(ISC)² Calls for Global Cybersecurity Standards Based on New Research

• May 11, 2023

(ISC)² – the world’s largest nonprofit association of certified cybersecurity professionals, and the Royal United Services Institute (RUSI), the world's oldest independent think tank on international defense and security, today released a new research report titled "Global Approaches to Cyber Policy, Legislation and Regulation." Findings from the report reveal that as cybersecurity policies and regulations evolve rapidly around the world, the call for greater standardization and collaboration is necessary to ensure stronger and more resilient frameworks to support shared learning and best practices.

The report reviews cybersecurity legislation and regulation within Canada, the European Union, Japan, Singapore, the United Kingdom and the United States, identifying various challenges shaping cyber policy. These issues include the shortage of skilled cybersecurity professionals, the complexities of the critical national infrastructure (CNI) and international cooperation on norm development for cyberspace. By bringing together insights from different jurisdictions and stakeholders, the report shows the importance of cooperation between private and public stakeholders and that policy makers increasingly seek harmonization of cyber policy.

"While the report identifies a number of trends in the cyber policy landscape, the increasing reliance on binding cybersecurity obligations for the critical national infrastructure sectors and beyond stand out, but the obligations different jurisdictions impose to increase cyber resilience vary,” said Pia Hüsch, Research Analyst for Cyber, Technology and National Security at RUSI. “The report therefore draws crucial attention to the need to better understand which policies are effective in increasing cyber resilience and how they impact businesses and the cyber workforce implementing them."

“Policymakers must take a proactive, rather than reactive, approach toward cybersecurity policy and collaborate across borders, industries and sectors to establish common standards, protocols and best practices,” said Clar Rosso, CEO of (ISC)². “Findings from this report provide valuable insight into top legislative and regulatory priorities, which emphasizes the need for greater harmonization between policymakers, cybersecurity professionals and other stakeholders to improve cyber resilience and address pressing cybersecurity challenges in 2023 and beyond. To protect our national security, economies, critical infrastructure, and the data and privacy of our citizens, we need consistent, strong, forward-looking and joined up policies that enable cybersecurity professionals around the world to stay laser-focused on the most critical aspects of their jobs.”

The report delves into several other key headlines, including:

• More regulations are coming; organizations must prepare now – not later.
• No country or government is immune to the cybersecurity skills and workforce gap.
• Global standardization is critical, and full international cooperation is needed, to protect and uphold ethical principles and standards.
• Fortifying critical infrastructure is a top priority for all jurisdictions — especially with more interconnectedness and "state lines" blurring.
• Collective defense is needed between the public and private sectors and across jurisdictions to support norm development.

For more information on the "Global Approaches to Cyber Policy, Legislation and Regulation" report, please visit: https://www.isc2.org/Research/rusi-report