An analysis of the national cybersecurity preparedness of the world’s countries reveals news both good and bad. The bad news is the headline: half of all nations don’t even have a plan to secure their digital assets. The good news, however, is that awareness of the challenges is growing among nations and this year’s analysis shows improvement over the previous year’s report.
The Global Cybersecurity Index is based on analysis of the 193 members of the International Telecommunication Union. The analysis is based on a survey completed by 134 member states in 2016, with the remaining states having their cybersecurity preparedness ranked on open-source research.
The Global Cybersecurity Index, according to the U.N., is a composite of 25 indicators into a benchmark measurement that monitors and compares the level of member states cybersecurity commitments. The metrics measured are:
- Legal: Measured based on the existence of legal institutions and frameworks dealing with cybersecurity and cybercrime.
- Technical: Measured based on the existence of technical institutions and frameworks dealing with cybersecurity.
- Organizational: Measured based on the existence of policy coordination institutions and strategies for cybersecurity development at the national level.
- Capacity Building: Measured based on the existence of research and development, education and training programmes; certified professionals and public-sector agencies fostering capacity building.
- Cooperation: Measured based on the existence of partnerships, cooperative frameworks and information sharing networks.
The primary objectives of the GCI include measuring the type, level and evolution over time of cybersecurity commitment with countries as well as relative to other countries; the progress in cybersecurity commitment of all countries from a global perspective; the progress in cybersecurity commitment from a regional perspective; and the cybersecurity commitment divide, i.e., the difference between countries in terms of their level of engagement in cybersecurity programmes and initiatives.
“Through the information collected, the GCI aims to illustrate the practices of other countries so that Member States can implement selected aspects suitable to their national environment,” the report said.
This year’s report did show improvement over the findings from 2014.
The U.N. credited the 2014 report with having motivated countries to improve their work related to cybersecurity, and for having raised awareness in countries for the need to start bilateral, multi-lateral and international cooperation, as well as increased the visibility to what some countries are doing in order to improve cybersecurity.
Let’s hope improvement continues. Cybercrime is an international challenge. A business in New York City can be attacked from anywhere in the world, and if the right laws and cooperative measures are not in place between nations, there’s little legally that anyone can do about attacks. And the recent string of ransomware attacks that struck so many nations over a course of a couple days and wreaked havoc are wake-up calls for everyone. After all, viruses, worms, and data destroyers know no national boundaries – the world needs to take the steps necessary to make sure those national borders don’t become barriers to improving the world’s cybersecurity posture.