IISS: Cyber Capabilities & National Power Rankings

A two year of study by the eminent think-tank, the International Institute for Strategic Studies (IISS) has produced a report that assesses 15 countries cyber power. It ranks a country’s cyber capacity and effectiveness and its general conclusion is that most countries are not satisfied with the level of their electronic defences. 

Currently, there is a large cyber gap between many countries and at present the US is the world leader in cyber capability and is ranked by IISS as the only country that is ranked in Tier One and is considered to have at least a 10 year cyber advantage over other contenders.

Countries in the IISS Tier Two are Australia, Canada, China, France, Israel, Russia and the UK,  while those in Tier Three are India, Indonesia, Iran, Japan, Malaysia, North Korea and Vietnam.

Overall, the report suggests that national Intelligence Agencies working for countries that are awake to the Information Age will become far more cyber/AI focused and this report provides substantial further evidence that, for many countries, cyber policies and capabilities have moved to centre stage in international security.

• In 2015, China’s new military strategy declared that ‘outer space and cyber space have become new commanding heights of strategic competition’ between states. 

• In 2016, the Unites States accused the Russian government, and President Vladimir Putin personally, of ordering a sustained information attack on the US presidential election.In May 2019, then-president Donald Trump foreshadowed a technology war with China if it continued its malign actions in cyberspace.

• In March 2020, Trump declared a national emergency in cyberspace, the fourth time in five years that a US president had done so. 

• In April 2021, China referred to the US as the ‘champion’ of cyber attacks. A month later, the G7 foreign ministers’ meeting called on both Russia and China to bring their cyber activities into line with international norms. 

Dominance in cyberspace has been a strategic goal of the United States since the mid-1990s. It is the only country with a heavy global footprint in both civil and military uses of cyberspace, although it now perceives itself as seriously threatened by China and Russia.

In response, it is taking a robust and urgent approach to extending its capabilities for cyber operations, both for systems security at home and for its ambitions abroad in the diplomatic, political, economic and military spheres. 

The US retains a clear superiority over all other countries in terms of its ICT empowerment, but this is not a monopoly position. At least six European or Asian countries command leadership positions in certain aspects of the ICT sector, though all but one (China) are close US allies or strategic partners. 

Australia : Tier Two

Australia’s cyber security strategies have concentrated on national security, commercial cyber security, the industrial base for sovereign capability, workforce development and good international citizenship. The Australian Signals Directorate, the country’s principal cyber-related agency, remains the most influential in national policymaking. The country is still developing its military cyber strategies and policies after setting up an Information Warfare Division in 2017. 

Australia can boast some research and industry credentials in the field of information and communications technology and cyber security, but these are growing from a low base. In part because of its 70-year membership of the Five Eyes intelligence alliance, Australia has more mature cyber capabilities than its modest defence and intelligence budgets might suggest. It is active in global diplomacy for cyber norms and cyber capacity-building. 

India : Tier Three

Despite the geostrategic instability of its region and a keen awareness of the cyber threat it faces, India has made only modest progress in developing its policy and doctrine for cyberspace security. The country is active and visible in cyber diplomacy but has not been among the leaders on global norms, preferring instead to make productive practical arrangements with key states. From the little evidence available on India’s offensive cyber capability, it is safe to assume it is Pakistan-focused and regionally effective. 

Overall, India is a third-tier cyber power whose best chance of progressing to the second tier is by harnessing its great digital-industrial potential and adopting a whole-of-society approach to improving its cyber security. Iran regards itself as being in an intelligence and cyber war with its enemies. 

Iran: Tier Three

In 2010, when the Stuxnet attack on Iran by the United States and Israel was revealed, the country had little access to international cyber security suppliers and only a very small number of domestic researchers in the field. Since then, however, it has become a determined cyber actor against US, Gulf Arab and Israeli interests.

Leading states agree that cyber capability underpins military power and can radically affect decision-making and the control of most military systems. Presentky the IISS conclude that the US currently has superiority, but ther are a growing number of contenders capabable of inflicting damaging intrusions which transcend national borders.

IISS:         IISS:     

You Might Also Read: 

The Cyber Security Top Ten Power List: