Cybersecurity Capacity Maturity Model for Nations
 | This template is not to be used in article space. This is the sandbox page where you will draft your initial Wikipedia contribution. If you're starting a new article, you can develop it here until it's ready to go live. If you're working on improvements to an existing article, copy only one section at a time of the article to this sandbox to work on, and be sure to use an edit summary linking to the article you copied from. Do not copy over the entire article. You can find additional instructions here. Remember to save your work regularly using the "Publish page" button. (It just means 'save'; it will still be in the sandbox.) You can add bold formatting to your additions to differentiate them from existing content. |
The Cybersecurity Capacity Maturity Model for Nations
The Cybersecurity Capacity Maturity Model for Nations (CMM) is first of its kind framework for countries to review their cybersecurity capacity, benchmark it and receive recommendation for improvement.[1] It was designed by Global Cyber Security Capacity Centre of University (GCSCC) of University of Oxford. The recommendations includes guidance on areas of cybersecurity to focus and invest in. It assesses the capacity of a country from five identified area called dimensions- The dimensions represent the totality of the capacity area required by a country to improve its cybersecurity posture.[2] The assessment rate each dimension using levels that ranges from Start-up, Formative, Established, Strategic and Dynamic. As at June, 2021, the framework has been adopted and implemented in over 80 countries worldwide.[3] Its deployment has been catalyzed by the involvement of international organizations such as the Organization of American States (OAS), the World Bank (WB), the International Telecommunications Union (ITU) and the Commonwealth Telecommunications Union (CTO) and Global Forum on Cyber Expertise (GFCE).[4]
Overview
The framework is designed to assist countries participate in a cyberspace that support well-being, human rights and prosperity.
It assesses the capacity of a country from five identified area called dimensions. These dimension have been further divided into factors and the factors have aspects. The Dimensions, factors and aspects have changed overtime between versions.
Version 1 of the framework was released in 2014 and Kosovo was the first pilot country. It has 5 dimension, 21 factors and 60 aspects. Version 3 was released in 2016, with 5 dimensions, 23 factors and 61 aspect. The latest version was released in 2021 with 5 dimension and 62 aspects.
Difference between versions
The difference between versions is further represented in table below.
The Stages of National Cybersecurity Capacity
The Structure of the CMM
This section details the aspect in each dimension
The recommendation
This section details the recommendation.
Sample results from some of the reviews are available here
Nation with CMM
Challenges with CMM
References
- ^ The World Bank. "Global Cybersecurity Capacity Program. "Lessons Learned and Recommendations towards strengthening the Program"". documents.worldbank.org. Retrieved 2021-06-23.
{{cite web}}: CS1 maint: url-status (link) - ^ Global Cyber Security Capacity Centre (2021). "Cybersecurity Capacity Maturity Model for Nations (CMM)" (PDF).
{{cite web}}: CS1 maint: url-status (link) - ^ "CMM Reviews around the World". gcscc.ox.ac.uk. Retrieved 2021-06-24.
- ^ RAND (2017). "Developing Cybersecurity Capacity. A proof-of-concept implementation guide" (PDF).
{{cite web}}: CS1 maint: url-status (link)