Advanced Experiences in Cybersecurity Policies and Practices: An Overview of Estonia, Israel, South Korea, and the United States
Lewis, James Andrew
García de Alba Díaz, Ana Catalina; Porrúa, Miguel
Access to the Internet increases productivity, national income, and employment. Access to information catalyzes growth. However, these opportunities come with risk. Digital technologies are not mature and can be easily exploited by criminals and other antagonists. This discussion paper looks at the experience of four countries -Estonia, Israel, South Korea, and the United States- that are among the most advanced in cybersecurity, to see how they have tackled this problem and what lessons can be learned from their experiences. To provide a structured assessment, CSIS, under the leadership of James A. Lewis, has based this review on the Cybersecurity Capability Maturity Model (CMM), originally applied in the 2016 Cybersecurity Report: Are We Ready in Latin America and the Caribbean? The CMM approaches cybersecurity through five dimensions of capacity and evaluates them along five stages of maturity for each of its 49 indicators. This document will complement the 2016 Cybersecurity Report by providing an overview of the experiences of these leading countries, describing how they have approached the problem of cybersecurity and how their policies have evolved. It serves as a useful guide to other countries as they develop their own national approaches to cybersecurity.