U.S. ranks second on Cyber Power Index

David Sulek, principal, Booz Allen Hamilton's advanced analytics team

Michael O'Connell | June 4, 2015 4:36 pm

All that work the government has been doing to protect the country from hackers may be paying off. The U.S. ranks high among a new list of countries with the most cyber power. But it’s not at the top.

Booz Allen Hamilton recently sponsored the Cyber Power Index, which ranked the cyber power of 19 of the world’s major economies.

“In developing the index, we considered cyberspace to be the next domain, following its predecessors, things like land, sea, air and space,” said Dave Sulek, a principal with Booz Allen Hamilton’s advanced analytics team.

Comparing cyber to sea power, for example, nations that invested in navies, commercial shipping and laws to protect the seas and that were blessed with natural harbors emerged as sea powers. “What we wanted to do is to begin to understand what elements will form the foundation of cyberpower over the next 20 to 50 years,” Sulek told The Federal Drive with Tom Temin.

Dave Sulek, principal with Booz Allen Hamilton’s advanced analytics team (Booz Allen Hamilton photo)
Working with the Economist’s intelligence unit, the research arm of Economist magazine, Booz Allen Hamilton measured each country’s performance in four specific areas:

  • Legal and Regulatory Framework – The study examined whether a country had a national cyber policy in place.
  • Economic and Cultural Context – This criterion measured a country’s willingness and ability to adopt innovations.
  • Technology Implementation – Does a country have the core infrastructure to engage and access cyberspace?
  • Industry Application – What’s measured here is the ability of a country’s industry to take full advantage of cyberspace and develop new technologies.

Once the study was completed, the index ranked the U.S. second overall, following only the United Kingdom.

“The real advantage in looking at the numbers was around technology implementation,” Sulek said, who added that the U.K. was only marginally ahead of the U.S. “The primary determinant was really their investments in information and communications technologies. These are things like their overall spending on IT, the quality of that IT and the accessibility to the populate of that IT. In each of these areas, the U.K. ranked higher than the United States.”

The U.K. also ranked slightly higher than the U.S. in the industry application arena, particularly in electronic health, where the U.K. was an earlier adopter of the technology. “With current U.S. policy, we’re playing catch-up quickly in that area,” Sulek said.

The big takeaway for the U.S. from the Cyber Power Index, according to Sulek, is that the U.S. needs to “invest, invest and invest.”

“When you look across the various countries,” he said, “those who have really taken an interest in investing in the technology really seems to propel them higher into the list than those who maybe have not done as much investment.”

Sulek pointed to the Department of Commerce’s broadband program or the Department of Health and Human Service’s incentivizing of electronic health records as examples of governmental efforts that move countries higher up on the list. “That’s why I think you see countries like Japan, the U.K., the United States and Germany higher on the list right now than some of the others,” he said. “They’ve made the investments in this core technology.”

The one area that the Cyber Power Index does not currently measure is cybersecurity. Sulek said that they were developing a way to measure a nation’s relative military threat capability/vulnerability in cyberspace, factors he expects would be included in future indexes.

Currently, the U.S. ranks higher than China on the Cyber Power Index. If the military dimension of cyberspace were factored in, Sulek said that China would rank higher on the index. “We suspect that when we add those dimensions they will move up that list,” he said.


Cyber attack on DISA shows benefits of cloud

Draft cyber bill gives DHS controversial authorities

More cybersecurity stories