PhD, Associate Professor of the Economic Cybernetics Department, Sumy State University, Sumy, Ukraine
Doctor of Economics. Professor. Head of Economic Cybernetics Department, Sumy State University. Head of Scientific and Educational Center for Business Analytics, Sumy, Ukraine
Founder and CEO of Yanda.io, Italy
The rapid development of the fourth industrial revolution contributed to the growth of computerization and digitalization of many spheres of society, which eventually led to the emergence of cybercrime. As a result, it is necessary to develop a cybersecurity strategy at the country level, which involves the development of effective measures to protect information. The purpose of this article is to determine the strategy for ranking countries by their level of cybersecurity. For its implementation, 12 indicators were selected that characterize various aspects of cybersecurity of countries: Cyber Security Policy Development, Cyber Threat Analysis and Information, Education and Professional Development, Contribution to global cyber security, Protection of digital services, Protection of essential services, E-identification and trust services, Protection of personal data, Cyber incidents response, Cyber crisis management, Fight against cybercrime, Military cyber operations. Their actual values were taken for 160 countries in 2018. The article proved that the existing method of determining the actual ranking of countries has a number of shortcomings, which are the lack of solutions to problems related to the dimensionality of data, determining the weights of the analyzed indicators, taking into account the diversity of indicators and their fundamental differences. To avoid these shortcomings, it is proposed to use multi-attribute decision-making methods, which are used in the decision-making process, but their capabilities allow the evaluation of ratings. The methods of TOPSIS, VIKOR and MAAM were used in the article. As a result, it was found that the rating by the MAAM method has about 25% similarity with the values of the ranking. Also, this method has most of the disadvantages inherent in the actual. The TOPSIS and VIKOR methods showed better results, which were less similar to the real values. It was found that VIKOR (v = 0.5) shows more balanced estimates than VIKOR (v = 1.0) in relation to the ranking of countries in terms of cybersecurity. VIKOR (v = 1.0) is more suitable for solving the problem of choosing alternatives than for rating. The TOPSIS method proved to be the most effective for ranking countries, which eliminates the shortcomings of the real assessment method and allows to determine the best and worst alternative, which facilitates the analysis separately for the indicators. Checking the effectiveness of the obtained ratings, using Spearman’s rank correlation coefficient, proved their effectiveness.
Keywords: country, cybersecurity, MAAM, National Cybersecurity Index, rank, strategy, TOPSIS, VIKOR.
JEL Classification: D80, O30.
Cite as: Yarovenko, H., Kuzmenko, O., Stumpo, M. (2020). Strategy for Determining Country Ranking by Level of Cybersecurity. Financial Markets, Institutions and Risks, 4(3), 124-137. https://doi.org/10.21272/fmir.4(3).124-137.2020
This work is licensed under a Creative Commons Attribution 4.0 International License
- Ghernouti-Hélie, S. (2010, February). A national strategy for an effective cybersecurity approach and culture. In 5th International Conference on Availability, Reliability, and Security, ARES 2010 (Krakow; Poland; 15 February 2010 through 18 February 2010), 370-373. IEEE. Retrieved from: https://www.semanticscholar.org/paper/A-National-Strategy-for-an-Effective-Cybersecurity-Ghernouti-H%C3%A9lie/29283b90ba70442be97ed97d1083529f30e70603
- Galinec, D., Moznik, D. and Guberina, B. (2017). Cybersecurity and cyber defence: national level strategic approach. Automatika, 58(3), 273-286. DOI: 10.1080/00051144.2017.1407022
- Teoh, C.S. and Mahmood, A.K. (2017). National cyber security strategies for digital economy. Journal of Theoretical and Applied Information Technology, 9(13), 6510-6522. Retrieved from: https://www.researchgate.net/publication/322150967_National_cyber_security_strategies_for_digital_economy
- Kshetri, N. and Murugesan, S. (2013). EU and US cybersecurity strategies and their impact on businesses and consumers. Computer, 46(10), 84-88. DOI: 10.1109/MC.2013.350.
- Kostyuk, N. (2014). International and domestic challenges to comprehensive national cybersecurity: A case study of the Czech Republic. Journal of Strategic Security, 7(1), 68-82. DOI: 10.5038/1944-04126.96.36.199.
