The implementation of the Cybersecurity Strategy of the Republic of Cyprus, from 2013 onwards, has resulted in the achievement of several important objectives for Cyprus in the field of cybersecurity, including the creation of the Digital Security Authority, which includes the National CSIRT-CY. During 2017, a comprehensive evaluation of the situation in Cyprus in relation to the cybersecurity domain was carried out, based on a scientific model developed by the University of Oxford in the United Kingdom (Capacity Maturity Model for Nations - CMM). This process led to a mapping of maturity levels in various areas of cybersecurity, and the recording of a large number of recommendations for improvement. Subsequently, the Cybersecurity Strategy of the Republic of Cyprus was revised and a new version was published in December 2020.
The Digital Security Authority conducted a 2nd cybersecurity maturity assessment project in 2021 with the University of Oxford, to update the results of the previous assessment conducted in 2017, taking into account the significant developments and achievements of recent years achieved by the Republic of Cyprus, such as the creation of the Digital Security Authority and the National CSIRT-CY. This process was conducted based on a scientific model developed by the University of Oxford in the United Kingdom (Capacity Maturity Model for Nations - CMM). It will work supportively in relation to the implementation of the Actions of the revised national Cybersecurity Strategy, providing objective information and a better understanding regarding the areas where more emphasis should be placed during implementation.
The researchers from the University of Oxford studied a large volume of available documents and publicly available information, and conducted round-table discussions on 21 - 23/9/21 with a significant number of stakeholder representatives, from public sector organizations, legislators and policy makers, law enforcement authorities, the defence sector, universities, non-governmental organizations, electronic communications providers, banks, as well as the steering group for the development and coordination of the National Cybersecurity Strategy.