Cybersecurity

0

Please enable JavaScript and reload the page.

Results and Indicators

Impacts

Outcomes

Outputs

Result	Indicator(s)
Output: Mechanisms for effective information sharing, consultation and coordination on cyber incidents between stakeholders (private sector, civil society and government bodies) are in place	Status of membership in FIRST and TF.CSIRT/TI certification (Qualitative) Data Source: FIRST and TF.CSIRT/TI certification reports, database of draft documents (on certification) Additional Information: This indicator is appropriate at output level if the EU-funded intervention will provide full support to the certification process. Otherwise, the indicator should refer to segments of certification on which the EU-funded intervention focused. Â
	Number of MoUs between key private sector entities (CII operators, vendors) and governmental bodies signed with support of the EU-funded intervention (Numeric) Data Source: MoU documents Additional Information: This indicator is appropriate at output level MoU signing is supported by the EU-funded intervention.
	Number of stakeholders participating in public consultations organised by the EU-funded intervention on the development of national cybersecurity strategic framework (disaggregated by sector and sex of participant) (OPSYS core indicator) Data Source: Consultation meeting notes and attendance records Additional Information: Please specify the topics of the national cybersecurity strategic framework consultation meetings.

Result	Indicator(s)
Output: Skills of law enforcement, prosecutors andjudges to investigate, prosecute andadjudicate cybercrime cases are improved	Number of cybercrime units participating in domestic and international investigations with support of the EU-funded intervention (Numeric) Data Source: Reports on cybercrime domestic and international investigationsÂ Additional Information: Please specify types of investigations (domestic, international).Â
	Number of requests handled by national 24/7 points of contact with support of the EU-funded intervention (Numeric) Data Source: National 24/7 points reports Additional Information: This indicator is appropriate at output level if the EU-funded intervention will pay additional staff who will treat specific requests.
	Number of table top exercises or mock operations supported by the EU-funded intervention (OPSYS core indicator) Data Source: Reports on table top exercises and mock operations Additional Information: Please specify types of table top exercises and mock operations supported by the EU-funded intervention.

Result	Indicator(s)
Output: Strengthened institutional capacity to address cyber risks in a holistic way, including in public service delivery	Number of cyber risk assessments conducted with support of the EU-funded intervention (OPSYS core indicator) Data Source: Cyber risk assessment reports Additional Information: Please specify the topic of the assessments.
	Number of government representatives trained/mentored by the EU-funded intervention who increased their knowledge and/or skills on cyber hygiene practices and technical standards (disaggregated by sex and institution) (Numeric) Data Source: Database participantsÂ pre- and post-training tests Additional Information: Please specify mentoring and training topics.Â
	Number of institutions and organisations participating in periodic cyber risk assessments with support of the EU-funded intervention (Numeric) Data Source: Cyber risk assessment meeting notes, attendance records Additional Information: Please specify the types of institutions and organizations participating in the cyber risk assessments.Â

Result	Indicator(s)
Output: Protection of critical information infrastructure is enhanced	Extent to which the national CERT/CSIRT has established parameters for organizational structure, human resources, tools and processes thanks to support of the EU-funded intervention (OPSYS core indicator) Data Source: Baseline and endline studies conducted and budgeted by the EU-funded intervention Additional Information: Expert assessment can be conducted to examine the extent to which the national CERT/CSIRT has established the required parameters
	Number of CERT/CSIRT employees mentored/trained with support of the EU-funded intervention (disaggregated by sex) (Numeric) Data Source: Database of training participants, pre-and post-training tests Additional Information: Please specify training topics.Â
	Number of incident management/response cases monitored and handled by national CERT/CSIRT with support of the EU-funded intervention (Numeric) Data Source: CERT/CSIRT incident management/response reports Additional Information: This indicator is appropriate at output level for the cases supported by the EU-funded intervention.
	Status of governance framework for CIIP and cyber incident management supported by the EU-funded intervention (Qualitative) Data Source: Database of draft documents (management framework), Minutes from the framework development workgroups Additional Information: This indicator is appropriate at output level if the EU-funded intervention will support the development/drafting of the management framework.
	Status of the list of national critical infrastructure supported by the EU-funded intervention (Qualitative) Data Source: Infrastructure inventory reports Additional Information: The EU-funded intervention can carry out an infrastructure inventories to record the status of the national critical infrastructure.Â

