1. Greece
2. Czech Republic
3. Estonia
4. Spain
5. Lithuania
6. France
7. Finland
8. Denmark
9. Netherlands
10. Germany

Data on Sierra Leone published, while the United States' has been updated

Data on the cyber security situation of Sierra Leone is now available in the index, while the U.S.' dataset has been updated with the latest information.

Sierra Leone is currently ranked 129th, with a positive presence in the ITU Impact alliance. Their use of a unique persistent identifier for all citizens was also deemed a positive step to their future development in cyber security. The data was gathered through public data collection.

The United States has ranked up to the 13th place after the latest update. A more in depth review of public documentation allowed the update of some indicators and the consideration of new ones. Once more, the data was gathered through public data collection.

Data on Namibia, Papua New Guinea and Barbados published

Data on the cyber security situation on Namibia, Papua New Guinea and Barbados is now available in the index.

Barbados is currently ranked 111st, with positive scores for seven capacities, of which 'Fighting against cybercrime' obtained the highest score due to having an active cybercrime unit and criminalising such offences. The data for Barbados was gathered with the assistance of Government Officials from the Ministry of Innocation, Science and Smart Technology.

Papua New Guinea enters the index in 120th place, with positive scores for five capacities, among which they have a strong response to cyber incidents. The data for Papua New Guinea was gathered through public data collection.

Namibia enters the index in 121st place, with positive scores for four capacities, among which they have a strong presence in the educational and professional development of cyber security. The data for Namibia was also gathered through public data collection.

With the addition of these three countries, the list of nations in the NCSI has expanded to a total of 134. All data was checked by NCSI experts and is now published on the NCSI website at http://ncsi.ega.ee/ncsi-index/.

Greece claims the first place

After a data update, Greece is now ranked first in the National Cyber Security Index. The update takes into account the 2019 update to the Greek legislation on the implementation of the NIS Directive and on the existence of a cyber security policy coordination format. Greece reaches the full score in half of the 12 capacities, and high scores in the rest of them. 

The information for the update was provided by Mr. Nestoras Chouliaras from the National Cyber Security Authority.

Data about Congo DR and Belize published

Data on the cyber security situation of the Democratic Republic of Congo and Belize is now available in the index.

Congo DR is currently ranked 125th, with positive scores for two indicators: representation in international cooperation formats and participation in international cyber crisis exercises. The data for Congo DR was gathered through public data collection.

Belize enters the index in 123rd place, with positive scores for three indicators: representation in international cooperation formats, electronic signature, and criminalisation of cybercrimes. The data for Belize was also gathered through public data collection.

All data was checked by NCSI experts and is now published on the NCSI website at http://ncsi.ega.ee/ncsi-index/.

Overview of latest country updates

Over the last two months, updated datasets have been published for many countries. Below is an overview of the most important updates.

Denmark is ranked 6th in the index after significant updates provided by the Agency for Digitisation concerning protection of digital services, protection of essential services, education, and different responsible units.

Greece is ranked 11th, having had scores updated for the capacity of cyber threat analysis and information as well as for participation in an international cyber crisis exercise. The information about Greece was provided by the National Cyber Security Authority.

Argentina is up to 58th place after a data review by the Ministry of Modernization. Points were gained for indicators such as cyber security policy coordination format, ratifying the Convention on Cybercrime (Argentina joined the Budapest Convention in 2018), 24/7 point for cybercrime, etc.

Israel is in 24th place after a second public data collection update. Their capacities for cyber threat analysis and information, education and professional development, contribution to global cyber security, as well as incident and cyber crisis managament are now better reflected in the index.

Norway is currently ranked 31st. In the latest dataset we have taken into account the recent publishing of the new national cyber security strategy and its implementation plan.

Brazil gained more than 30 places and moved 51st in the ranking after an update, which added information about Brazil's cyber security capacity-building for other countries, identification of operators of essential services, fighting against cybercrime, participation in cyber crisis management exercises, etc.

NCSI version 2.1 released, changes in ranking

The NCSI team has specified the wordings of some indicator criteria, resulting in changes in the index ranking.

The changes are the following:

Indicator 5.3:

  • Previous wording: "The government has a competent authority that has the power to supervise digital service providers."
  • New wording: "The government has a competent authority in the field of cyber/information security that has the power to supervise public and private digital service providers regarding the implementation of cyber/information security requirements."

Indicator 7.2:

  • Previous wording: "Requirements for cryptosystems are regulated."
  • New wording: "Requirements for cryptosystems in the field of trust services are regulated."

Indicator 9.2:

  • The wording: "Digital service providers and operators of essential services have an obligation to notify appointed government authorities of cyber security incidents." has remained unchanged. However, we previously focused on digital service providers in the public sector, but now focus on digital service providers in both the public and the private sector.

The changes in the wording affected the scores of the following countries: Albania, Belarus, Estonia, Germany, Hungary, Kenya, Latvia, Lithuania, Luxembourg, Morocco, the Netherlands, New Zealand, Norway, Senegal, Serbia, Slovakia, Qatar, Tajikistan, the United States, and Uzbekistan

El Salvador included in the index

Data on the cyber security situation of El Salvador is now available in the index.

El Salvador places 101th in the rankings, with good scores for their capacities of e-identification and trust services, education and professional development, and fight against cybercrime.

The data was gathered through public data collection and checked by NCSI experts.

Datasets updated for many countries

Many countries have raised in the rankings in the past weeks, as our contributors have provided new data to the index. For European countries, the changes have been very much related to the transposing of the European Union directive on security of networks and information systems.

The countries who have gone through the highest raise in the NCSI ranking are:

New data is also available for Estonia and Latvia, which did not influence their ranking in the index.

We thank all our contributors for their efforts.

NCSI DEVELOPMENT
IS FUNDED BY