KM1- Mapping cybersecurity and the broader context
KM 2 - Cybersecurity strategy, policy and regulation
KM3 - Cyber diplomacy and international cooperation
1 of 4

2. What is a national cybersecurity strategy?

The European Union Agency for Cybersecurity (ENISA) defines a National Cybersecurity Strategy as ‘a plan of actions designed to improve the security and resilience of national infrastructures and services’. It is a high-level top-down approach to cybersecurity that establishes a range of national objectives and priorities that should be achieved in a specific timeframe. It can also be described as a careful plan or method of protection for both informational and non-informational assets through the ICT infrastructure for achieving particular national goals, usually over a long period (Azmi et al.). 

Usually, National cybersecurity strategies are high-level, stakeholder-oriented country-owned plans that governments use to describe issues such as:

  • The vision, high-level objectives, principles and priorities that will guide the country in addressing cybersecurity; 
  • An overview of the stakeholders tasked with improving the cybersecurity of the nation and their respective roles and responsibilities; and 
  • The steps, programmes and initiatives that a country will undertake to protect its national cyber-infrastructure and, in the process, increase its security and resilience.  

[Source: Guide to developing a national cybersecurity strategy – (International Telecommunication Union (ITU) et al. 2018, 13) ]

The aim of developing the NCS is not strictly for cybersecurity only. It can also serve as a tool for economic development. There are various phases and activities that would form part of developing and implementing a national cybersecurity strategy. These activities and outcomes are usually referred to as the lifecycle of the strategy. We will discuss this later in the text. The International Telecommunications Union (ITU) Guide to developing national cybersecurity strategies, identifies nine guiding principles that should help officials and stakeholders throughout the strategy development lifecycle. These principles are not limited to any phase of the cycle and should be taken together as a whole because they apply to all key focus areas of the NCS. These principles are depicted in the diagram below.

Figure 1. A graphic outline of the Guiding Principles of the NCS process.

Reflection point

Do you know any National Strategy from your country in the area or subject matter? If yes, kindly look at its structure.

Skip to content