A global ranking of countries exists to demonstrate which are the most committed to raising awareness for cybersecurity in preparation for cyber-attacks. How does your country rank?
One of the most respected measurements of cyber-preparedness is the Global Cybersecurity Index (GCI), created by the International Telecommunication Union (ITU). The index, which ranks countries based on a number of factors, found the following ten to be the most committed to cybersecurity:
Singapore, United States, Malaysia, Oman, Estonia, Mauritius, Australia, Georgia, France, and Canada
What makes these countries stand out is their commitment – at a national level – to establishing legal, technical, and organizational frameworks to address cybercrime, training and certification programs, and cooperative efforts to share information.
So, does that mean your organization is less a target?
While these (and other) nation-states have made great strides in advancing awareness of cybersecurity, two things should be considered:
First - cyber-criminals don’t care; they’re continuing to evolve their craft, targeting organizations, industry verticals, and governments in an effort to make money.
Second – just because the nation in question has made huge commitments to advancing cybersecurity, it doesn’t mean your organization has.
Case in point, take the graph below from Hiscox’s latest Cyber Readiness Report – it represents the percentage of organizations of a given size that have experienced one or more cyber-attacks in the last 12 months. Note the US and the UK (both, of which are in the ITU’s “top ten” list) have experienced attack trends similar to other nations.
Source: Hiscox 2018 Cyber Readiness Report
So, don’t think that just because your country is well-ranked on the GCI that your organization is safe; in fact, take the opposite approach – be even more vigilant. You can’t let your guard down because the country as a whole has a great stance to address cybercrime – instead, think of it as your opportunity to take advantage of the great frameworks, industry experts, and security vendor products and services (such as KnowBe4’s Security Awareness Training), to make your organization’s security even better.