Moldova (Republic of)
North Macedonia
Saudi Arabia
United Kingdom

Belgium and North Macedonia updated

Government officials contributed information to update Belgium’s indicators. Since its previous update, it has improved in cyber security policy development, protection of digital services and essential services, cyber incidents response and military cyber operations. This update has bumped Belgium from 25+ to the 6th position.

North Macedonia has been updated with the latest information we have been able to find through public data collection. Since its previous update, it has improved in cyber security policy development, protection of digital services, e-ID and trust services. North Macedonia increased from the 71st to the 63rd position.

160 countries in the NCSI: four updates (GB, GH, GR, PT) and eight new entries (AE, AO, AT, IR, KH,

The United Kingdom, Ghana, and Portugal have been updated with the latest information we have been able to find through public data collection. Greece has once again submitted fresh information through their corresponding government officials/contributors.

With the introduction of the United Arab Emirates, Angola, Austria, Iran, Cambodia, Myanmar, Syria and Yemen, the NCSI now has 160 countries ranked.

The United Arab Emirates almost fully completes the education and professional development, the e-ID and trust services, the cyber incidents response and the fight against cybercrime capacities. Angola presents personal data protection measure and legislation regarding cyber security responsibility for digital service providers. Austria completes the cyber security policy development, the protection of personal data and the fight against cybercrime capacities, while gaining high scores as well for education, professional development, e-ID, trust services and cyber incidents response. Iran debuts with a CERT, a cyber security policy unit and cyber security professional association.

Cambodia is introduced with an almost full cyber incidents response capacity and with e-signature legislation. Myanmar has a CERT, a cyber security professional association and legislation referring to electronic signatures. Syria displays some cyber threat analysis and information practices, in addition to a cyber incidents response unit, and e-signature legislation, with its corresponding competent supervisory authority. Yemen presents personal data protection and e-signature legislation, and a cyber incidents response unit.

Ten updates (AF, BJ, BT, CI, GE, ID, IN, KI, MG, NP) and two new entries (AM, HR)

Afghanistan, Benin, Bhutan, Côte d'Ivoire, Georgia, India, Indonesia, Kiribati, Madagascar, and Nepal have been updated with the latest information we have been able to find through public data collection.

Armenia and Croatia have been introduced in the NCSI. Armenia presents evidence for all indicators relate to the fight against cybercrime and the protection of personal data.  Additionally, evidence for education, contribution to global cyber security, e-ID and trust services is also available. Croatia debuts with full indicators in the protection of digital services and personal data, cyber incident response, fight against cybercrime, military cyber operations, cyber security policy development, and cyber threat analysis and information. It also receives high marks in the protection of essential services, cyber crisis management, e-ID and trust services.

Four updates (AZ, CH, SD, TR) and three new entries (BW, MD, PK)

Azerbaijan, Switzerland, Sudan and Turkey have been updated with the latest information we have been able to find through public data collection. 

Botswana, Moldova and Pakistan debut in the NCSI. Botswana fulfills the indicators related to the protection of personal data, and some related to education and trust services. Moldova is introduced with all the indicators for e-ID, trust services, protection of personal data, and fight against cybercrime, in addition to some general cyber security indicators. Pakistan presents evidence for the protection of personal data, and a majority of the indicators regarding education and the fight against cybercrime.

Three updates (CZ, GR, NG) and five new entries (BH, LY, MR, MZ, SB)

The NCSI is continuously managed and updated with the freshest publicly available information. This time, the Czech Republic, Greece and Nigeria have benefitted from a thorough review. Nigeria is currently ranked in the 43rd position. Since its last update, Nigeria has improved in the protection of personal data, and has enabled a cyber safety website, a single point of contact for international coordination and an implementation plan for their national cyber security strategy. The Czech Republic's and Greece's evidence links have been updated, and proof of cyber security capacity building for other countries has been included. Greece and Czech Republic still are at the top of the NCSI. 

