SEI Maps Out Cybersecurity for World Economic Forum
• Article
May 27, 2021—The World Economic Forum (WEF) recently released an updated mapping of high-level cybersecurity challenges, curated by members of the SEI's CERT Division, to other global topics. The online, interactive map shows the conceptual interconnections among 273 issues transforming economies and industries. Each topic page contains a transformation map, a summary of the issue, and a feed of related research artifacts from leading institutions. Policymakers, corporate officers, and others can use the topic pages to create custom briefings on issues of interest. The WEF, known for its annual meeting usually held in Davos, Switzerland, released the SEI's revision of the Cybersecurity topic and its eight dimensions in mid-April.
The release marks the beginning of the SEI's one-year stewardship of the Cybersecurity topic, a role that last year belonged to McGill University. Carnegie Mellon University (CMU) President Farnam Jahanian, who actively participates in Forum events and committees, helped to make the initial match between the WEF and SEI leadership. CMU already curates the Internet Governance Transformation Map.
"Carnegie Mellon University has deep expertise in cybersecurity, teaching and researching a range of topics, from securing software and network systems to making security and privacy more usable," said Algirde Pipikaite, strategic initiatives lead at the World Economic Forum Centre for Cybersecurity. "We are looking forward to continuing to collaborate with them on the Cybersecurity Transformation Map and the insights they can provide."
Joe McLeod of the SEI's CERT Division coordinated between CMU, the WEF, and the SEI. The task of revising the cybersecurity topic then fell to the CERT Division's Matt Butkovic, technical director of the Risk and Resilience directorate and the map's named curator, with help from his colleagues Alan Levine, Brett Tucker, Kris Rush, and Chris May. "The SEI certainly has the cybersecurity domain expertise," said Butkovic, “and I feel we made the content more relatable, with an emphasis on letting the readers see themselves in how we describe the challenges."
Butkovic and his colleagues wrote new summaries for the main cybersecurity topic and its eight sub-topics, or dimensions, which they also updated top-to-bottom: cybersecurity skills gap, cyber diplomacy and international security, critical infrastructure and cyber resilience, cyber risk governance, cybersecurity and new technologies, cyber and supply chain risk, cybercrime, and cybersecurity and regulation.
The dimension "cyber and supply chain risk" was the most significant addition. "It's one of those pervasive technology problems that really wasn't well accounted for," said Butkovic. "The trustworthiness of technology components and services is one of the most challenging and broad-based problems in cybersecurity." The CERT Division’s supply chain expertise was recently leveraged by the Department of Defense to help create the Cybersecurity Maturity Model Certification (CMMC) program, which combats cybercrime in the Defense Industrial Base (DIB).
Soon after its release, the revised Cybersecurity Transformation Map's traffic increased by 700 percent. It has remained one of the most popular transformation maps among the site’s 500,000 registered users.
Over the next year, Butkovic and his colleagues will participate in monthly WEF meetings and other Forum events related to cybersecurity. They will also tune the Cybersecurity Map to new cyber events as they occur.
Butkovic sees the SEI's curation of the WEF cybersecurity topic as part of the institute’s mission as a federally funded research and development center to transition its work to the community. "This is one of the most important expressions of our impact on the global cyber community."