Cybersecurity Maturity Assessment by International Experts to Inform Bangladesh’s Renewal of National Strategy

On 26 June 2018, Bangladesh Computer Council (BCC), Information and Communication Technology Division, Ministry of Posts, Telecommunications and Information Technology (MoPTIT), Government of the People’s Republic of Bangladesh signed a contract with Norway Registers Development AS in joint venture with NRD CS UAB and Algoritmu Sistemos UAB to provide consultancy services for development of cyber security strategy, assessment of critical infrastructure, provision of self-assessment toolkit, and basic cyber security package for agencies (Contract package # AF-S3). The consultancy services support BCC efforts in leveraging ICT for Growth, Employment and Governance Project.

During a 12-month cyber security capacity building project, BCC aims to review national cyber security strategy, develop strategy for critical information infrastructure protection and create a cyber risk assessment framework for Critical Information Infrastructures.

As part of this project, Bangladesh Computer Council (BCC) held a three-day review of the state of cybersecurity maturity based on the Cybersecurity Capacity Maturity Model for Nations (CMM). The review was conducted in partnership with NRD Cyber Security and the Global Cyber Security Capacity Centre (GCSCC) of the University of Oxford which developed the CMM. Throughout 2-4 July 2018 roundtable discussions took place convening representatives from different stakeholder groups, including government, judiciary, critical national infrastructure, private sector, academia and civil society. The findings gleaned from these discussions will be later presented in a report to provide BCC with an objective understanding of the areas where actions should be taken regarding cybersecurity and priorities for National Cybersecurity.

The CMM, the first-of-its-kind model to review a country’s cybersecurity capacity maturity, aims to enable governments to benchmark cybersecurity capacity across five dimensions: cybersecurity policy and strategy; cyber culture and society; cybersecurity education, training and skills; legal and regulatory frameworks; and standards, organizations and technologies. Together with key strategic

international partners, such as the World Bank, the Organization of American States (OAS), the Commonwealth Telecommunications Organization (CTO), and the International Telecommunication Union (ITU), the CMM was deployed in more than 60 countries around the world. For more information about the CMM and the review reports please visit the Cybersecurity Capacity Portal, a knowledge resource about cybersecurity capacity-building around the world:

The Global Cyber Security Capacity Centre (GCSCC) of the University of Oxford is a leading international center for research on efficient and effective cybersecurity capacity-building, promoting an increase in the scale, pace, quality and impact of cybersecurity capacity-building initiatives across the world.

NRD Cyber Security is a cyber security consulting, incident response and applied research company based in Vilnius, Lithuania, supporting global cyber security capacity building efforts and providing services to governments, finance industry and corporations with high data sensitivity.