Cyber capacity building 101
Cyber capacity building 101

Cyber Capacity Building 101

By Stacey Lidgate – CYSIAM Head of Consulting

The term ‘cyber capacity building’ gets used across a lot of companies and consultancies these days, but what do we mean when we talk about it? For CYSIAM, it’s about helping individuals, teams, organisations and countries achieve a sustainable step change in their cyber defences to secure their cyberspace and reduce the impact of cybercrime and cyber threats.

Why is it important?

Digitisation is growing at an exponential pace, with countries and organisations across the globe becoming more and more dependent upon technology to operate and survive. But it’s a double-edged sword; for every advantage and efficiency delivered from digital ways of working, cyber security risks and attack opportunities emerge. The United Kingdom Foreign Commonwealth and Development Office (FCDO) explain that “in an increasingly connected world, in which we all share the same cyberspace, improvements in cybersecurity are never zero-sum”.[1] Cybersecurity threats and cybercrime are borderless, so working to better global cybersecurity levels is of benefit to everyone. For some countries, increased cyber capacity is essential because progress and development of their economy and society is dependent on stronger cybersecurity.

How do we approach it?

The CYSIAM team have experience of delivering cyber capacity building in some of the most complex and unstable parts of the world. We combine leadership and diplomacy skills with deep technical knowledge and our backgrounds range from academia and military to central government. It’s because of our decades of experience that we know that secure digital transformation is never just about technology. We understand the critical interdependencies between people, culture, information, data, policy, supply chains, governance and physical environments and strive to build effective and trusted relationships with every team we encounter. We approach cyber capacity building as a critical friend and trusted partner and try to focus on three key areas throughout any assignment:

  • Understand the problem:

Collaborative problem solving is one of the most rewarding aspects of working in cyber capacity building. We work side-by-side with our clients to understand their inner mechanics and help them identify the root of the problems they face.

  • Design effective projects:

There is no ‘one-size-fits-all’ approach to cyber capacity building – every country, organisation, team and problem is different. Improving cybersecurity capabilities might require a mix of skills to deliver anything from short training courses, ongoing mentoring, strategy design or a multi-year programme that concurrently develops cyber security teams, implements new equipment and redesigns ways of working. It’s never about telling clients why our way is best, or striving for unattainable standards, but about drawing on our experiences to design approaches

  • Assure and evaluate:

We make sure that benefits are considered from the very beginning of a project and that mechanisms are put in place to assess how they are being delivered and realised. Assuring sustainability of what we deliver is also critical and our approach always keeps long-term changes in mind.

What types of things are we involved in?

We were appointed as an Implementing Partner of the Global Forum on Cyber Expertise (GFCE) in 2019 and today are working on several cyber capacity building projects across Asia, South-East Asia, the Middle East, South America, Scandinavia, Central, East and South Africa to deliver:

  • Digital forensics training and mentoring for technical staff, police officers and prosecutors.
  • Design of National Cyber Incident Response Strategies.
  • Design of National Cyber Incident Response processes and mentoring across incident response teams.
  • Open Source Intelligence (OSINT) training and mentoring for specialist police cybercrime investigators.
  • Design and delivery of a multi-year secure digital transformation programme for a critical central government department.
  • Specialist equipment design and training.
  • Cyber threat intelligence assessments, training and mentoring for a National Government.
  • Intrusion detection training and mentoring for specialist police cybercrime investigators.

Over the coming months we’ll expand more on our experiences, what we think contributes to successful cyber capacity building and explain more about some of the projects we have been involved in and how they have made a difference.

[1] FCDO Cybersecurity Awareness in the Commonwealth of Nations.

A person writing on a piece of paper with a pen


The Evolution of Ransomware