Cyber Capacity & Capability Building (CyCap)

Muhammad Khurram Khan

Group Chair


Team members:
  • Zaheema Iqbal (Co-ordinator)
  • Amanullah Quadri
  • Fajri Kurniawan
  • Farhan Khan
  • Afeera Firdous
  • Wazir Zada Khan
  • Hammaad Salik
  • Mubeen Ashraf
  • Eduardo Izycki
  • Hassan Tariq
  • Olatunji Osunji
  • Shenita R. Freeman
  • Ghayda Bafail
SIG on Cyber Capacity & Capability Building (CyCap)

Reports, Papers, Briefings

  • Ransomware as an Emerging National Security Threat: Prevention, Detection and Response
    Ransomware is a kind of malware that makes files or data on a victim’s computer or other device inaccessible and then demands ransom in the form of online payment, gift vouchers, or cryptocurrency to restore accessibility or functionality of the system. Ransomware is a digital form of extortion and is tantamount to criminal practice of illegally obtaining money or its equivalence from individuals or organizations. Cyber-crime has drastically increased in the recent years due to rapid transformations in communication modes, advanced applications, and operating systems. Hackers, criminal groups, underground gangs, and terrorist networks are carrying out ransomware attacks in an organized way. Many ransomware services have also been introduced for such groups with malicious intent to provide them ease in carrying out ransomware activities and launching attacks. Ransomware attacks are widely spreading because of the advanced technologies and strategies and also due to the lack of awareness of internet users. The previous studies on ransomware are conducted in the context of computer sciences and security and public policy perspective has been largely ignored. This paper highlights ransomware attacks and its impacts on national security issues and society. It is focused on finding a way out to detect and prevent ransomware attacks. The perpetrators behind ransomware have done extreme damage to critical infrastructures and are collecting billions of dollars from the victims worldwide. Ransomware has deeply impacted the sensitive data and systems and has challenged the national security organizations and agencies. It is deeply affecting society, industries, government, corporate sector, law enforcement agencies and individuals including general public. Therefore, it is important to conduct in-depth research and set up strategic defense for fighting against ransomware.
  • The United States Footprint in International Cyber Capacity Building: Are We Doing Enough?
    Over the years, the United States government has steadily increased its efforts to contribute towards open, interoperable, secure, and reliable cyberspace through international cybersecurity capacity building. This is further demonstrated through active membership and participation in international cyber groups, like the United Nations Group of Governmental Expert, the Open-Ended Working Group, and the Global Forum on Cyber Expertise. These efforts echoed in an International Telecommunication Union report which recognized the US as the nation with the highest commitment to cybersecurity. However, there are issues centered around internal coordination, funding, and role conflict among US government agencies. Using the Global Forum on Cyber Expertise’s database and existing literature on International Cybersecurity capacity building, this report presents an exploratory analysis to support the existence of these issues, identify new gaps, and recommend that the United States' Department of States restructure its international cybersecurity building program around an established framework, take up the responsibility of coordinator on all international cybersecurity building initiatives involving United States stakeholders and engage academia in more empirical studies within cybersecurity capacity building. In line with this, Congress should amend the Foreign Assistance Act of 1961 to allow for more and better funding mechanisms through streamlining cybersecurity into every development assistance project.
  • Harnessing Artificial Intelligence against COVID-19: Promises and Data Privacy Threats
    Artificial intelligence (AI) has become a hallmark technology in tackling epidemics and pandemics and COVID-19 is one of the most perilous amongst them. This paper provides an argument on how AI has been used to tackle COVID-19 since its outbreak in late 2020.
  • The Digital Charter Bill C-11
    Across the world, mega corporations and tech leaders have assumed control of a growing treasure trove of personal data. Recent surveys suggest citizens are both aware and concerned by this, however data protection rules in North America have fallen behind the rest of the world. The newly introduced Bill C-11 (Digital Charter Implementation Act, 2020) could finally address these concerns and offer better protections for Canadian internet users and become a beacon for the rest of the world.
  • Near Future of Cybersecurity and New Trends in Cyberspace
