Is our view of cybersecurity too local?

cluster analysis

This cluster analysis from Microsoft's new study shows how countries around the world are doing with cybersecurity performance. It charts the relative numbers of effective "maximizers," higher-risk "seekers" and those in between.

Cybersecurity is a top priority for most agencies, as evidenced by ongoing efforts to formulate, tweak, and implement relevant plans and policies. But there is a big world beyond America's borders. Could looking at the global landscape help the government better shape its approach to securing U.S. cyber interests? Examining decidedly nontechnical factors -- including socioeconomics, demographics and the rapidly changing nature of Internet users -- could help inform cyber policies and make them more effective, according to a new study from Microsoft.

"Linking Cybersecurity Policy and Performance" marks a step away from the tech giant's usual undertakings, but its authors hope the study and its atypical approach will stoke important cyber discussions, said Paul Nicholas, senior director of global security strategy and diplomacy at Microsoft and one of the report’s authors.

"What's interesting is the growth of international dialogue of cyber norms around the world, both military-to-military and broader engagement," he said. "These conversations are becoming more intense. Environments in cyberspace are very different depending on where you are in the world...and that affects how we approach policy-making and solutions."


Read the study.

The study evaluated 80 indicators that included gross domestic product, broadband penetration and malware rates. Thirty-four of them were determined to correlate to cybersecurity performance, which the researchers extrapolated based on computers cleaned per mille, or the number of infected computers cleaned for every 1,000 times Microsoft's anti-malware tool was run.

Factors such as computers per capita, rule of law, demographic instability and literacy rates were among those that closely correlated to cybersecurity performance. Perhaps most significant for policy-makers are findings that point to international agreements as a key factor in cybersecurity performance.

Researchers found that participation in the Council of Europe’s cyber crime treaty, for example, was one of the strongest accelerators of cybersecurity in the countries surveyed. Conversely, in the category of lowest-performing countries in terms of cybersecurity -- labeled "seekers" in the study -- fewer than 10 percent participated in such agreements.

"It was striking that countries joining international commitments -- better law enforcement, concerted efforts to reduce spam, for example -- made the commitment, built the capabilities and then held themselves accountable," Nicholas said. "International conventions made a significant difference."

Less clear, however, was the role of an established military cyber defense strategy. Although 51 percent of countries in the highest-performing category, or "maximizers," have a military cyberspace presence, so did 21 percent of the lowest-performing countries. The study’s authors noted that many military strategies are in the formative stages, and those governments might not have had time to implement policies and capabilities.

"Most military defense strategies are less than five years old, versus the [cyber crime treaty], which is more than 10 years old," Nicholas said. "Military also can [mean] less transparency, so it's harder to get a read on the impact and maturity cycle."

Cyber crime rates, such as piracy and malware, were also prime indicators in the study, but their implications were not always as clear as might be expected. Seekers and countries in the middle category of "aspirants," which is the largest subset of countries, had comparatively high rates of piracy -- 68 percent and 62 percent, respectively, compared to 42 percent of maximizers.

"The implications of this observation are complex," the researchers wrote. "Countries that do a better job managing cybersecurity may also do a better job mitigating piracy, or countries with higher piracy rates may have a more difficult time containing malware and other cyber threats."

What that portends is just one area Microsoft hopes to tackle in the next round of research, Nicholas said. "We want to look at how to fine-tune and advance the models to improve understanding and effectiveness," he said. "We’re encouraging more debate. We hope that governments will find the study helpful when making policy decisions. Specifically, they can view factors affecting their regions’ cybersecurity such as key policies, piracy rates, laws, education, etc., and reflect on ways to improve their security standings based on their unique situations."

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.


  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected