An Integrated Framework for Innovation Management in Cyber Security and Privacy

Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 470)


This paper is concerned with increasing the impact of publicly funded research and development (R&D) in cyber security and privacy. In the context of a high level of threat, there is a pressing need for firms and institutions to implement innovative and robust cyber security and privacy technologies. This particular challenge requires a systematic coordinated approach across both the public and private sectors. The innovation ecosystem involves complex interactions between key actors such as policy makers, incumbent service providers, and new innovators, each with their own view of how to increase the impact of R&D in cyber security and privacy. Drawing on R&D literature and roadmapping theory, this paper presents a framework and research tool for establishing an integrated view of innovation management in cyber security and privacy.


Innovation management Impact Cyber security Privacy 



This work has been partly funded by the Seventh Framework Programme (FP7) of the European Commission, Security and Trust Coordination and Enhanced Collaboration (SecCord) – – grant agreement 316622.


  1. 1.
    Maughan, D., Balenson, D., Lindqvist, U., Tudor, Z.: Crossing the “Valley of Death”: transitioning cybersecurity research into practice. IEEE Secur. Priv. 11(2), 14–23 (2013)CrossRefGoogle Scholar
  2. 2.
    Anderson, R., Boehme, R., Clayton, R. Moore, T.: Security Economics and the Internal Market. ENISA (2008)Google Scholar
  3. 3.
    Downey, F.: Bridging the “valley of death”: Response to the House of Commons Science and Technology Select Committee Bridging the “valley of death”: Improving the Commercialisation of Research Inquiry from Engineering the Future. The Royal Academy of Engineering, London (2012)Google Scholar
  4. 4.
    Auerswald, P.E., Branscomb, L.M.: Valleys of death and Darwinian seas: financing the invention to innovation transition in the United States. J. Technol. Transf. 28(3–4), 227–239 (2003). (Kluwer Academic Publishers)CrossRefGoogle Scholar
  5. 5.
    Benzel, T.V., Lipner, S.: Crossing the great divide: transferring security technology from research to the market. IEEE Secur. Priv. 11(2), 12–13 (2013)CrossRefGoogle Scholar
  6. 6.
    D’Amico, A., O’Brien, B., Larkin, M.: building a bridge across the transition chasm. IEEE Secur. Priv. 11(2), 24–33 (2013)Google Scholar
  7. 7.
    Mankins, J.C.: Technology readiness levels: a white paper. NASA (1995)Google Scholar
  8. 8.
    NASA: HRST technology assessments technology readiness levels, chartGoogle Scholar
  9. 9.
    Mankins, J.C.: Research & Development degree of difficulty (R&D3): a white paper. NASA (1998)Google Scholar
  10. 10.
    ENISA: Security economics and the internal market: evaluation of stakeholder replies (2008)Google Scholar
  11. 11.
    ENISA: Security economics and the internal market: ENISA conclusions on follow-up activities (2008)Google Scholar
  12. 12.
    EUROCONTROL: European operational concept validation methodology, E-OCVM version 3.0, volume I (2010)Google Scholar
  13. 13.
    EUROCONTROL: European operational concept validation methodology, E-OCVM version 3.0, volume II annexes (2010)Google Scholar
  14. 14.
    INSEAD: The global innovation index 2012: stronger innovation linkages for global growth. INSEAD and WIPO (2012)Google Scholar
  15. 15.
    ENISA: EP3R 2012 activity report. European Public+Private Partnership for Resilience (2012)Google Scholar
  16. 16.
    ENISA: EP3R 2013 work objectives. European Public+Private Partnership for Resilience (2013)Google Scholar
  17. 17.
    NIST: Between invention and innovation: an analysis of funding for early-stage technology development. NIST GCR 02–841, November 2002Google Scholar
  18. 18.
    Hartmann, G.C., Myers, M.B.: Technical risk, product specifications, and market risk. In: Branscomb, L.M., Auerswald, P.E. (eds.) Taking Technical Risks: How Innovators, Executives, and Investors Manage High-Tech Risks. MIT Press, Cambridge (2003)Google Scholar
  19. 19.
    European Commission: Pre-commercial procurement: driving innovation to ensure high public services in Europe. European Communities (2008)Google Scholar
