1. Inter-governmental institutions. Organizations that can drive collaboration across borders are vital. The UN International Code of Conduct for Information Security is an initial approach to standardize a code of responsible government behavior in cyberspace. The G7 is looking to align on a set of joint cyber standards. Example: The European Union Agency for Cybersecurity.
2. Governments and regulators. Governments vary in their level of responsibility and the maturity of their cybersecurity capabilities. Those with strong cyber geopolitical interests take a more proactive and direct role to national cybersecurity. Example: The Cybersecurity and Infrastructure Security Agency in the United States.
3. Corporations. Companies, particularly those with high exposure to cyber threats, such as banks and large tech firms, are applying an enterprise risk-management approach to cybersecurity. They are exploring collaborative initiatives through partnerships or industry utilities and driving new cultural best practices. Example: Sheltered Harbour for financial institutions.
4. Academia. Universities and think tanks recognize the challenges and complexities within the cyber domain, and they are increasingly active in publishing reports on new technologies that address challenges across all sectors. Example: Belfer Center, Harvard Kennedy School.
5. Trade associations and citizen groups. Such groups provide an important gateway into industry networks representing member interests—publishing research and driving collaboration, education, and political change within their sectors. Example: EE-ISAC, European Energy-Information Sharing & Analysis Centre.
6. Law-enforcement agencies. As the organizations responsible for enacting a country’s laws and identifying criminals, law-enforcement agencies play a critical role in understanding cyber threats and identifying potential and actual attackers. Example: The Dedicated Card and Payment Crime Unit, UK.
7. Technology and service providers. These providers are essential suppliers of tools and capabilities to a market with high and constantly evolving demand. In fact, the list of vendors of cybersecurity solutions is so extensive it is problematic for many buyers to navigate.
8. Media and thought leaders. The responsibility of both the public and private sectors to prepare and protect citizens and customers is arguably growing daily. To drive change, these responsibilities must be challenged, given visibility, and conveyed accurately to those who are vulnerable or have been victimized. Example Chatham House, The Royal Institute of International Affairs.