Chris Demchak, Jason Kerben, Jennifer McArdle, and Francesca Spidalieri
No country is cyber ready.
It is a given that global economic growth is increasingly dependent upon the rapid adoption of information communication technology (ICT) and connecting society to the Internet. Indeed, each country’s digital agenda promises to stimulate economic growth, increase efficiency, improve service delivery and capacity, drive innovation and productivity gains, and promote good governance. Yet, the availability, integrity, and resilience of this core infrastructure are in harm’s way. The volume and velocity of threats to our networked systems and infrastructures is real and growing. Data breaches, criminal activity, service disruptions, and property destruction are becoming commonplace and threaten the Internet economy.
Global leaders understand that increased Internet connectivity leads to economic growth only if the underlying infrastructure and the devices connected to it are safe and secure. However, until now, there has not been a comprehensive, comparative, experiential methodology to evaluate a country’s maturity and commitment to securing its national cyber infrastructure and services upon which its digital future and growth depend. The Cyber Readiness Index (CRI) 1.0, released on 10 November 2013, represented a new way of undertaking the problem and was designed to spark international discussion and inspire global action to address the economic erosion caused by cyber insecurity.
Building on the CRI 1.0, The Potomac Institute for Policy Studies, under the leadership of Senior Fellow and Member of the Board of Regents, Melissa Hathaway, has undertaken a Cyber Readiness Index 2.0. The CRI 2.0 has two main components: First, it is designed to inform national leaders on the steps they should consider to protect their increasingly connected countries and potential GDP growth by objectively evaluating each country’s maturity and commitment to cyber security and resilience. Secondly, The CRI 2.0 defines ”cyber readiness” for a country and documents the core components of cyber readiness into an actionable blueprint for countries to follow. The CRI 2.0 methodology represents a useful, unique, and user-friendly tool to assess the gap between a nation’s current cyber security posture and the national cyber capabilities needed to achieve its economic vision. The blueprint developed and employed for this analysis includes over 70 unique data indicators across the following seven indices:
1. National strategy;
2. Incident response;
3. E-crime and law enforcement;
4. Information sharing;
5. Investment in research and development (R&D);
6. Diplomacy and trade; and
7. Defense and crisis response.
The CRI 2.0 methodology is being applied to evaluate 125 countries' cyber readiness; assessing each country's maturity and commitment to cyber security and resilient infrastructures and services.