TY - STAND AB - The importance of a sound governance model for the implementation of the National Cybersecurity Strategies (NCSSs) has been highlighted in numerous testimonies of the Member States as well as included in the NIS and NIS2 Directive. However, each country deploys its own governance model with a different level of maturity. ENISA, taking on its mandate to support and promote the development, deployment and implementation of the NCSS and accompanying governance models, produced this study on "Building Effective Governance Frameworks for The Implementation of National Cybersecurity Strategies". It analyses existing governance models to share a set of good practices when developing a governance model and putting in place the different governance elements. The proposed governance model consists of four layers with 10 sub-categories, and provides a total of 28 good practices: - Political governance - Political processes; - Roles and responsibilities; and - Legal measures. - Strategic governance - Strategy itself and its implementation; and - Risk identification and mitigation. - Technical governance - International standards and technical guidelines; and - Use of technology, tools and certification schemes. - Operational governance - Awareness raising; - Incident response; and - Information sharing. The good practices have been defined based on data collected through desk research and interviews with experts and relevant stakeholders from the Member States. The data collected has been analysed to identify trends, and effective instances across the different elements of governance. While the interviews had a European focus with 19 interviews with stakeholders from 18 EU Member States, the geographical scope of the desk research includes a global outreach. Finally, this report provides insights on KPIs and general indicators to monitor and evaluate the status of implementation of the NCSS and its governance model. BT - ENISA DO - 10.2824/850466 N2 - The importance of a sound governance model for the implementation of the National Cybersecurity Strategies (NCSSs) has been highlighted in numerous testimonies of the Member States as well as included in the NIS and NIS2 Directive. However, each country deploys its own governance model with a different level of maturity. ENISA, taking on its mandate to support and promote the development, deployment and implementation of the NCSS and accompanying governance models, produced this study on "Building Effective Governance Frameworks for The Implementation of National Cybersecurity Strategies". It analyses existing governance models to share a set of good practices when developing a governance model and putting in place the different governance elements. The proposed governance model consists of four layers with 10 sub-categories, and provides a total of 28 good practices: - Political governance - Political processes; - Roles and responsibilities; and - Legal measures. - Strategic governance - Strategy itself and its implementation; and - Risk identification and mitigation. - Technical governance - International standards and technical guidelines; and - Use of technology, tools and certification schemes. - Operational governance - Awareness raising; - Incident response; and - Information sharing. The good practices have been defined based on data collected through desk research and interviews with experts and relevant stakeholders from the Member States. The data collected has been analysed to identify trends, and effective instances across the different elements of governance. While the interviews had a European focus with 19 interviews with stakeholders from 18 EU Member States, the geographical scope of the desk research includes a global outreach. Finally, this report provides insights on KPIs and general indicators to monitor and evaluate the status of implementation of the NCSS and its governance model. PY - 2022 T2 - ENISA TI - Building Effective Governance Frameworks For The Implementation Of National Cybersecurity Strategies UR - https://op.europa.eu/en/publication-detail/-/publication/c82b8e38-a1df-11ed-b508-01aa75ed71a1/language-en ER -