Result	Indicator(s)
Specific Objective - Outcome: Increased trust of users, organisations, and companies in the use of cyberspace	Number of individuals falling victims to cyber attacks (disaggregated by sex) (Numeric) Data Source: National statistical report Baseline and endline surveys conducted and budgeted by the EU-funded interventionÂ Additional Information: If national data is not available on the number of cyber attack victims, the EU-funded intervention can commission a survey of the target population or organizations. It is also possible to conduct a test with fake phishing emails / malware to see how many people among the target population click on the link.
	Percentage of internet penetration in the country (Percentage) Data Source: World Bank data on individuals using the Internet, https://data.worldbank.org/indicator/IT.NET.USER.ZS?locations=AF Additional Information: The World Bank indicator calculates the percentage of individuals using internet in a country
	Percentage of population that expresses confidence in the capacity of the law enforcement and judicial bodies to tackle cybercrime effectively (disaggregated by sex and age) (Percentage) Data Source: Baseline and endline public perception surveys conducted by the EU-funded intervention Additional Information: Public perception survey of population assessing confidence in the capacity of the law enforcement and judicial bodies to tackle cybercrime effectively can be conducted. This indicator may also use scale of level of confidence instead of percentage if more comprehensive information is sought.Â
	Percentage of individuals who report trust in the use of the cyberspace (disaggregated by sex and age) (OPSYS core indicator) Data Source: Baseline and endline surveys of users conducted by the EU-funded intervention Additional Information: The EU-funded intervention can conduct a survey of individual internet users to assess their trust in the use of the cyberspace. This indicator may also use scale of level of trust instead of percentage if more comprehensive information is sought.

Result	Indicator(s)
Specific Objective - Outcome: Cyber crisis management structures are operational	Amount of the national budget allocated to agencies with cybersecurity competence (Numeric) Data Source: National budget Baseline and endline studies conducted and budgeted by the EU-funded intervention Additional Information: It is important to specify the relevant agencies in the local context before data collection.
	Existence of a cyber-related budget line (in particular linked to CERT/CSIRT) in the national budget (Qualitative) Data Source: National budget Additional Information: It is also possible to adjust this indicator to track the amount of funding in the cybersecurity budget line (or heading), rather than the mere existence of a budget line.
	Status of cyber-related inspection and/or audit services within the individual institutions and bodies responsible for incident and crisis management (Qualitative) Data Source: National legislation and policies, Government reports, Organizational charts Additional Information: Identify status of establishment of cyber-related inspection and/or audit services within the individual institutions and bodies responsible for incident and crisis management
	Status of national body mandated with cyber crisis management (Qualitative) Data Source: Laws and regulations Government reportsÂ Organizational charts Additional Information: Identify status of establishment and responsibilities of the national body mandated with cyber crisis management
	Status of policy provisions defining the responsibilities and resources of institutions competent for prevention, protection and recovery from cyber attacks and/or accidental failures (OPSYS core indicator) Data Source: Laws and regulations Baseline and endline studies conducted and budgeted by the EU-funded intervention Additional Information: Expert assessment can be carried out to review status of policy development defining the responsibilities and resources of institutions competent for prevention, protection and recovery from cyber attacks and/or accidental failures, as well as status of implementation of policies (positions filled, resources obtained, budgets allocated).

Result	Indicator(s)
Specific Objective - Outcome: Legislation on cybercrime and electronic evidence is aligned with existing international legal standards and implemented	Number of domestic and/or international prosecutions and cases adjudicated on cybercrime (Numeric) Data Source: Reports from the Ministry of Justice Additional Information:
	Percentage of cybercrime complaints that are investigated (Percentage) Data Source: Cybercrime units and prosecution offices reports Additional Information:
	Status of the accession to/ratification of the Budapest Convention (OPSYS core indicator) Data Source: Council of Europe, https://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/185/signatures Additional Information: The Chart of signatures and ratifications of Treaty 185 - Convention on Cybercrime is regularly updated on the Council of Europe website.
	Status of legal provisions / regulations on cybercrime and electronic evidence (Qualitative) Data Source: National statistical report Baseline and endline surveys conducted and budgeted by the EU-funded interventionÂ Additional Information: Expert assessment can be carried out to review status of legal provisions / regulations on cybercrime and electronic evidence

