Strategy for Determining Country Ranking by Level of Cybersecurity

The rapid development of the fourth industrial revolution contributed to the growth of computerization and digitalization of many spheres of society, which eventually led to the emergence of cybercrime. As a result, it is necessary to develop a cybersecurity strategy at the country level, which involves the development of effective measures to protect information. The purpose of this article is to determine the strategy for ranking countries by their level of cybersecurity. For its implementation, 12 indicators were selected that characterize various aspects of cybersecurity of countries: Cyber Security Policy Development, Cyber Threat Analysis and Information, Education and Professional Development, Contribution to global cyber security, Protection of digital services, Protection of essential services, E-identification and trust services, Protection of personal data, Cyber incidents response, Cyber crisis management, Fight against cybercrime, Military cyber operations. Their actual values were taken for 160 countries in 2018. The article proved that the existing method of determining the actual ranking of countries has a number of shortcomings, which are the lack of solutions to problems related to the dimensionality of data, determining the weights of the analyzed indicators, taking into account the diversity of indicators and their fundamental differences. To avoid these shortcomings, it is proposed to use multi-attribute decision-making methods, which are used in the decision-making process, but their capabilities allow the evaluation of ratings. The methods of TOPSIS, VIKOR and MAAM were used in the article. As a result, it was found that the rating by the MAAM method has about 25% similarity with the values of the ranking. Also, this method has most of the disadvantages inherent in the actual. The TOPSIS and VIKOR methods showed better results, which were less similar to the real values. It was found that VIKOR (v = 0.5) shows more balanced estimates than VIKOR (v = 1.0) in relation to the ranking of countries in terms of cybersecurity. VIKOR (v = 1.0) is more suitable for solving the problem of choosing alternatives than for rating. The TOPSIS method proved to be the most effective for ranking countries, which eliminates the shortcomings of the real assessment method and allows to determine the best and worst alternative, which facilitates the analysis separately for the indicators. Checking the effectiveness of the obtained ratings, using Spearman's rank correlation coefficient, proved their effectiveness.