Policy brief: Evaluating Cyber Security Evidence for Policy Advice
Civil servants across the UK Government are working on policy advice for cyber security – but how they acquire and use evidence to make recommendations is not well understood.
This is important as the source and credibility of evidence affects the effectiveness and authority of the judgements made about threats, risks, mitigation and consequences.
This briefing sets out findings from the ECSEPA project on how evidence is being incorporated into developing effective cybersecurity policies across UK Government. It sets out the first iteration of a framework that rates evidence samples relative to each other based on source and credibility, designed to help policy makers assess the credibility of their evidence.
Funder
EPSRC
Lead researchers
Professor Madeline Carr (UCL STEaPP) and Professor Siraj Shaikh (Coventry University)
Output type
Policy brief
PIU lead
Florence Greatrix
View the policy brief on the RISCS website
Last updated: Tuesday, July 6, 2021