New Zealand has been ranked 19th in 2017 edition of the International Telecommunication Union’s (ITU) annual Global Cyber Security Index that aims to raise awareness of cyber security issues by measuring the commitment of member states to cyber security.
The survey covers all 193 ITU member states. One hundred and thirty-four responded to the survey conducted during 2016. Those that did not respond were “invited to validate responses determined from open-source research.”
The ITU concludes, “The overall picture shows improvement and strengthening of all five elements of the cyber security agenda in various countries in all regions. However, there is space for further improvement in cooperation at all levels, capacity building and organisational measures.”
Its call for improvement has been followed by a report from Cisco warning of a new and potentially highly damaging type of cyber attack.
The index gives each country a score based on five ‘pillars’ (legal, technical, organisational, capacity building and cooperation). For each of these pillars, questions were developed to assess commitment. Through consultation with a group of experts, these questions were weighted in order to arrive at an overall GCI score.
New Zealand, with an overall score of 0.718, was ranked fifth in Asia Pacific after Singapore (0.925), Malaysia (0.893), Australia (0,824), Japan (0.786) and Korea (0.782).
In training, New Zealand was singled out for the three-tiered training program for specialist cyber staff, investigators and frontline staff developed by NZ Police, and outlined in NZ Police's Prevention First National Cybercrime Strategy 2014-2017. The ITU noted: “NZ Police also provides training to the judiciary and prosecutors.”
The ITU also noted the existence of AusCERT, which “offers assessment, accreditation, certification, education and training in cyber and information security for individuals and corporate entities in both Australia and New Zealand.”
The ITU said the index showed a wide gulf in cyber preparedness around the globe. It said more effort was needed in the “critical area” of national cyber security strategies, because it conveys that the government considers digital risks high priority.
Cisco warns of ‘Destruction of Service’ attacks
Release of the ITU index was followed this week, 21 July, by Cisco’s release of its Midyear Cyber Security Report in which warned of the emergence of new and emerging security threat, Destruction of Service (DeOS) that it said “could be far more damaging than current attack methods, leaving businesses with no way to recover,” and could “potentially disrupt the Internet itself.”