Phase I (0 - 1 year)

• Stop-gap measures to address fundamental vulnerabilities to the cyber security orthe CNII
• Creating a centralise platform for security mechanism
• Raising awareness of cyber security and its implications

Phase II (0 - 3 years)

• Setting-up the necessal)' systems, processes. standards and institutional arrangements (mechanisms)
• Building capacity amongst researchers and information security professionalsions

Phase III (0 - 5 years and beyond)

• Developing self-reliance in terms of technology as well as professionals
• Monitoring the mechanisms for compliance
• Evaluating and improving the mechanisms
• Creating the culture of cyber security