bankingtech.com

We have all suspected the world is not ready for the connected era, though the International Telecommunication Union’s (ITU) Global Cybersecurity Index (GCI) has confirmed it, writes Telecoms.com (Banking Technology‘s sister publication).

The survey itself is essentially a measurement of a country’s capabilities in the security arena, and while there are some who are exceeding expectations, there are also a worrying number of highly developed nations who are way down the list. Although we should not be surprised by such claims, security is after all a topic people like to avoid, it does always make us shift uneasily in our seats when we see the latest datasets.

“In 2016, nearly 1% of all emails sent were essentially malicious attacks, the highest rate in recent years,” says Brahima Sanou, director of the Telecommunication Development Bureau in the introduction. “Ransomware attacks increasingly affected businesses and consumers, with indiscriminate campaigns pushing out massive volumes of malicious emails.”

While many organisations like the tend to put out relatively useless pieces of research, this one does alright by us. It’s pretty comprehensive, measuring everything from the legal framework in place, from the current technical capabilities, the ability to create talent, and finally, co-operation frameworks which are in place. It paints a pretty wide-ranging picture.

The top ten countries worldwide in terms of cybersecurity performance were kind of what you would expect for a number of reasons (have a look at the infographic below for the full details). The US is a country which believes it is the best and therefore everyone wants what it has, of course it’s going to beef up security. Nations like Oman and Singapore, where state intervention is likely to be high, are unsurprising as well. Mauritius is perhaps a surprising one, but it’s so small, so unlikely to be attacked, it must be one of the simplest jobs worldwide to secure.

On the more worrying side, there are a few countries which are much lower down the ranks than you would expect. Germany for instance comes in at 24 globally, which considering its approach to data protection legislation or the perception of Germany in the technology world, this is low. China ranked as low as 33 and Spain at 54. These are nations which you would expect to have a stronger influence in the security world, but the survey does generally show the difference between bark and bite.

A final point which would be worth noting is perhaps the lack of government action; the data would suggest any claims made to the press by politicians regarding the importance of security in the digital world are nothing more than soundbites. Only 38% countries have a published cybersecurity strategy and only 11% have a dedicated standalone strategy. Another 12% have a cybersecurity strategy under development. These numbers are simply not high enough.

So we’ll all act surprised, but we shouldn’t be. Security is getting better, but it is still getting largely ignored.