An Evidence Quality Assessment Model for Cybersecurity Policymaking

Atif Hussain, Siraj Shaikh, Alex Chung, Sneha Dawda, Madeline Carr

Research output: Chapter in Book/Report/Conference proceedingChapter

Abstract

One key factor underpinning a state's capacity to respond to policy challenges of cybersecurity is the quality of evidence supporting such decision making. As part of this process, policy advisers, essentially a diverse group including everyone from civil servants to elected policy makers, are asked to assess evidence from a mix of sources. Sometimes with little relevant expertise and often in time-critical scenarios, assessing threat, risk and proportionate response based on a mix of official briefings, academic sources, and industry threat reports is a challenge. The imperative of dealing with such issues in a timely fashion presents novel technical and political challenges for policy advisers. In this paper we present a model to help assess the quality of such evidence. The Evidence Quality Assessment Model (EQAM) is essentially a tool to help assess evidence fitness and credibility for use in such decision making. We illustrate the model with a sample of possible evidence sources to demonstrate how different attributes could be used for a comparison. The ultimate goal here is to help resolve potential conflicts and weigh findings and opinions systematically.
Original languageEnglish
Title of host publicationCritical Infrastructure Protection XII
PublisherSpringer
Pages23-38
Number of pages16
Volume542
ISBN (Electronic)978-3-030-04537-1
ISBN (Print)978-3-030-04536-4
DOIs
Publication statusPublished - 18 Dec 2018
EventTwelfth Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure Protection - SRI International, Arlington, United States
Duration: 12 Mar 201814 Mar 2018
http://www.ifip1110.org/Conferences/

Conference

ConferenceTwelfth Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure Protection
CountryUnited States
CityArlington
Period12/03/1814/03/18
Internet address

    Fingerprint

Keywords

  • Evidence Quality Assessment
  • Cybersecurity
  • Policymaking

Cite this

Hussain, A., Shaikh, S., Chung, A., Dawda, S., & Carr, M. (2018). An Evidence Quality Assessment Model for Cybersecurity Policymaking. In Critical Infrastructure Protection XII (Vol. 542, pp. 23-38). Springer. https://doi.org/10.1007/978-3-030-04537-1_2