Practical Guides, Frameworks and Practices

A practice is an agreement that standardises or prescribes an efficient and effective way to accomplish a desired outcome. Good practices are usually published in the form of a document or toolkit which reflects on a proven technique, method, or process. The GFCE community expressed the need to have good practices available which make duplication of efforts efficient and reduces the risk of making avoidable errors.

To navigate directly to the GGPs of interest to you, consult the interactive visual navigation here.

Find a Collection of GFCE Global Good Practices here or search by topic.

Reference to practices


Good Practices

1. National Cyber Security Strategy

2. National Capacity Assessments

Assess national cybersecurity capacity using the maturity model  #MaturityModel

Cybercrime and cyber security trends in Africa (Report, 2016)

3. National Computer Security Incident Response

Global Good Practices - National Computer Security Incident Response Teams (CSIRTs)

Best Practices for Establishing a National CSIRT (Guidebook, 2016)

4. Incident capture and analytics

Establish a clearinghouse for gathering systemic risk conditions data in global network #ClearingHouse

Produce and present trusted metrics about systemic risk conditions#Healthmetrics

Assist with cyber-risk mitigation and keep score of successes #ScoreKeeping

5. Cyber Security Exercises

6. Critical Information Infrastructure Protection

Global Good Practices - Critical Information Infrastructure Protection (CIIP)

The GFCE-MERIDIAN Good Practice Guide on Critical Information Infrastructure Protection for governmental policy-makers

Companion Document to the GFCE-MERIDIAN GPGuide on CIIP

7. Legal Frameworks

Global Good Practices - Coordinated Vulnerability Disclosure (CVD)

8. Law enforcement in cyberspace

Stimulate local ownership of capacity building programmes through National Project Teams #NationalTeam

Enhance capacity building outreach through regional hubs#RegionalHubs

Free available decryption tools for some of the existing ransomware families

Prevention Advice: How to prevent a ransomware attack?

9. Cyber Security Awareness

Align national campaigns #Campaign

Focus awareness-building through a cybersecurity Awareness Month #Month

Cybersecurity Awareness Campaign Toolkit (Toolkit, 2015)

10. Education and Training

11. Standards Global Good Practices - Internet Infrastructure Initiative
Establish a national multistakeholder platform to promote standards #MSPlatform
Create a website for testing standards-compliance #TestingTool