Countries Strengthening Cybersecurity Efforts, but Increased Action Still Required
Global Cybersecurity Index assesses progress around the world in providing a safe and secure digital future for all.
GENEVA — Countries around the globe are improving cybersecurity efforts, but stronger actions are needed to meet evolving cyberthreats, according to the latest Global Cybersecurity Index 2024 by the International Telecommunication Union (ITU).
On average, countries have taken more cybersecurity-related actions and improved their cybersecurity commitments since the last index was released in 2021.
Worrisome threats highlighted in the report include ransomware attacks targeting government services and other sectors, cyber breaches affecting core industries, costly system outages, and breaches of privacy for individuals and organizations.
“Building trust in the digital world is paramount,” says Doreen Bogdan-Martin, ITU secretary-general in the announcement. “The progress seen in the Global Cybersecurity Index is a sign that we must continue to focus efforts to ensure that everyone, everywhere can safely and securely manage cyberthreats in today’s increasingly complex digital landscape.”
Sharper Focus in Global Cybersecurity Index 2024
ITU’s Global Cybersecurity Index 2024 “assesses national efforts across five pillars, representing country-level cybersecurity commitments: legal, technical, organizational, capacity development, and cooperation,” according to the announcement.
The Global Cybersecurity Index 2024 also uses a new five-tier analysis, a shift “that allows a greater focus on each country’s advances with cybersecurity commitments and resulting impacts.”
The report places 46 countries in Tier 1, the highest of the five tiers, reserved for “role modelling” countries that demonstrate a strong commitment in all five cybersecurity pillars.
Most countries are either “establishing” (Tier 3) or “evolving” (Tier 4) in terms of cybersecurity. The 105 countries in these tiers have largely expanded digital services and connectivity but still need to integrate cybersecurity measures.
A “cybercapacity gap” – characterized by limitations in skills, staffing, equipment and funding – was evident in many countries and across all regional groups.
“The Global Cybersecurity Index 2024 shows significant improvements by countries that are implementing essential legal measures, plans, capacity building initiatives, and cooperation frameworks especially in strengthening incident response capabilities,” says Cosmas Luckyson Zavazava, director of ITU’s Telecommunication Development Bureau, in the announcement.
“ITU’s cybersecurity projects and programs are supporting those national efforts to more effectively manage cyberthreats, and I hope that the progress demonstrated by this latest index encourages countries to do more in developing secure and trustworthy digital systems and networks,” says Zavazava.
Regional and National Assessments
According to the Global Cybersecurity Index 2024, the Africa region has advanced the most on cybersecurity since 2021. All world regions show improvement since the last report.
The world’s least developed countries (LDCs) have also started making gains, though they still need support to advance further and faster. GCI 2024 data shows that the average LDC has now reached the same level of cybersecurity status that many of the non-LDC developing countries had in 2021.
Land-locked developing countries (LLDCs) and small island developing states (SIDS) continue to face resource and capacity constraints on cybersecurity efforts.
The Global Cybersecurity Index 2024 includes individual assessments and provides a clear status report and a roadmap of activities to make further progress on cybersecurity.
Other Key Global Cybersecurity Index 2024 Findings
Legal measures are the strongest cybersecurity pillar for most countries: 177 countries have at least one regulation on either personal data protection, privacy protection, or breach notification in force or in progress.
Computer Incident Response Teams (CIRTs) are crucial for national cybersecurity: 139 countries have active CIRTs, with various levels of sophistication, up from 109 in the 2021 index.
National Cybersecurity Strategies (NCS) are becoming more prevalent: 132 countries have a National Cybersecurity Strategy as of 2024, up from 107 in the 2021 index.
Cyber awareness campaigns are widespread: 152 countries have conducted cyber awareness initiatives targeting the general population, with some also targeting specific demographics such as vulnerable and underrepresented populations, to create a culture of cybersecurity and address potential risks.
Incentives for the cybersecurity industry continue evolving: Governments are promoting the cybersecurity industry through incentives, grants, and scholarships, aiming to enhance cybersecurity skills and foster research in the field, with 127 countries reporting some form of cybersecurity-related research and development.
Many countries cooperate on cybersecurity through existing treaties: 92% of countries (166) reported being part of an international treaty or comparable cooperation mechanism for cybersecurity capacity development, or information sharing, or both. Putting cybersecurity agreements and frameworks into practical operation remains challenging.
Capacity development and technical pillars are relatively weak in most countries. 123 countries reported having trainings for cybersecurity professionals, up from 105 in 2021. In addition, 110 countries had frameworks to implement nationally or internationally recognized cybersecurity standards, up from 103 in 2021.
Capacity development initiatives need to be reinforced: 153 countries have integrated cybersecurity into national curricula at some level, but cybersecurity trainings and awareness-raising varies widely across regions. Developing a strong domestic cybersecurity industry is essential to sustain progress.
Countries need to focus on protecting children online: 164 countries have legal measures in place for child online protection; only 94 countries reported associated strategies and initiatives, indicating a gap in implementation.
Cybersecurity Assessments Leading to Action
As cybersecurity continues to evolve, the Global Cybersecurity Index “offers a clear picture of where countries are and a roadmap of activities to make progress,” the ITU announcement says. The report offers 11 key recommendations, from enhancing critical infrastructure to providing cybersecurity training.
GCI 2024 suggests that countries can prioritize high-impact activities, including:
- implementing legal measures applicable across all sectors;
- developing and regularly updating a comprehensive national cybersecurity strategy and a practical, concrete action plan;
- enhancing incident-response capabilities;
- delivery of capacity building and training to cybersecurity professionals, youth and vulnerable groups to strengthen cybersecurity skills;
- fostering domestic and international cooperation and collaboration on information-sharing, training opportunities, and capacity development.
ITU, the U.N. agency for digital technologies, aims to connect the estimated 2.6 billion people who currently remain offline. Most of the globe’s offline population live in developing countries, with the widest gaps in the least developed countries.
ITU established the Global Cybersecurity Index in 2015. The report series identifies areas for improvement and encourages countries to act on strengthening cybersecurity.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.
A FREE subscription to the top resource for security and integration industry will prove to be invaluable.