GLOBSEC is partnering with the Cyber Readiness Index 2.0 (CRI) team at the Potomac Institute for Policy Studies (PIPS) – a Washington D.C.-based think tank – to develop a CRI-based assessment of Slovakia. In doing so, our Policy Institute will work with the methodology created by Melissa Hathaway, a leading expert in cyberspace policy who served in two U.S. presidential administrations, spearheading the Cyberspace Policy Review for President Barack Obama and the Comprehensive National Cybersecurity Initiative (CNCI) for President George W. Bush. The joint team will develop an in-depth analysis of Slovakia’s cybersecurity-related efforts and capabilities based on the CRI 2.0 methodology, which will be published by GLOBSEC and PIPS in March 2019.
The CRI 2.0 methodology has so far been applied to ten countries – France, Germany, India, Italy, Japan, Morocco, the Netherlands, the Kingdom of Saudi Arabia, the United Kingdom, and the United States – and is the only methodology publicly available in all 6 United Nations languages (Arabic, Chinese, English, French, Russian, and Spanish). The CRI 2.0 methodology provides a comprehensive, experience-based, and user-friendly tool to assess countries’ commitment and maturity to closing the gap between their current cybersecurity posture and the national cyber capabilities needed to support their digital future. This unique methodology seeks to bring transparency to the economic losses caused by cyber insecurity and encourages countries to align their national economic vision with their national security priorities. The CRI 2.0 challenges the conventional wisdom that cybersecurity is predominately a national security issue. It demonstrates how national security is closely intertwined with Internet connectivity and the rapid adoption of ICT, which – when secure and resilient – can lead to economic growth and prosperity. Several countries, international institutions, think tanks, researchers, and corporations view this methodology as a balanced resource that could be utilized to evaluate and measure cyber preparedness at the national, regional, and local levels. Derivative country reports are based on over seventy unique data indicators across seven essential elements to discern operationally ready activities and identify areas for improvement in the following categories: 1. National strategy; 2. Incident response; 3. E-crime and law enforcement; 4. Information sharing; 5. Investment in research and development (R&D); 6. Diplomacy and trade; and 7. Defense and crisis response.
While the past year has seen Slovakia take several strides in the right direction in the sphere of cybersecurity, including passing appropriate legislation, concerted efforts still need to be made both in terms of developing cybersecurity readiness and building a cyber-literate workforce. The recent revelation of an attempted cyber-attack on the Slovak Ministry of Foreign Affairs, purportedly originating from abroad, is one of several examples illustrating the need to significantly increase investment in cybersecurity capacities and prevention measures in order to curb the number of cyber-attacks in the region. A working roundtable on cybersecurity capacities was held on December 7, in association with the Slovak Deputy Prime Minister’s Office, where government and private sector representatives highlighted the importance of investing in cyber preparedness and awareness-building in cybersecurity.
The CRI 2.0 report for Slovakia, a joint product of the GLOBSEC Policy Institute’s cyber programme and the Potomac Institute for Policy Studies, will enable a better understanding of Slovakia’s Internet-Infrastructure dependencies and vulnerabilities. It will assess the country’s level of preparedness for certain cyber risks and identify areas where policymakers can alter or refine the country’s current posture by leveraging or changing laws, policies, standards, market levers etc., and implementing other initiatives to preserve the security of their connectivity and protect the value of their economy.
This also marks the first time that the CRI 2.0 methodology is being applied to a Central and Eastern European state. As Melissa Hathaway, CRI leading author, stated: ‘’We are really excited to partner with GLOBSEC and prepare a Cyber Readiness Index profile for Slovakia. The Slovak government as early as 2012 recognised and set forth its vision for becoming cyber-ready. This is an important evaluation to undertake because Slovakia is a strategic member of the EU, NATO, and the Visegrád Group alliances. This will be the first profile in the Visegrad Group and we hope it will pave the way for more countries in the region to understand the value of such an analysis.”