A global coalition of 37 organizations from government, industry, academia, and civil society today released the third edition of the Guide to Developing a National Cybersecurity Strategy (“the NCS Guide”) — an updated, practical blueprint to help countries plan, implement, and continuously improve cybersecurity at scale.

As digital technologies power inclusive and sustainable development, governments face persistent and evolving cyber risks. The new edition sharpens the focus on actionable safeguards against evolving risk — from those posed by emerging technologies and the proliferation of connected devices to complex supply chains and evolving threat landscape — while elevating implementation roadmaps, measurement and continuous improvement, and cross-border cooperation.

The NCS Guide has become a widely referenced resource for national leaders and policymakers. As countries iteratively refine their strategies, adoption has surged —  from 76 countries in 2018 to around 127 in 2021, and 136 today (according to the ITU Global Cybersecurity Index – GCI)—underscoring the importance of long-term, strategic planning to guide investments, set priorities, and build capacity across the public sector and the wider digital ecosystem.

What’s new in the 3rd Edition

• Hands-on implementation: A clearer sequencing, resourcing, and governance guidance.
• Measurement that matters: A stronger emphasis on monitoring, evaluation, and learning loops.
• Resilience by design: Practical safeguards for evolving risk landscape including emerging tech, growing interdependencies, and supply-chain risks.
• Global cooperation: tools to strengthen regional and international collaboration.

Built by many, for all; This edition is a result of an inclusive, multi-stakeholder effort, nearly doubling the group since 2021. It distills real-world lessons from countries on their second and third strategy iterations and signposts complementary publications to help teams move from policy to practice.

Download the Guide: https://ncsguide.org/
 

About the NCS Working Group

This Guide was developed by thirty-seven Contributors from Intergovernmental and International Organizations, private sector, as well as academia and civil society and included the following organizations: Accenture, African Union (AU), Arab League, Axon Partners Group, Commonwealth Telecommunications Organisation (CTO), Council of Europe (CoE), Cybercrime Research Institute (CRI), Cybersecurity Capacity
Centre for Southern Africa (C3SA), Deloitte, DiploFoundation (Diplo), European Bank for Reconstruction and Development (EBRD), e-Governance Academy (eGA), European Union CyberNet (EU CyberNet), Experirē Strategy & Advisory, Forum of Incident Response and Security Teams (FIRST), Geneva Centre for Security Sector Governance (DCAF), Global Cyber Security Capacity Centre (GCSCC), Global Forum on Cyber Expertise (GFCE), Global Partners Digital (GPD), Hathaway Global Strategies LLC, Inter-American Development Bank (IADB), International Criminal Police Organization (INTERPOL), International Monetary Fund (IMF), International Telecommunication Union (ITU), KPMG, Microsoft, NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), NRD Cyber Security, Organization of American States (OAS), United Nations Development Programme (UNDP), United Nations Interregional Crime and Justice Research Institute (UNICRI), United Nations Institute for Disarmament Research (UNIDIR), United Nations Office of Counter-Terrorism (UNOCT), United Nations Office for Disarmament Affairs (UNODA), United Nations Office on Drugs and Crime (UNODC), United Nations University (UNU), World Bank (WB), World Economic Forum (WEF), and the European Union Agency for Cybersecurity (ENISA) contributed to the Guide as observer.