By Kevin Coleman — Defense Tech Cyberwarfare Correspondent
Earlier this month the Czech Republic released its cyber security strategy from now through 2015. An English version of the strategy is available on the Czech Governmental CERTs web site. While the Czech strategy is a mere 10 pages and under 3,000 words, it is a high level account of what would be considered a foundation laying program. The Czech report comes just weeks after the U.S. Department of Defense released a public version of its strategy for operating in cyberspace. The DoD’s strategy is 19 pages with a couple pages were intentionally left blank and over 5,300 words. Clearly a bit more detailed and built upon a foundation that has already been established.
In looking these cyber security strategies, you can see a huge span in approach. This is partially due to the level of critical technical infrastructure the governments are charged with protecting. Another contributing factor is that each governments’ perception of the cyber threat is mostly based on the level of sophistication and frequency of the attacks they experience. Finally, it is directly dependent on where they are on the risk/threat mitigation continuum (shown below).
As more and more countries and militaries develop their operational strategies for cyber defense and security, you can expect to see a few common themes. At this point the following are the top three common themes:
- Education and Training
- Partnerships with Technology Providers and the Private Sector
- International Cooperation
It will be worth monitoring these strategies to see if they are routinely updated and changed as new technology emerges and as we see changes to the threat environment.
Czech Cyber Strategy Document: http://www.enisa.europa.eu/media/news-items/CZ_Cyber_Security_Strategy_20112015.PDF
DoD Cyber Strategy Document: http://www.defense.gov/news/d20110714cyber.pdf