The GCI analyses each country's level of cybersecurity development within five categories, namely legal measures, technical measures, organisational measures as well as capacity building and cooperation.
Mauritius is in first place on the continent and sixth globally followed by Rwanda which came in second on the African continent and 36th globally. Kenya is third among African nations and 45th worldwide. While Egypt made it to 14th on the global list, it is ranked in a region of Arab States and not among African States in the report.
Brahima Sanou, Director of the ITU's Telecommunication Development Bureau, whose home country of Burkina Faso is ranked in 16th place among its counterparts on the continent and 108th globally, says the international community is increasingly embracing ICT as a key enabler for social and economic development while recognising that cybersecurity must be an integral part of the technological progress.
"In 2016, nearly one percent of all emails sent were essentially malicious attacks, the highest rate in recent years. Ransomware attacks increasingly affected businesses and consumers, with indiscriminate campaigns pushing out massive volumes of malicious emails. Attackers are demanding more and more from victims, with the average ransom demand rising to over 1,000 USD in 2016, up from approximately 300 USD a year earlier. In May 2017, a massive cyberattack caused major disruptions to companies and hospitals in over 150 countries, prompting a call for greater cooperation around the world."
Sanou adds that he is pleased to note an improvement and strengthening of the global cybersecurity agenda overall from the outcome of the 2017 GCI compared to the first report published in 2014.
The authors of the GCI 2017 say it is not directly comparable to GCI 2014 due to a change in methodology. All of the six ITU regions, three from Asia and the Pacific, two each from Europe and the Americas, and one from Africa, the Arab States, and the Commonwealth of Independent States are represented in the top ten commitment level in the GCI, according to what the report describes as a sign that being highly committed is not strictly tied to geographic location.
The report also reveals that out of the 44 member states in the Africa region, only 29 responded to the survey. The ITU says data for those countries that did not respond was sourced independently and provided to the specific countries for comment before the GCI 2017 was published.
Mauritius scored particularly high in the legal and the technical areas to clinch the top spot in Africa. The island nation also did well for capacity building due to the 180 awareness sessions for some 2 000 civil servants in 32 government ministries and departments conducted by the government's IT Security Unit.
Rwanda ranked second in Africa after scoring high in the organisational pillar for its standalone cybersecurity policy addressing both the public and private sector.
The GCI states that Kenya provides a good example of cooperation through its National Kenya Computer Incident Response Team Coordination Centre (National KE-CIRT/CC).
The top ten in Africa includes Nigeria in fourth place, Uganda in fifth while South Africa is in sixth - along with a special mention of interagency partnerships for the establishment of a national cybersecurity hub to serve as a central point for collaboration between industry, government and civil society on all cybersecurity incidents.
The rest of the African top ten comprises of Botswana, Côte d'Ivoire, Cameroon and Ghana in that order.