    This opinion paper provides an directions and future trends of global cybersecurity that will develop in 2021. It gives insight how the cybersecurity landscape will evolve and how rapidly growing technologies are promoting to increase the number of cyber-criminals and further sophistication of the methods of committing cybercrimes.
  • Cybersecurity In The Civil Aviation And Existing Challenges
    This opinion paper highlights challenges in monitoring, analyzing and securing critical infrastructure of the aviation sector. In the paper suggested that it is crucial to ensure cybersecurity for the civil aviation. All stakeholders, in particular, public and private sectors as wells as the representatives of academia should be involved in the process of protecting critical infrastructure.
  • It’s Time to Make Personal Data Protection A ‘National Standard’
    This opinion paper discusses critical pieces of personal information can be mis-used resulting in theft of one’s identity and in turn used for legally questionable purposes. Despite the risk, technological organizations and social media platforms treat personal data irresponsibly, and reports indicate sharing of personal information with third parties and storing it on online public forums where, it is nearly impossible to expunge.
  • The Impact of COVID-19 on the Future Development of Cybersecurity
    This commentary discuss how post COVID-19 will be vital for all countries and especially for the post-soviet and Eastern European countries to review their approaches related to cybersecurity strategies and political frontier. The recommendations are outlined for a systemic revamping of existing confided cybersecurity approach.
  • End-To-End Encryption… What are you hiding?
    This white paper present to understand the privacy debate. With the rise of surveillance capitalism and data-driven authoritarianism, the ability to control private data and information is a fundamental human right, on par with the right to life and liberty
  • Safeguarding Nuclear and Conventional Warheads Using Blockchain
    This white paper present how blockchain technology can create a new wall against cyber threats on military and nuclear installations.
  • COVID-19 and the Cyberspace: Preparing for the Unprepared
    This white paper enunciates the imperative impacts of COVID-19 on the digital lives of every individual globally and provides recommendations how to get prepared in cyber realm for the future in the wake of any pandemic or natural disaster.
  • The G-War: Race for Technological Supremacy in 5G and 6G
    In this policy brief, we discussed the concerns that entail the race to control the emerging 5G technology and its potential impact across the world. Also, we outlined the strategic recommendations to effectively regulate the technology and its successors.
  • Blockchain : Transforming the Fourth Industrial Revolution
    This policy brief highlights there are many areas where decentralize control or sharing can open new economic models where value exchange does matter, especially in the era of the fourth industrial revolution. Since Blockchain technology is at a very early stage, therefore humans have to identify how and where this technology could fill the trust gap.
  • Advanced Persistent Threats Through Industrial IoT On Oil And Gas Industry
    This paper shares an insight gained through analysis of cybersecurity attacks on various oil and gas companies, including the lessons learned as preemptive measures. This paper helps the oil and gas industry to defend its most valuable assets and data from digital disruption in upstream, midstream, and downstream sectors.
  • Cybersecurity Accelerators
    This policy brief discuss some characteristics and key challenges to assist cyber accelerators. Then, some recommendations are provided to built a robust cybersecurity initiatives.
  • Policy Brief On Global Women In Cyber Workforce
    This policy brief provides with some recommendations to enable global women to work and excel in cybersecurity field after the announcement of ‘Women’s Global Development and Prosperity Initiative’ by the US Government
  • Public Crypto Currencies on the Blockchain and the Reservation of the States
    This policy brief highlights the Blockchain, Cryptocurrencies from a technological perspective, followed by its misuse and abuse. Outlines the way forward of how law and order agencies can use this technology instead of avoiding it.
  • Cybersecurity Challenges of the KSA: Past, Present and Future
    This policy study analyzes the historical evolution of IT in the Kingdom of Saudi Arabia, the current scenario of the cybersecurity, the initiatives and investments and more importantly the cybersecurity readiness and gaps. Lastly, provides recommendations to augment the cybersecurity of the country.
  • Saudi Women in Cybersecurity: Narrowing the Gap of Human Capital Crisis
    This policy study points to the gaps in the human capital for cybersecurity in Saudi Arabia and outlines the recommendations as to how women, have an edge if applied to cybersecurity. Also, recommendations are prescribed for how women can easily prepare for it.