- Štitilis, D., Pakutinskas, P. and Malinauskaite, I. (2017). EU and NATO cybersecurity strategies and national cyber security strategies: A comparative analysis. Security Journal, 30(4), 1151-1168. DOI: 10.1057/s41284-016-0083-9.
- Jacobs, P., Von Solms, B. and Grobler, M. (2017). Towards a national cybersecurity capability development model. In 16th European Conference on Cyber Warfare and Security, ECCWS 2017 (Dublin; Ireland), 582-592. Retrieved from: http://researchspace.csir.co.za/dspace/handle/10204/9458
- Kolini, F. and Janczewski, L. (2017). Clustering and topic modelling: A new approach for analysis of national cybersecurity strategies. In Pacific Asia Conference on Information Systems (PACIS). Association For Information Systems, 2017. Retrieved from: https://core.ac.uk/download/pdf/301372894.pdf
- Fenton, N. and Neil, M. (2012). Risk assessment and decision analysis with bayesian networks. In Risk Assessment and Decision Analysis with Bayesian Networks, 1-494. DOI: 10.1201/b21982). CRC Press.
- Noel, S., Harley, E., Tam, K.H., Limiero, M. and Share, M. (2016). CyGraph: Graph-Based Analytics and Visualization for Cybersecurity. Handbook of Statistics, 35, 117-167. DOI: 10.1016/bs.host.2016.07.001.
- Zhang, R., Xue, R. and Liu, L. (2019). Security and privacy on blockchain. ACM Computing Surveys, 52(3), 1-34. Retrieved from: https://arxiv.org/pdf/1903.07602
- Yarovenko, H.М. (2004). Aspekty avtomatyzatsii finansovoho kontroliu pidpryiemstv [Aspects of automation of financial control of enterprises]. Bulletin of the Ukrainian Academy of Banking, 2(17), 89-96. URL: https://essuir.sumdu.edu.ua/handle/123456789/54128. [in Ukrainian]
- Akram, S.M., Al-Kenani, A.N. and Alcantud, J.C.R. (2019). Group Decision-Making Based on the VIKOR Method with Trapezoidal Bipolar Fuzzy Information. Symmetry, 11, 1313. DOI: 10.3390/sym11101313.
- Ghaleb, A. M., Kaid, H., Alsamhan, A., Mian, S. H. and Hidri, L. (2020). Assessment and Comparison of Various MCDM Approaches in the Selection of Manufacturing Process. Advances in Materials Science and Engineering. DOI: 10.1155/2020/4039253.
- Mardani, A., Zavadskas, E.K., Govindan, K., Amat Senin, A. and Jusoh, A. . (2016). VIKOR technique: A systematic review of the state of the art literature on methodologies and applications. Sustainability, 8(1), 37. DOI: 10.3390/su8010037.
- Suniantara, I. K. P. and Putra, I. G. E. W. (2019). Comparison of VIKOR and TOPSIS Methods in Multiresponse Taguchi Optimization. Journal of Education Research and Evaluation, 2(3), 106-113. URL: https://ejournal.undiksha.ac.id/index.php/JERE.
- Chatterjeea, P. and Chakraborty, S. (2016). A comparative analysis of VIKOR method and its variants. Decision Science Letters, 5, 469–486. DOI: 10.5267/j.dsl.2016.5.004.
- e-Governance Academy Foundation. (2020). National Cyber Security Index. Retrieved from NCSI: https://ncsi.ega.ee/ncsi-index/
- Hwang, C.L. and Yoon, K. (1981). Multiple Attribute Decision Making: Methods and Applications. New York: Springer-Verlag. DOI: 10.1007/978-3-642-48318-9.
- Opricovic, S. T. G.-H. (2004.). The Compromise solution by MCDM methods: A comparative analysis of VIKOR and TOPSIS. European Journal of Operational Research, 156(2). 445–455. Retrieved from: https://www.academia.edu/3288444/Compromise_solution_by_MCDM_methods_A_comparative_analysis_of_VIKOR_and_TOPSIS
- Miller, K.E. (1975). A Situational Multi-Attribute Attitude Model. Advances in Consumer Research, 2, 455-464.