  20. 20.
    European Commission: Opportunities for public technology procurement in the ICT-related sectors in Europe, final report (2008)Google Scholar
  21. 21.
    European Commission: Communication from the Commission to the European Parliament, The Council, The European Economic and Social Committee and the Committee of the Regions, Pre-commercial Procurement: Driving innovation to ensure sustainable high quality public services in Europe, SEC(2007) 1668, COM(2007) 799 final, Brussels (2007)Google Scholar
  22. 22.
    Felici, M., Wainwright, N.: Deliverable 6.4 – Future Internet Initiatives Year 1. SecCord Project No. 316622, November 2013Google Scholar
  23. 23.
    Probert, D., Radnor, M.: Frontier experiences from industry-academia consortia. IEEE Eng. Manag. Rev. 31(3), 28 (2003)CrossRefGoogle Scholar
  24. 24.
    Groenveld, P.: Roadmapping integrates business and technology. Res. Technol. Manag. 50(6), 49–58 (2007). (Industrial Research Institute)Google Scholar
  25. 25.
    Cosner, R.R., Hynds, E.J., Fusfeld, A.R., Loweth, C.V., Scouten, C., Albright, R.: Integrating roadmapping into technical planning. Res. Technol. Manag. 50(6), 31–48 (2007). (Industrial Research Institute)Google Scholar
  26. 26.
    Department for Homeland Security: A roadmap for cybersecurity research. United States Government (2009)Google Scholar
  27. 27.
    Industrial Control Systems Joint Working Group: Cross-sector roadmap for cybersecurity of control systems. Department for Homeland Security, United States Government (2011)Google Scholar
  28. 28.
    Dissel, M.C., Phaal, R., Farrukh, C.J., Probert, D.R.: Value roadmapping. Res. Technol. Manag. 52(6), 45–53 (2009). (Industrial Research Institute)Google Scholar
  29. 29.
    Petrick, I.J., Martinelli, R.: Driving disruptive innovation: problem finding and strategy setting in an uncertain world. Res. Technol. Manag. 55(6), 49–57 (2012). (Industrial Research Institute)CrossRefGoogle Scholar
  30. 30.
    Radnor, M., Probert, D.R.: Viewing the future. Res. Technol. Manag. 47(2), 25–26 (2004). (Industrial Research Institute)Google Scholar
  31. 31.
    Phaal, R., Farrukh, C., Probert, D.: Customizing roadmapping. IEEE Eng. Manag. Rev. 32(3), 80–91 (2004)CrossRefGoogle Scholar
  32. 32.
    Phaal, R., Farrukh, C.J.P., Probert, D.R.: Developing a technology roadmapping system. In: Technology Management: A Unifying Discipline for Melting the Boundaries, Portland International Conference on Management of Engineering & Technology (PICMET), pp. 99–111 (2005)Google Scholar
  33. 33.
    European Commission: High Representative of the European Union for Foreign Affairs and Security Policy, Joint Communication to the European Parliament, The Council, The European Economic and Social Committee and the Committee of the Regions, Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace, JOIN (2013) 1 final, Brussels (2013)Google Scholar
  34. 34.
    Department of Homeland Security, Science and Technology Directorate: A roadmap for cybersecurity research, November 2009Google Scholar
  35. 35.
    Cybersecurity R&D priorities, United States Homeland Security (2014)Google Scholar
  36. 36.
    Trustworthy cyberspace: strategic plan for the federal cybersecurity research and development program. Executive Office of the President National Science and Technology Council (2011)Google Scholar
  37. 37.
    NITRD: Cybersecurity game-change research & development recommendations. The Networking and Information Technology Research and Development (NITRD) Program (2010)Google Scholar
  38. 38.
    White House: cyberspace policy review: assuring a trusted and resilient information and communications infrastructure. United States Whitehouse publication (2009)Google Scholar
  39. 39.
    ESCSWG: Roadmap to achieve energy delivery systems cybersecurity. The Energy Sector Control Systems Working Group (ESCSWG), Sept (2011)Google Scholar
  40. 40.
    Space Foundation: U.S. non-military cybersecurity research & development and related policies, Cybersecurity, Federal Research and Development Strategic Plan. Space Foundation (2014)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  1. 1.Security and Cloud LabHewlett-Packard LaboratoriesBristolUK

Personalised recommendations