In a constantly changing cyber threats environment, EU Member States need to have flexible and dynamic cyber security strategies to meet new, global threats.
ENISA recently published its second National Cyber Security Strategy Good Practice Guide, providing an update to the 2012 ENISA guidebook on the design and implementation of a National Cyber Security Strategy.
The guide is updating the different steps, objectives and good practices of the original guide and analyses the status of NCSS in the European Union and EFTA area. The aim is to support EU Member States in their efforts to develop and update their NCSS. The guide also provides useful insights for the stakeholders involved in the lifecycle of the strategy, such as private, civil and industry stakeholders.
The guide can be used as a tool by governmental bodies that are responsible for cyber security strategies. It highlights good practices, identifies gaps and challenges, and suggests key performance indicators (KPIs) for the evaluation phase. It concludes with a set of recommendations on how to proceed with the development and maintenance of a NCSS.
The recently adopted NIS Directive requires all EU Member States to develop and adopt a NCSS. For this reason, the guide will particularly assist countries that don't have a strategy already in place, through the design and implementation phase, while assist countries which have a strategy, to update and strengthen their NCSS.
Source: www.enisa.europe.eu