News

In 2024, the International Telecommunication Union released the fifth edition of the Global Cybersecurity Index (GCI), which assesses countries’ efforts to ensure cybersecurity. Over the past four years, Uzbekistan has strengthened its position and entered the second group of advanced countries, together with Russia, Kazakhstan, and Azerbaijan. Kyrgyzstan and Belarus moved up to the third group, known as the “establishing” group.

In addition, Tajikistan and Turkmenistan have strengthened their positions, so that in 2024, none of the CIS countries will fall into the last category of countries with a low level of cybersecurity commitment. 

The GCI assesses countries’ cybersecurity commitments in five areas:

The index emphasizes the need for inclusive and secure telecommunications/ICTs for sustainable development, highlighting the importance of cybersecurity, digital literacy, and secure infrastructure.

According to the previous edition of the ITU Global Cybersecurity Index, released in 2020, the most developed countries in the CIS region were Russia, Kazakhstan, and Azerbaijan. At that time, only Russia (98.06) ranked among the top ten countries globally, sharing leading positions with the US, the UK, Saudi Arabia, Estonia, South Korea, Singapore, and Spain, among others.

In 2024, the authors of the study reclassified Russia, which was once a leader in the 2020 rating, from a leading to an advanced country in the field of information security (92,13). ITU experts identified legal regulation, the production capacity of IS market players, and organizational capabilities as Russia’s strengths, while noting technical equipment and cooperation as areas with potential for growth.

CIS countries such as Kazakhstan, Uzbekistan, and Azerbaijan are also in the second most advanced group, alongside China, Switzerland, Ireland, and Israel. In 2020, Kazakhstan and Azerbaijan were categorized in the second tier of countries in terms of cybersecurity level (85-95 points) and have retained their positions four years later.​

Uzbekistan moved up to the category of advanced countries, rising from a lower tier (from 71 to 89,2 points). Previously, Uzbekistan’s strengths included only the legal framework, but now ITU experts have added capacity development and cooperation to these strengths.

Belarus and Kyrgyzstan also improved their positions, advancing from the fourth to the third group (Establishing, 55-85 points). In 2024, Belarus added legal measures to the cooperation indicator as a strength. Kyrgyzstan, meanwhile, significantly strengthened its technical measures to ensure cybersecurity while maintaining a high level of legal and organizational measures.

In 2024, none of the CIS countries were categorized as states where the IS ecosystem is only under construction (0-20). Tajikistan and Turkmenistan, which belonged to this group in 2020, increased their ratings and moved into the developing group (20-55), alongside Armenia.

To help countries strengthen the competencies of cybersecurity professionals, engage in international cooperation, and share experiences, the ITU conducts cyberdrills at national,regional and international levels. ITU cyberdrills are structured around various cyber incident scenarios — specifically, the most common types of attacks. Participants are tasked with investigating and analyzing these incidents and developing measures to mitigate their effects.

The target audience for these cyberdrills include national Computer Incident Response Teams (CIRTs). They operate on the principle that if specialists from one CIRT observe suspicious activity, they can contact the CIRT of another country to resolve the issue more effectively.

“Cyberdrills provide IT security professionals with the opportunity to practice their skills in conditions that closely resemble real-world scenarios. This facilitates effective knowledge and technology sharing among participants and enhances their preparedness to counter cyberattacks. Participating in cyber exercises allows professionals to test and refine their skills under simulated conditions that mimic actual cyber environments, contributing to their professional development as they interact with modern and advanced cyber defense and attack methods,” said Timur Derbishaliev.

According to him, a distinctive feature of cyber exercise is teamwork, which develops communication skills and the ability to function effectively in a high-stress environment. In addition, the drills provide an excellent platform for interacting with other professionals in the field, fostering new collaborations.

“Cyberdrills involve malicious traffic that is often much more complex than what specialists encounter in their daily practice. This is because the aim of these drills is to recreate conditions as closely resembling the real world as possible, including simulations of the latest and most complex cyber threats. This approach allows participants to effectively adapt to the dynamically changing cyber landscape, preparing them for genuine cybersecurity challenges,” concluded Timur Derbishaliev.