66 Some researchers note that in the last few years the emphasis has changed

66 some researchers note that in the last few years

This preview shows page 52 - 56 out of 102 pages.

66 Some researchers note that in the last few years “the emphasis has changed from a focus on transnational, terrorist threat actors to a framing of cyber security in terms of defense and increasingly offensive capabilities against cyber criminals, state actors and their proxies.” 67
Image of page 52
60 ASSESSING CYBER SECURITY Finally, one consideration that emerges from the analysis of the existing strategies as well as from OECD consultation with non-governmental stakeholders is that cyber security policy should be much more evidence-based and rely more on data and indicators rather than subjective perceptions. 68 CYBER THREATS TO: COUNTRY CRITICAL INFRASTRUCTURE DEFENSE CAPABILITIES ECONOMIC PROSPERITY GLOBALIZATION NATIONAL SECURITY PUBLIC CONFIDENCE IN ICT SOCIAL LIFE AUS CAN CZE DEU ESP EST FRA GBR IND JPN LTU LUX NLD NZL ROU UGA USA ZAF Count 18 5 18 3 15 9 7 NOTE: – EXPLICITLY DEFINED; – IMPLICITLY REFERENCED TABLE 2. CYBER THREATS IN NCSS SOURCE: LUIIJF, E., K. BESSELING, AND P. DE GRAAF.
Image of page 53
HCSS REPORT 61 CYBER THREATS FROM: COUNTRY ACTIVISM/ EXTREMISTS CRIMINALS/ ORGANIZED CRIME ESPIONAGE FOREIGN NATIONS/ CYBER WAR TERRORISTS LARGE- SCALE ATTACKS MISMATCH OF TECHNOLOGY AND SECURITY AUS CAN CZE DEU ESP EST FRA GBR IND JPN LTU LUX NLD NZL ROU UGA USA ZAF Count 5 18 11 13 13 9 2 NOTE: – EXPLICITLY DEFINED; – IMPLICITLY REFERENCED TABLE 3. CYBER THREAT ACTORS IN NCSS SOURCE: LUIIJF, E., K. BESSELING, AND P. DE GRAAF. 4.2 Responses by EU firms and citizens A national cyber security strategy is a high-level approach demonstrating the attention to cyber security issues on the part of national governments. Still, the overall level of national cyber security is largely determined by the actions of millions of organizations and individual users of ICT. In this section we will briefly review existing data on cyber security awareness and preparedness of the EU organizations and citizens. 69
Image of page 54
62 ASSESSING CYBER SECURITY 4.2.1 Size matters One way to judge the cyber security preparedness of an individual enterprise is to see whether it has a formally defined cyber security policy 70 , which can be viewed as an analogue of an NCSS at an enterprise level. A Eurostat survey shows that an answer to this question strongly depends on a company’s size: 65% of large enterprises (defined as having more than 250 employees) had such a policy, while this percentage drops to 43% for medium enterprises (between 50 and 250 employees) and further to 22% for small enterprises (less than 50 employees).
Image of page 55
Image of page 56

You've reached the end of your free preview.

Want to read all 102 pages?

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture