Abstract
One key factor underpinning a state's capacity to respond to policy challenges of cybersecurity is the quality of evidence supporting such decision making. As part of this process, policy advisers, essentially a diverse group including everyone from civil servants to elected policy makers, are asked to assess evidence from a mix of sources. Sometimes with little relevant expertise and often in time-critical scenarios, assessing threat, risk and proportionate response based on a mix of official briefings, academic sources, and industry threat reports is a challenge. The imperative of dealing with such issues in a timely fashion presents novel technical and political challenges for policy advisers. In this paper we present a model to help assess the quality of such evidence. The Evidence Quality Assessment Model (EQAM) is essentially a tool to help assess evidence fitness and credibility for use in such decision making. We illustrate the model with a sample of possible evidence sources to demonstrate how different attributes could be used for a comparison. The ultimate goal here is to help resolve potential conflicts and weigh findings and opinions systematically.
Original language | English |
---|---|
Title of host publication | Critical Infrastructure Protection XII |
Publisher | Springer |
Pages | 23-38 |
Number of pages | 16 |
Volume | 542 |
ISBN (Electronic) | 978-3-030-04537-1 |
ISBN (Print) | 978-3-030-04536-4 |
DOIs | |
Publication status | Published - 18 Dec 2018 |
Event | Twelfth Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure Protection - SRI International, Arlington, United States Duration: 12 Mar 2018 → 14 Mar 2018 http://www.ifip1110.org/Conferences/ |
Conference
Conference | Twelfth Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure Protection |
---|---|
Country/Territory | United States |
City | Arlington |
Period | 12/03/18 → 14/03/18 |
Internet address |
Keywords
- Evidence Quality Assessment
- Cybersecurity
- Policymaking