Each year, NTT Security researches businesses around the world to identify changes in their attitudes, behaviors, events and actions taken in cybersecurity. We publish some of these findings in our annual Risk:Value report

In 2018, we compared the progress of each of the 12 countries/country groups researched, finding a disparity in the levels of vulnerability, awareness, and ability to recover between countries. 

We’ve since been digging into the reasons behind this, correlating a number of variables with the aim of identifying macro factors that may be driving differences between these countries.

One of the most interesting sources is the Global Competitiveness Index rankings produced by the World Economic Forum (WEF), the organization that engages leading political, business and other society leaders to positively shape the future.

WEF has collected data from many sources around the world to rank 140 economies on national competitiveness, the success of which directly drives productivity for the country concerned. It data covers infrastructure, ICT adoption, macroeconomics, skills, the labor market, financial system, innovation capability and ability for the private sector to change and adapt to new circumstances. It is therefore a robust assessment of individual countries’ ability to compete globally.

What is fascinating is the way the level of global competitiveness is closely related to the level of cybersecurity advancement, which is measured by our annual research and which we express through the NTT Security Risk:Value Index. 

On the x-axis in the chart below, we have allocated each country a ranking based on its Risk:Value Index score, so the US (with the highest ranking) is allocated rank 1, and Austria (with the lowest ranking) is allocated 11th. Our research aggregates Belgium, Netherlands and Luxembourg as one group, while WEF assesses each of these countries individually, so the results from these countries are omitted. The y-axis displays the ranking out of the 140 economies given by WEF. Data labels describe each country using the two-character top-level internet domain, with the United States of America indicated as US.

The correlation between cybersecurity advancement and global competitiveness is clear: the US ranks as world leader in both indices, closely followed at number 2 in each by Singapore. 

At the other end of the scale of these advanced economies are Hong Kong (8th in the NTT Security Risk:Value Index and 7th for global competitiveness), Norway (9th and 16th respectively) and Austria (11th and 22nd). 

Though WEF does not measure cybersecurity advancement in a material way through its index, the strength of the correlation with global competitiveness should not surprise. Having a robust and resilient infrastructure, an educated workforce, an agile private sector and solid policy-making provide the foundations for global competitiveness and strong cybersecurity. Reducing the risk of a damaging cyber breach goes hand-in-hand with improving productivity and global competitiveness.Not only are the most competitive countries the most advanced in cybersecurity, but they understand more than other countries the cybersecurity threats that they face. In its Executive Opinion Survey research, conducted in the first half of 2018, WEF asked business decision-makers to select the five risks (including political, financial, societal, technological, legal and environmental) that will most affect businesses in their country within the next ten years.

The four most competitive countries (US, Singapore, Germany and Switzerland) all rated cyber attacks as their biggest threat. Five of the six most advanced countries in cybersecurity (US, Singapore, UK, Germany, Switzerland), as measured by our Risk:Value Index, also rank cyber attacks as their greatest risk. (In France, cyber attacks are ranked as the third biggest risk behind unemployment and terrorism.) Clearly threat actors will chase the greatest returns, so it can be expected that more competitive countries will face greater threats.

Interestingly, the size of advanced economies (gross domestic product per person), even though it impacts spending power, seems to have relatively little impact on cybersecurity advancement and attitudes. And the level of trust in the economy – fundamental to its functioning – is, as measured by the Trust Barometer produced by Edelman – not in itself closely correlated with cybersecurity advancement for the countries studied.

It’s important to NTT Security to understand what’s driving change in cybersecurity and its impact on businesses, and we continue to strive to understand the broad range of drivers and barriers impacting this rapidly evolving market.