Moody’s examined 143 sovereign entities, measuring a variety of indicators around their IT and cybersecurity maturity. Using the International Telecommunication Union Global Cybersecurity Index, a United Nations’ office that measures cybersecurity strength across five key areas (legal, technical, organizational, capacity development and cooperation) it was found that more credit-worthy sovereign nations tended to have stronger cybersecurity rankings, more effective institutions and access to greater resources and human compared to emerging market nations.
Nations and other sovereign entities with more developed information technology infrastructures tend to have higher credit, and not surprisingly, this can leave those same countries more exposed to cyberattacks and other digital threats due to the increased attack surface. But this digital maturity also allows organizations inside those nations access to more sophisticated cybersecurity resources, like advanced telecommunications infrastructure or a highly qualified human workforce.
That access apparently makes a huge difference — even though countries with lesser-developed IT have fewer systems and devices to hack, they tend to be more vulnerable to cyber threats overall.
As an example, Moody’s cites two emerging market countries, Montenegro and Costa Rica, that experienced crippling ransomware attacks last year that disrupted or halted government services, international trade, healthcare services and other sectors and have yet to fully recover.
It’s not that these countries don’t pay attention to cybersecurity; in fact, Moody’s notes that emerging market nations tend to perform many of the same high-level strategic tasks — like developing national cybersecurity strategies and targeted laws to reduce their exposure to hacking — that higher credit nations do. The difference likely lies in how those initiatives are implemented and the overall strength of institutions and the resources they can bring to bear to address the underlying problems.
“The results underscore that sovereigns with weak economic strength, which reflects the relatively small size and low wealth levels of their economies, tend to have less economic resources available to dedicate per capita to national cybersecurity efforts, contributing to lower overall cybersecurity strength,” Moody’s assessed. “Meanwhile, sovereigns with stronger institutions and governance strength tend to have relatively stronger cybersecurity positions.”
From The Shadows Emerges Knowledge