Maturity Based Cybersecurity Investment Decision Making in Developing Nations Open Access
Downloadable ContentDownload PDF
The future of developing nations – both in terms of opportunities and challenges – is tied to the security of the information communications and technology (ICT) infrastructure. As many developing nations increase reliance on ICT to enable economic growth, they fail to commit an equivalent level of investment into cybersecurity. The impact of expanding non-secure ICT infrastructure in developing nations also threatens the global community and many economically strong nations. Cybersecurity maturity modeling and frameworks are used to help establish measures for guiding national level cybersecurity activities, however they do not provide any local environmental context or the potential value for implementing different levels of maturity. This research identifies the correlation of national system development metrics (e.g. unemployment, GDP, ICT penetration, education, policies, stability) with cybersecurity events to predict impact on future risk. The quantitative methodology outlined in this research provides a complementary approach for assessing the requirements of individual nations based upon technical, economic, and cybersecurity data. The research leveraged publicly available data to validate findings through multiple regression statistical analysis. The findings identified the most effective cybersecurity investments required to help achieve a theoretical “safe haven” minimum maturity level that enables secure ICT growth. The ability to target and shape the limited internal or external resources committed to cybersecurity is essential to maximize the effectiveness of resource investments.