Result	Indicator(s)
Output: Participation in international operations and/or joint investigations targeting cybercrime is promoted	Number of international agreements/MoUs on combatting cybercrime signed between the private sector and CSOs with support of the EU-funded intervention (Numeric) Data Source: MoU documents Additional Information: This indicator is appropriate at output level if MoU signing is supported by the EU-funded intervention.
	Number of international police-to-police requests prepared with support of the EU-funded intervention (Numeric) Data Source: Database of police-to-police requests Additional Information: This indicator is appropriate at output level if police-to-police requests are supported by the EU-funded intervention.
	Number of national or transnational operations and/or investigations conducted with capacities created or enhanced by the EU-funded intervention in line with EU policies and international human rights standards (OPSYS core indicator) Data Source: Reports published by the EU-funded intervention Additional Information: This indicator is appropriate at output-level for the joint operations and investigations supported by the EU-funded intervention. Please specify types of joint operations and investigations.
	Status of public/public-private reporting mechanisms developed with support of the EU-funded intervention (Qualitative) Data Source: Database of draft documents (public/public-private reporting mechanism procedures) Additional Information: This indicator is appropriate at output level if public/public-private reportingÂ mechanisms are developed by the EU-funded intervention.

Result	Indicator(s)
Output: Strengthened capacities of decision-makers to design and implement cyber laws and policies in line with the Budapest Convention and human rights conventions	Extent to which the national cooperation framework/guidelines were applied in case of a large scale cyber incident or crisis thanks to support provided by the EU-funded intervention (Qualitative) Data Source: Baseline and endline studies conducted and budgeted by the EU-funded interventionÂ Additional Information: This indicator is appropriate at output level if the EU-funded intervention will directly strengthen capacities for the application of the guidelines. A mock exercise can be conducted to test the application before and after the capacity building support is provided by the EU-funded intervention.
	Extent to which provisions promoting cyber hygiene and technical standards in line with international best practices are integrated in draft laws, regulations and government tenders thanks to support of the EU-funded intervention (Qualitative) Data Source: Database of draft documents (draft standards and policies), Minutes from the policy development workgroups Additional Information: This indicator is appropriate at output level if the EU-funded intervention will support the integration of good practices in cyber hygiene and technical standards in draft laws, regulations and government tenders. This can include ICT security standards and cryptographic controls, procurement standards for ICT, etc.
	Number of decision-makers trained by the EU-funded intervention who increased their knowledge and/or skills on the importance of cyber policies, design and implementation of national cybersecurity strategies (disaggregated by sex and institution) (OPSYS core indicator) Data Source: Database participants, pre- and post-training tests Additional Information: Please specify training topics and institutions participants are originating from.
	Number of staff in Ministries/ Parliament mentored by the EU-funded intervention on legislative/ regulatory measures on cyber risks (disaggregated by sex and institution) (Numeric) Data Source: Database participantsÂ pre- and post-training tests Additional Information: Please specify mentoring areas and topics.Â
	Status of assessment of existing legislation for compatibility with the Budapest Convention supported by the EU-funded intervention (Qualitative) Data Source: Baseline and endline studies conducted and budgeted by the EU-funded interventionÂ Additional Information: Expert assessment can be conducted to examine the extent to which the legislation is compatible with the Budapest convention.Â
	Status of constitutional, statutory, policy guarantees for cybercrime and electronic evidence legislation supported by the EU-funded intervention (Qualitative) Data Source: Database of draft documents (policies), Minutes from the policy development workgroups Additional Information: This indicator is appropriate at output level if the EU-funded intervention will support the drafting of the policies.Â
	Status of cyber risk management framework/ guidelines for national authorities supported by the EU-funded intervention (Qualitative) Data Source: Database of draft documents (guidelines), Minutes from document development workgroup Additional Information: This indicator is appropriate at output level if the EU-funded intervention will provide technical expertise and support for drafting the risk management framework/guidelines for national authorities, including inputs and participation of different stakeholders.
	Status of legislation and/or regulation addressing Critical Information Infrastructure Protection (CIIP) supported by the EU-funded intervention (Qualitative) Data Source: Database of draft documents (policies and laws), Minutes from the policy development workgroups Additional Information: This indicator is appropriate at output level if the EU-funded intervention will support the drafting of the laws and policies addressing Critical Information Infrastructure Protection (CIIP).Â
	Status of legislation and/or regulation addressing cyber risks supported by the EU-funded intervention (Qualitative) Data Source: Database of draft documents (policies and laws) Minutes from the policy development workgroups Additional Information: This indicator is appropriate at output level if the EU-funded intervention will support the drafting of the laws and policies addressing cyber risks.Â
	Status of regulations on the cybersecurity technical standards in line with the international best practices supported by the EU-funded intervention (Qualitative) Data Source: Database of draft documents (technical standards), Minutes from document development workgroup Additional Information: This indicator is appropriate at output level if the EU-funded intervention will support the drafting of the technical standards.Â
	Status of the national strategic framework on cybersecurity supported by the EU-funded intervention (Qualitative) Data Source: Draft National Strategy on Cybersecurity, Minutes from the strategy workgroups Additional Information: This indicator is appropriate at output level if the EU-funded intervention will provide technical expertise and support the drafting the national strategy on cybersecurity, including technical inputs and facilitating the participation of different stakeholders.

