Time to Index Cybersecurity Capacities

The Internet is a singular force majeure.  Fuelled by dynamic technological advances and a growing number of connected people and machines, it has created a rich digital environment. However this same growth has also intensified the opportunities for malicious exploit. The Internet’s borderless nature has inevitably facilitated the emergence of advanced threats.

Despite significant efforts to curb known dangers, the permeability of cyberspace continues to frustrate attempts to tighten control. The result has been the quasi unimpeded expansion of a thriving underground economy operating just outside the reach of legitimate jurisdictions. Working according to its own self-regulated anarchy, this digital black market regularly spawns sophisticated threat technology: Exploit Kits, Zero Day Attacks, Botnets, Remote Access Tools, Command and Control Servers, among many other innovative tools. The nefarious proliferation of organized cybercrime has in its turn encouraged the rise of brazen state-sponsored espionage and a new era of digital warfare.

Clearly, cybersecurity has a crucial role to play in restraining the onslaught of cyber threats. The past decade has shown that social, policy and regulatory efforts are just as important as technical measures in deterring online risks. Cybersecurity is not simply about reactive solutions and defensive positioning; it also includes pro-active efforts and offensive action. Integrating a wider range of elements, such as risk management, continuous training, data governance, cross-sector cooperation, intelligence gathering and information sharing, is fundamental for the creation of a robust and durable cybersecurity strategy.

Undeniably, building such a framework requires a multi-disciplinary approach and the participation of governments in tandem with businesses. Considerable work in promoting cybersecurity has already been undertaken by numerous parties in diverse fields: technical groups, regulators, standardization bodies, nation states, non-governmental organization, etc. These existing efforts need to be further encouraged through public-private partnerships. The value of such collaborations lies in bringing together the acumen and knowledge of distinct but equally important participants.

It is in this spirit that the International Telecommunication Union (ITU) and ABI Research have entered into a partnership to jointly develop a Global Cybersecurity Index (GCI). The GCI will measure the cybersecurity development capabilities of sovereign nation states. The referential will be based on five categories: Legal Measures; Technical Measures; Organizational Measures; Capacity Building; and Cooperation.

The goal of the GCI is to assist nations in benchmarking their current cybersecurity development efforts against recommended best practice standards in the five different fields. This index will enable them to assess where they need to make further improvements and how far they are from implementing an acceptable level of cybersecurity.

The partnership will lean on the respective strengths of both parties in order to develop a comprehensive index. The ITU is an organization based on public-private partnership since its inception, with a current membership of 193 countries and over 700 private-sector entities and academic institutions. It has a long-standing agenda for developing cybersecurity capabilities at the government level. The IMPACT (International Multilateral Partnership Against Cyber Threats) collaboration and capacity building worldwide is a token of the ITU’s efforts to foster international cybersecurity development.

ABI Research is a market intelligence company specializing in global technology markets through quantitative forecasting and analysis of key metrics and trends. Uniquely competent in providing forward-looking insight and actionable, timely, real-world data points in the technology sector, ABI Research has core skill sets in strategy development, competitive intelligence, business planning, development and prioritization, technology assessment and industry benchmarking.

By harnessing existing efforts and integrating them into a comprehensive measurement tool, the GCI represents a significant step in supporting the creation of a global culture of cybersecurity. The index will allow nation states to better address their security needs and to tackle vulnerabilities more effectively. Cooperation and preparation are key elements for consolidating cybersecurity and can play a decisive role in throttling the pernicious growth of cyber threats.