Afghanistan
Albania
Algeria
Angola
Antigua and Barbuda
Argentina
Armenia
Australia
Austria
Azerbaijan
Bahamas
Bahrain
Bangladesh
Barbados
Belarus
Belgium
Belize
Benin
Bhutan
Bolivia
Bosnia and Herzegovina
Botswana
Brazil
Brunei Darussalam
Bulgaria
Burundi
Cambodia
Cameroon
Canada
Chad
Chile
China
Colombia
Congo (Democratic Republic of the)
Costa Rica
Côte d'Ivoire
Croatia
Cuba
Cyprus
Czech Republic
Denmark
Dominica
Dominican Republic
Ecuador
Egypt
El Salvador
Estonia
Ethiopia
Finland
France
Georgia
Germany
Ghana
Greece
Grenada
Guatemala
Guyana
Haiti
Honduras
Hungary
Iceland
India
Indonesia
Iran (Islamic Republic of)
Ireland
Israel
Italy
Jamaica
Japan
Jordan
Kazakhstan
Kenya
Kiribati
Korea (Republic of)
Kyrgyzstan
Lao PDR
Latvia
Liberia
Libya
Lithuania
Luxembourg
Madagascar
Malawi
Malaysia
Mali
Malta
Mauritania
Mauritius
Mexico
Moldova (Republic of)
Mongolia
Montenegro
Morocco
Mozambique
Myanmar
Namibia
Nepal
Netherlands
New Zealand
Nicaragua
Nigeria
North Macedonia
Norway
Oman
Pakistan
Panama
Papua New Guinea
Paraguay
Peru
Philippines
Poland
Portugal
Qatar
Romania
Russian Federation
Rwanda
Saint Kitts and Nevis
Saint Lucia
Saint Vincent and the Grenadines
Samoa
Saudi Arabia
Senegal
Serbia
Seychelles
Sierra Leone
Singapore
Slovakia
Slovenia
Solomon Islands
South Africa
South Sudan
Spain
Sri Lanka
Sudan
Suriname
Sweden
Switzerland
Syrian Arab Republic
Tajikistan
Tanzania, United Republic of
Thailand
Tonga
Trinidad and Tobago
Tunisia
Turkey
Turkmenistan
Tuvalu
Uganda
Ukraine
United Arab Emirates
United Kingdom
United States
Uruguay
Uzbekistan
Vanuatu
Venezuela
Vietnam
Yemen
Zambia
Zimbabwe

Greece claims the first place

After a data update, Greece is now ranked first in the National Cyber Security Index. The update takes into account the 2019 update to the Greek legislation on the implementation of the NIS Directive and on the existence of a cyber security policy coordination format. Greece reaches the full score in half of the 12 capacities, and high scores in the rest of them. 

The information for the update was provided by Mr. Nestoras Chouliaras from the National Cyber Security Authority.

Data about Congo DR and Belize published

Data on the cyber security situation of the Democratic Republic of Congo and Belize is now available in the index.

Congo DR is currently ranked 125th, with positive scores for two indicators: representation in international cooperation formats and participation in international cyber crisis exercises. The data for Congo DR was gathered through public data collection.

Belize enters the index in 123rd place, with positive scores for three indicators: representation in international cooperation formats, electronic signature, and criminalisation of cybercrimes. The data for Belize was also gathered through public data collection.

All data was checked by NCSI experts and is now published on the NCSI website at http://ncsi.ega.ee/ncsi-index/.

Overview of latest country updates

Over the last two months, updated datasets have been published for many countries. Below is an overview of the most important updates.

Denmark is ranked 6th in the index after significant updates provided by the Agency for Digitisation concerning protection of digital services, protection of essential services, education, and different responsible units.

Greece is ranked 11th, having had scores updated for the capacity of cyber threat analysis and information as well as for participation in an international cyber crisis exercise. The information about Greece was provided by the National Cyber Security Authority.

Argentina is up to 58th place after a data review by the Ministry of Modernization. Points were gained for indicators such as cyber security policy coordination format, ratifying the Convention on Cybercrime (Argentina joined the Budapest Convention in 2018), 24/7 point for cybercrime, etc.

Israel is in 24th place after a second public data collection update. Their capacities for cyber threat analysis and information, education and professional development, contribution to global cyber security, as well as incident and cyber crisis managament are now better reflected in the index.

Norway is currently ranked 31st. In the latest dataset we have taken into account the recent publishing of the new national cyber security strategy and its implementation plan.

Brazil gained more than 30 places and moved 51st in the ranking after an update, which added information about Brazil's cyber security capacity-building for other countries, identification of operators of essential services, fighting against cybercrime, participation in cyber crisis management exercises, etc.

NCSI version 2.1 released, changes in ranking

The NCSI team has specified the wordings of some indicator criteria, resulting in changes in the index ranking.

The changes are the following:

Indicator 5.3:

  • Previous wording: "The government has a competent authority that has the power to supervise digital service providers."
  • New wording: "The government has a competent authority in the field of cyber/information security that has the power to supervise public and private digital service providers regarding the implementation of cyber/information security requirements."

Indicator 7.2:

  • Previous wording: "Requirements for cryptosystems are regulated."
  • New wording: "Requirements for cryptosystems in the field of trust services are regulated."

Indicator 9.2:

  • The wording: "Digital service providers and operators of essential services have an obligation to notify appointed government authorities of cyber security incidents." has remained unchanged. However, we previously focused on digital service providers in the public sector, but now focus on digital service providers in both the public and the private sector.

The changes in the wording affected the scores of the following countries: Albania, Belarus, Estonia, Germany, Hungary, Kenya, Latvia, Lithuania, Luxembourg, Morocco, the Netherlands, New Zealand, Norway, Senegal, Serbia, Slovakia, Qatar, Tajikistan, the United States, and Uzbekistan

El Salvador included in the index

Data on the cyber security situation of El Salvador is now available in the index.

El Salvador places 101th in the rankings, with good scores for their capacities of e-identification and trust services, education and professional development, and fight against cybercrime.

The data was gathered through public data collection and checked by NCSI experts.

Datasets updated for many countries

Many countries have raised in the rankings in the past weeks, as our contributors have provided new data to the index. For European countries, the changes have been very much related to the transposing of the European Union directive on security of networks and information systems.

The countries who have gone through the highest raise in the NCSI ranking are:

New data is also available for Estonia and Latvia, which did not influence their ranking in the index.

We thank all our contributors for their efforts.

Data on Guatemala and Venezuela now available

Data on the cyber security situation of Guatemala and Venezuela is now available in the index.

Guatemala placed 82nd in the rankings, with with good scores for their capacities of e-identification and trust services and fight against cybercrime, and scoring in five further capacities.

Venezuela entered the index in 76th place, with good scores for their capacity of e-identification and trust services, fight against cybercrime, and cyber incidents response, but with positive scores in five other capacities as well.

All data was gathered through public data collection and checked by NCSI experts.

Nicaragua added to the index

Data on the cyber security situation of Nicaragua is now available in the index.

Nicaragua placed 93rd in the rankings, with a perfect score for their capacity to protect personal data, a good score for e-identification and trust services, and positive scores in four further capacities.

The data was gathered through public data collection and checked by NCSI experts.

NCSI DEVELOPMENT
IS FUNDED BY