Result	Indicator(s)
Output: Improved cyber hygiene and awareness of individual users (e.g. employees, citizens, students)	Extent to which cyber hygiene and awareness is mentioned in a national strategic framework thanks to support of the EU-funded intervention (Qualitative) Data Source: Draft National Strategy on Cybersecurity, Minutes from the strategy workgroups Additional Information: This indicator is appropriate at output level if the EU-funded intervention will provide technical expertise to ensure that cyber hygiene and awareness are addressed in the national strategic framework.
	Number of institutions and organisations reached by the EU-funded campaign promoting cyber hygiene and awareness (OPSYS core indicator) Data Source: Press clipping, events records, online analytics reports Additional Information: For each type of awareness raising activity please use specialized methodology. For the traditional media, press clipping and estimates of media reach may be used, for online campaigns - online analytics, and for the direct contacts and events - attendance of the events and number of direct contacts. The campaign could be held with support of the EU-funded intervention in the context of the Cyber Awareness Month (on an annual basis).
	Number of persons reached by the cyber awareness raising campaigns and training implemented with support of the EU-funded intervention (disaggregated by sex and age) (Numeric) Data Source: Press clipping, events Â records, online analytics reports Additional Information: For each type of awareness raising activity please use specialized methodology. For the traditional media, press clipping and estimates of media reach may be used, for online campaigns - online analytics, and for the direct contacts and events - attendance of the events and number of direct contacts. The campaign could be held with support of the EU-funded intervention in the context of the Cyber Awareness Month (on an annual basis). Please separate training and awareness raising reach.Â
	Status of the Cyber Awareness Month campaign supported by the EU-funded intervention (Qualitative) Data Source: Cyber Awareness Month campaign report Additional Information: This indicator monitors the contribution of the EU-funded intervention to the campaign during Cyber Awareness Month.Â

Result	Indicator(s)
Specific Objective - Outcome: A coherent, holistic and actionablenational approach to cyberresilience is adopted andimplemented	Extent to which cybercrime is mentioned in a national strategic framework / cyber strategy (Qualitative) Data Source: National strategic documents, Baseline and endline studies conducted and budgeted by the EU-funded intervention Additional Information: Expert assessment can be conducted to assess the extent to which the cybercrime is covered by the strategic documents. If the EU-funded intervention will directly support the drafting of strategic documents on this, then this indicator is more appropriate at output level.
	Number of locally-based organisations that contribute to dialogue with central authorities and cybersecurity actors (Numeric) Data Source: Baseline and endline surveys conducted and budgeted by the EU-funded interventionÂ mappings conducted by the EU-funded intervention Additional Information: Expert survey/mapping of locally-based organisations that contribute to dialogue with central authorities and cybersecurity actors can carried out by the EU-funded intervention.Â
	Status of national strategic framework on cybersecurity (OPSYS core indicator) Data Source: National strategic documents covering Cybersecurity Baseline and endline studies conducted and budgeted by the EU-funded intervention Additional Information: Expert assessment can be conducted by the EU-funded intervention to examine to what extent the strategic framework on cybersecurity is comprehensive and to provide recommendations for improvement. If the EU-funded intervention will directly support the drafting of a cybersecurity strategy or other strategies including cybersecurity field, then this indicator is more appropriate at output level.
	Status of a cybercrime/high-tech crime units in the relevant government institutions (Qualitative) Data Source: Government organization charts and systematization documents, Baseline and endline studies conducted and budgeted by the EU-funded intervention Additional Information: Please define what are the relevant government institutions that should have this type of unit in the local context and assess existence of cybercrime units within the institutions. If government data are not readily available, the EU-funded intervention needs to conduct experts assessment.Â
	Status of an implementation plan (or roadmap) for delivering on the strategic commitments in the field of cybersecurity (Qualitative) Data Source: Government Implementation plan/Roadmap documents and reports Additional Information: The indicator measures progress on development and implementation of the Implementation Plan/Road map for delivering on the strategic commitments in the field of cybersecurity. If the EU-funded intervention will directly support the drafting of a cybersecurity roadmap, then Â indicator covering development of the document is more appropriate at output level.

