sicherheit in der Informationstechnik (Federal Office for Information Security). | + | #*Some national and state governments have consolidated accountabilities into a clear structure, such as Estonia’s Cyber Security Council, or have crisis-response mechanisms as in Sweden. |
− | *The United Kingdom’s National Cyber Security Centre (NCSC) has been cited as a model for government-level cybersecurity. | + | #*Germany has its Bundesamt für Sicherheit in der Informationstechnik (Federal Office for Information Security). |
− | #How centralized is it? | + | #*The United Kingdom’s National Cyber Security Centre (NCSC) has been cited as a model for government-level cybersecurity. |
− | *Japan’s Cyber Security Strategic Headquarters hosts audit and regulation functions in a centralized agency as does Romania’s Association for Information Security Assurance. | + | # How centralized is it? |
− | *India has dispersed audit functions across multiple bodies. | + | #*Japan’s Cyber Security Strategic Headquarters hosts audit and regulation functions in a centralized agency as does Romania’s Association for Information Security Assurance. |
− | *Australia introduced a notifiable-data-breaches scheme in 2017, making it a legal requirement to notify affected individuals and the Office of the Australian Information Commissioner of serious data breaches. | + | #*India has dispersed audit functions across multiple bodies. |
− | #Relationship with the private and academic sectors? | + | #*Australia introduced a notifiable-data-breaches scheme in 2017, making it a legal requirement to notify affected individuals and the Office of the Australian Information Commissioner of serious data breaches. |
− | *Singapore’s National Cybersecurity R&D Programme supports public–private research partnerships and budgeted $190 million Singapore dollars ($137.85 million) in the national strategy for the creation of the National Cybersecurity R&D Laboratory at the National University of Singapore. | + | # Relationship with the private and academic sectors? |
− | #How does it define national critical infrastructure? | + | #*Singapore’s National Cybersecurity R&D Programme supports public–private research partnerships and budgeted $190 million Singapore dollars ($137.85 million) in the national strategy for the creation of the National Cybersecurity R&D Laboratory at the National University of Singapore. |
− | *In the United States, the Department of Homeland Security coordinates a national infrastructure-protection plan and requires sector-specific agencies, such as the Cybersecurity and Infrastructure Security Agency (CISA) to develop sector-specific plans. | + | # How does it define national critical infrastructure? |
| + | #*In the United States, the Department of Homeland Security coordinates a national infrastructure-protection plan and requires sector-specific agencies, such as the Cybersecurity and Infrastructure Security Agency (CISA) to develop sector-specific plans. |
| + | |
| ==The Industry== | | ==The Industry== |
| ===Providers=== | | ===Providers=== |