National AI Cybersecurity Readiness Metric
The GCSCC is in the process of developing a National AI Cybersecurity Readiness Metric to enable nations to benchmark their existing readiness and provide an evidence base for future AI cybersecurity decision making. This tool will meet growing demand from nations to better understand how they should manage AI cybersecurity risks and opportunities, and is informed by the GCSCC’s extensive experience in benchmarking national cybersecurity capacity through the Cybersecurity Capacity Maturity Model for Nations (CMM).
The National AI Cybersecurity Readiness Metric is intended to support countries at all stages of readiness, whether they are actively implementing cybersecurity measures to address the risks associated with AI adoption, or are just beginning to explore how to integrate AI into their national strategies. Regardless of where a nation is positioned with regards to AI adoption, the Metric is designed to help nations prepare to defend themselves against the evolving threat landscape that they face.
Project Overview
Created to address a growing need: the metric enables nations to assess their current state of AI cybersecurity capabilities and to identify priorities for cybersecurity capacity enhancement and investment across all dimensions of cybersecurity capacity.
Working through collaboration: the Centre is working with international stakeholders to develop and test the metric and collect evidence of the consequences of capacity building decisions.
A resource to benefit the international community: the research findings and outputs of this work will be shared openly with the global community and used to evolve the metric, ensuring that it reflects current knowledge and best practices.
What areas does the metric cover?
The National AI Cybersecurity Readiness Metric is currently a prototype, which the GCSCC is refining continuously through trials and consultations. The figure below shows the areas capacity included in the current version of the prototype Metric.
Who is the metric for?
The metric is designed to support countries at all stages of AI adoption, from those actively implementing cybersecurity measures to those just beginning to explore AI integration into their strategies. As AI technologies and are quickly evolving, the metric helps nations prepare to defend against the emerging threat landscape.
For nations in the early stages, the metric can help to indicate the cybersecurity factors that need to be considered as AI adoption begins.
For nations with AI adoption already advanced across numerous sectors, the metric will highlight gaps in cybersecurity capacity and facilitate monitoring progress.
How is the metric applied?
In the pilot phase, the metric is applied in a two-day workshop with stakeholders from industry, government, regulators, civil society and academia. The workshop will produce a summary of the findings, highlighting the strengths, challenges and insights gained from the discussions on the nation’s AI cybersecurity readiness.
What is the link between the CMM and the Metric?
The National AI Cybersecurity Readiness Metric has been developed to complement an assessment using the Cybersecurity Capacity Maturity Model for Nations (CMM). Where the CMM takes a broad assessment, the metric takes a narrow, technologically specific view across the five dimensions of cybersecurity. An assessment using the metric can be undertaken independently or alongside a CMM assessment.
The National AI Cybersecurity Readiness Metric is part of the work the GCSCC is undertaking with LASR.
Find out more about LASR, including information on partners, events and opportunities to engage on the official website.