Result	Indicator(s)
Impact: Citizens of developing countries enjoy an open, free, secure, resilient and peaceful cyberspace	Country score in the Freedom on the Net – Freedom House (Numeric) Data Source: Freedom on the Net Report,Â https://freedomhouse.org/report/freedom-net Additional Information: Freedom on the Net measures the subtle and not-so-subtle ways that governments and non-state actors around the world restrict our intrinsic rights online. Each country assessment includes a detailed narrative report and numerical score (0=Most Free, 100=Less Free), based on methodology developed in consultation with international experts. This methodology Â includes three categories:Â 1. Obstacles to Access details infrastructural and economic barriers to access, legal and ownership control over internet service providers , and independence of regulatory bodies; 2. Limits on Content analyses legal regulations on content, technical filtering and blocking of websites, self-censorship, the vibrancy/diversity of online news media, and the use of digital tools for civic mobilization; 3. Violations of User Rights tackles surveillance, privacy, and repercussions for online speech and activities, such as imprisonment, extra-legal harassment, or cyberattacks. Coverage: Freedom on the Net has expanded from covering 15 countries in our 2009 pilot edition to 65 in the latest report (please check availability for your country of interest before usingthis indicator). Countries are selected on the basis of the size of their internet population, their regional or global relevance, as well as the unique quality of their restrictions or protections on the internet. The countries selected for the report covers 88 percent of the global internet population, ensuring the project analyses the vast majority of users.Â
	Country score in the ITU Global Cybersecurity and Cyberwellness Index (GCI) (Numeric) Data Source: Global Cybersecurity and Cyberwellness Index website,https://www.itu.int/en/ITU-D/Cybersecurity/Pages/GCI.aspx Additional Information: The Global Cybersecurity Index (GCI) is a multi-stakeholder initiative to measure the commitment of countries to cybersecurity. Cybersecurity has a wide field of application that cuts across many industries and sectors. Each countryâ€™s level of development will therefore be analysed within five categories: Legal Measures, Technical Measures, Organizational Measures, Capacity Building and Cooperation.â€‹â€‹â€‹â€‹â€‹ The GCI revolves around the ITU Global Cybersecurity Agenda (GCA) and its five pillars (legal, technical, organizational, capacity building and cooperation). For each of these pillars, questions were developed to assess commitment. Through consultation with a group of experts, these questions were weighted in order to arrive at an overall GCI score. The survey was administered through an online platform through which supporting evidence was also collected. Link to the webpage:https://www.itu.int/en/ITU-D/Cybersecurity/Pages/GCI.aspx.
	Country score in the World Economic Forum’s Network Readiness Index (Numeric) Data Source: World Economic Forum, Network Readiness Index website, http://reports.weforum.org/global-information-technology-report-2016/neâ€¦ Additional Information: Technical Notes and Sources complement the Data Tables by providing Â additional information for all indicators used in the computation of the Network Readiness Index. Please see: http://reports.weforum.org/global-information-technology-report-2016/teâ€¦;
	SDG 16.a.1 - Existence of independent national human rights institutions in compliance with the Paris Principles (OPSYS core indicator) Data Source: Global SDG Indicators Database Additional Information: Custodian agency(ies): OHCHR For further information on this SDG indicator, please see here: https://unstats.un.org/sdgs/metadata/files/Metadata-16-0A-01.pdf
	Existence of independent national human rights institutions in compliance with the Paris Principles (Qualitative) Data Source: Baseline and endline studies to be conducted and budgeted by the EU-funded intervention Additional Information: SDG indicator 16.a.1. (Tier I. Custodian agency: OHCHR). This indicator Existence of independent national human rights institutions in compliance with the Paris Principles measures the compliance of existing national human rights institutions with the Principles relating to the Status of National Institutions (The Paris Principles), which were adopted by the General Assembly (resolution 48/134) based on the rules of procedure of the Global Alliance of National Human Rights Institutions. For further information on this SDG indicator, please see: https://unstats.un.org/sdgs/metadata/files/Metadata-16-0A-01.pdf