Canada ranks fifth among 20 countries for its cybersecurity threat preparedness and response, according to a standard created by an academic journal and a security vendor.
The Cyber Defense Index, created by MIT Technology Review Insights and sponsored by Code42, gave Canada an average score of 6.94, behind the United States (7.13) and ahead of Poland (6.91).
The leader was Australia (7.83), followed by the Netherlands, South Korea and the United States. The UK, France, Japan and Switzerland round out the top 10. Brazil, Turkey and Indonesia are last.
The difference between first-placed Australia and third-placed South Korea was just 0.42 points.
The subjective score ranked countries on how well institutions have adopted digital technology and practices to resist cyberattacks and how well their policy frameworks promote secure digital transactions.
The scoring system included what the researchers called “thorough secondary research and analysis” (secondary information would come from, for example, national policy and regulatory data), as well as primary survey data – such as the global cybersecurity index of United Nations – and interviews with global cybersecurity professionals, technology developers, analysts and policy makers.
The research was conducted between April and September.
However, the score did not account for reported data breaches. In September, Australia, which ranks first, suffered an attack by Optus, the country’s second largest mobile operator. This month, a ransomware gang believed to have originated in Russia apparently copied data on 10 million customers of Australian healthcare provider Medibank.
Australia’s top spot “reflects its efforts to make a robust digital infrastructure widely available,” the report said. “The Australian Government applies digital tools and regulatory frameworks to protect personal data and digital transactions. He pledged to review cybersecurity laws, pledging to set aside an earlier roadmap. Public urgency has increased after the recent Optus hack. »
While the assessment rated countries on the perceived robustness and relative security of their critical infrastructure, it also took into account their cybersecurity commitments, data privacy legislation, and other factors.
Another factor taken into consideration was the willingness of governments to use artificial intelligence to deliver public services.
The scores were divided into four categories, weighted to arrive at each country’s final score: critical infrastructure (30% of the score), cybersecurity assets (35%), organizational capacity (20%) and political commitment (15%). ).
Canada scored 6.45 on critical infrastructure, 7.12 on cybersecurity assets, 7.29 on organizational ability, and 7.04 on political engagement.
Canada did not rank in the top five countries for critical infrastructure or cybersecurity assets. It ranked third for organizational ability and fourth for political commitment. Placement in this category may have reflected proposed federal cybersecurity legislation, requests made to Rogers Communications after a massive network outage, and proposed privacy law updates in the private sector.
For more details, the original article (in English) is available at IT World Canadaa sister publication of IT management.
French adaptation and translation by Renaud Larue-Langlois.