Bahrain, Mauritania, Libya, Mozambique and Solomon Islands figure among the new countries included in the NCSI. Their current rankings are 94th, 126th, 132nd, 136th, and 147th, respectively. Bahrain presents strong indicators in the protection of personal data, e-ID and trust services, education/professional development and in the fight against cybercrime. They also manage a cyber safety website, and participate in international cooperation formats and in international military cyber exercises. Mauritania similiarly presents strong indicators in the protection of personal data, and has developed a cybersecurity strategy, with its own implementation plan. It participates in international cooperation formats and provides legislation for electronic signature and the criminalization of cybercrimes. Lybia has developed a cyber security polcy unit and a cyber incidents response unit, in addition to other improvements relevant to the protection of digital services and to contributions to global efforts. Mozambique, an ITU-IMPACT member, has its own CERT and legislation for electronic signatures, the protection of personal data and the fight against cybercrimes. Finally, the Solomon Islands, also members of the ITU-IMPACT coalition, posses legislation that identifies operators of essential services. 

New entries and updates to the NCSI: PY, CL, KR, AG, HT, SC, TO, TV and VU

Paraguay, Chile and South Korea have raised in the rankings, as our contributors have provided updated links and new evidence to the index. Their current rankings are respectively 48th, 36th, and 33rd. It is worth mentioning that Chile and Paraguay are currently part of the top 3 countries in Latin America, and in the top 5 of the whole continent.

We've also had new additions to the Index. Completing the CARICOM member countries, Antigua and Barbuda, and Haiti, are currently positioned in the 127th and 128th rank, respectively. They are both members of ITU-IMPACT, have enacted legistlation for electronic signatures, and have participated in Tradewinds 2018, an international military exercise with a cybersecurity component. Individually, Antigua and Barbuda presents a more robust front on the fight against cybercrimes, protection of personal data and of essential services, while Haiti maitains a cybersecurity professional association and an e-ID & trust services supervisory authority. 

TongaVanuatuSeychelles and Tuvalu have also debuted in the NCSI. CERT Tonga is a multipurpose entity, analyzing threats and serving as a digital forensics unit. The ratification of the Budapest Convention and other evidence factors have currently placed Tonga in the 95th rank, and third in the Oceania region. Vanuatu, currently 129th, presents a cyber incidents response unit (CERT VU) and a National Cybersecurity Policy, among other indicators. Seychelles' current 131st position is indicative of the existence of personal data protection, electronic signature and cybercrime legislation. Finally, Tuvalu, at the 145th rank, has identified the operators of essential services and is an active member of international cooperation formats such as ITU-IMPACT and PaCSON. 



140+ countries in the NCSI - Happy New Year 2020!

The NCSI has reached a new milestone at the end of this year. We currently display the National Cyber Security rankings, with their corresponding evidence, of more than 140 countries. In this last month, four Caribbean countries were introduced in the index, and the evidence of an additional European country was updated. 

Serbia climbed up the rankings to the 14th position. The presented evidence included: a cyber security strategy implementation plan, legislation relevant to the protection of digital services, increased response capabilities to cyber incidents, cryptosystem requirements and cyber security competencies at the primary and secondary education levels. 

The following Caricom countries debuted in the NCSI with their current rankings: Bahamas - 96th; Grenada - 118th; Saint Kitts and Nevis - 127th; and Dominica - 134th. Efforts vary from country to country, however, the common denominators are the existence of legislation regulating electronic signatures, and the participation in international military cyber exerises. 

2020 will be a year of challenges, since we will attempt to include all the remaining 50+ countries in the NCSI, and will continue updating those already in it. We would like to thank all our country contributors for their cooperation in this endeavour, and we would like to wish all of you a Happy New Year 2020!

Updated countries and new entries in the NCSI

Costa Rica and Suriname have raised in the rankings in the past weeks, as our contributors have provided new data to the index.

CSIRT – CR sent us an updated dataset, with revised information on education, protection of personal data and contribution to global efforts, in addition to detailing the existence of a cyber security policy unit. The points were awarded and Costa Rica reached the 42nd position, while staying in the Top 5 of the Americas.

Since their last update in 2017, Suriname has improved their commitment to cybersecurity. As members of the Global Forum on Cyber Expertise they maintain representation in an international cooperation format. Additionally, they possess a cyber incidents response and cybercrime unit. The respective points were awarded and Suriname achieved the 106th position in the NCSI.

Two Caribbean nations debuted in the NCSI, Saint Lucia and Saint Vincent and the Grenadines, in the 125th and 126th positions. They both present legislation that regulates electronic signatures and criminalises cybercrimes, and both are members of the ITU-IMPACT alliance. Saint Lucia goes further with personal data protection legislation and authority, while Saint Vincent and the Grenadines hosts a cyber security professional association and a cyber safety/security website.