1. Introduction

The increased reliance on digital technology globally comes with risks and threats. A cybersecurity strategy is a high-level document designed to address the risks and issues associated with the use of digital technologies. Developing a national cybersecurity strategy has the benefit of providing certainty in cybersecurity governance, which will in turn increase trust for those using digital technologies and provide tools, policies and guidelines to manage risks.  

Once the strategy has been developed, the responsibility for coordinating its implementation lies with the government. Successful implementation of strategies depends on the application of various levers available to governments and understanding how the levers can best be used to bring about the desired outcomes. These levers and how governments can use them are usually described in the strategy.  

Legislation and regulations are two of the most effective levers governments and their agencies can adopt in implementing functional strategies. These levers can create institutions, establish relationships and assign responsibilities necessary for successfully implementing the strategies. The focus and manner of developing the use of the legislations and regulations may vary between countries based on priorities and other existing legal frameworks. This module will provide a guide as to how to think through the options a government has and consider how legislation or regulation could be developed to achieve the goals of its strategy.