Kiribati

In 2019, the Oceania Cyber Security Centre (OCSC), a constellation partner of the GCSCC, was invited to conduct a CMM review for Kiribati. Collaborating closely with the Ministry of Information, Communication, Transport and Tourism Development (MICTTD), the review marked the beginning of a transformative journey for Kiribati in enhancing its cyber policies and program.

The CMM assessment provided Kiribati with a comprehensive evaluation of its cybersecurity maturity, identifying strengths, weaknesses, and areas for improvement across all five dimensions of the CMM. The assessment informed the finalisation of the National Cybersecurity Strategy and served as a baseline for Kiribati to measure progress. The findings of the assessment were instrumental in shaping Kiribati's cybersecurity policies and initiatives.

Doing the CMM and getting back the report was quite crucial for us, especially because we were just beginning our cybersecurity journey. A lot of the recommendations have informed our activities and ambitions since 2019 until now. The CMM review has been instrumental in establishing cybercrime laws, governance frameworks, and integrating cybersecurity into our education curriculum.

- Domingo Kabunare, Acting Director for Digital Transformation Office

& Chief Information Security Officer of the Government of Kiribati. 

Impact: 

Over the span of four years since the completion of the CMM review, Kiribati has made significant strides in advancing its cybersecurity maturity. Some of the impacts of the CMM report include:

1. Strategic Planning: Armed with insights from the CMM report, Kiribati assessed its holistic cyber maturity and revised their plan for elevating capabilities across the different dimensions of the review.
2. National Cyber Priorities: With the guidance from the CMM recommendations, Kiribati identified and prioritised key areas for cybersecurity development. This enabled the nation to focus its efforts and resources on areas of critical importance, aligning with its national vision.
3. Policy Ecosystem: Kiribati embarked on the development of a robust cybersecurity policy framework involving a broad spectrum of stakeholders.
4. Capacity Building: Kiribati prioritised cybersecurity awareness and education initiatives, integrating cybersecurity into the national education curriculum. This proactive approach aimed to cultivate a cyber-conscious culture among citizens and future generations.
5. International Collaboration: Leveraging the CMM recommendations, Kiribati forged partnerships with international development agencies and donor governments to bolster its cyber capabilities. This collaboration facilitated knowledge exchange, technical assistance, and capacity-building initiatives.
6. Legislative Reform: Kiribati enacted cybercrime legislation and established a governance framework for cyber incident response. These legislative reforms were crucial in strengthening the cyber legal and regulatory framework.

Overall the CMM assessment served as a catalyst for meaningful progress in Kiribati's cybersecurity landscape. By leveraging the insights and recommendations provided, Kiribati was able to chart a course towards enhanced cyber governance, awareness, and resilience. Through strategic partnerships and proactive initiatives, Kiribati is poised to strengthen its cybersecurity posture and safeguard its digital future.