The value of having a global constellation of cybersecurity capacity centres was brought home today. I viewed the many sessions of the hybrid annual conference of the network of cybersecurity research centres focused on cybersecurity, which was organised by C3SA in Cape Town, South Africa. Conferences held at other centres, including Oxford’s Global Cybersecurity Capacity Centre (GCSCC)[1] and Australia’s Oceana Cyber Security Centre (OCSC)[2] have been equally successful, but the Cape Town and Melbourne conferences demonstrated the importance of geographical distribution. Geography still matters a great deal. In Cape Town today, the participation of people from governmental, international (such as ITU), and business and civil society from nations across Africa were far more prominent. The network of centres works to develop more global networks of networks in this diverse field of research, policy, and practice.
C3SA is the Cybersecurity Capacity Centre for Southern Africa[3] at the University of Cape Town. Organized by Wallace Chigona and the C3SA team, jointly with representatives from the other centers, the conference covered the wide range of topics across disciplines and sectors focused on cybersecurity, and particularly on capacity building. Some topics gained prominence at this conference, such as discussion of the decolonizing of cybersecurity, and the centrality of building cybersecurity awareness and political will to implement security initiatives and assessments. There were also interesting discussions of relatively new fields, such as cyber psychology, and the diffusion of such studies to nations across Africa.
Equally impressive was the degree that in the nations of Africa as well as across Europe and other regions of the world, there is a growing focus on a relatively common framework, Oxford’s Cybersecurity Capacity Maturity Model for Nations (CMM). A panel organized by Enrico Calandro around the work of the Global Forum for Cybersecurity Expertise (GFCE)[4] illustrated the degree to which practitioners and researchers worldwide are often framing their work across the dimensions of cybersecurity capacity identified by the CMM. In such ways, the CMM is a boundary spanning object that is bringing together people across different sectors (practitioners and researchers), disciplines (from computer science to cyber psychology), and nations and regions of the world.
There is another day of the conference, but despite the many acronyms in the field and multidisciplinary challenges to getting involved in cybersecurity, the conference has already been a success from my perspective.
[1] https://gcscc.ox.ac.uk/home-page
[3] See: https://c3sa.co.za/ or https://cybilportal.org/projects/cybersecurity-capacity-centre-for-southern-africa-c3sa/