U.S. Has Second Strongest Cybersecurity in the World, UN Reports


Singapore has the strongest cybersecurity capabilities in the world, with the U.S. coming in a close second, according the United Nations Global Cybersecurity Index 2017.

Being second among nations usually isn’t something the U.S. likes to celebrate. But given the media firestorm over alleged Russian hacking of U.S. systems, and the fallout from massive malware attacks that crippled some U.S. operations, being second amongst the nearly 200 countries that are members of the U.N. International Telecommunications Union studied in the report sounds like a good thing.

The U.N. categorized the countries into three general levels of preparedness: initiating stage, maturing stage, and leading stage. The report put 96 countries in the initiating stage category because they have just started making cybersecurity commitments. Seventy-seven countries with “complex” cybersecurity commitments and active engagement in cybersecurity programs were classified as being in the maturing stage. The 21 countries in the leading stage demonstrated they had strong commitments to five cybersecurity pillars—legal, technical, organizational, capacity building, and cooperation.

The U.N. looked at a variety of cybersecurity readiness indicators, one of the strongest of which was a country having outlined a cybersecurity strategy. Only 38 percent of countries in the report had adopted such a strategy and 50 percent of the countries had no cybersecurity strategy, the report said.

Less than half (43 percent) of states have capacity building programs that provide cybersecurity training for officials who are most likely to handle cybersecurity issues, such as law enforcement officers and the judicial system, the U.N. said. The U.S. received perfect scores in both the legal and capacity building pillars, which includes cybersecurity legislation and regulation.

More than half of the countries (61 percent) have some sort of official cybersecurity emergency response team, such as a Computer Emergency Response Team (CERT). But more than two-thirds (68 percent) of the countries don’t have cybersecurity industries.  

Although worldwide cybersecurity preparedness is drastically uneven, each of the six regions into which the U.N. divides the world has at least one country among the top 10.

Singapore (1), Malaysia (3), and Australia (7) represent the Asia and the Pacific region in the top 10 most cybersecurity-prepared countries. From the European region, Estonia (5) and France (9) are in the top 10. The U.S. (1) and Canada (10) made the list from the Americas region. Mauritius (6) represents Africa, Oman (4) represents the Arab states, and Georgia (8) represents the independent commonwealth states in the top 10.

Cybersecurity is still very much on the radar of countries with highly developed economies, as seen at the recent G-20 summit where cybersecurity was featured “predominantly in the communique.” Unfortunately, proclamations from the G-20 nations won’t help the countries with the least developed cybersecurity infrastructures.

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.