Indo Pacific 2023 Ad for APDR 728x90px VISITOR REGISTRATION WEBA new report published by the International Institute for Strategic Studies (IISS) reveals that external threats and related strategic concerns are driving governments to pursue more ambitious cyber strategies. The impact of cyber operations in Ukraine is most visible in Europe but less so in the Middle East or in developing countries.

Cyber Capabilities and National Power: A Net Assessment finds that:

  • The impact of cyber operations during the war against Ukraine has been profound as countries are crafting national cyber policies and substantially upgrading their cyber security all over the world;
  • World leaders in cyber include Germany and the Netherlands;
  • Estonia and Singapore display exemplary practices in cyber security and resilience;
  • The UAE and Saudi are strengthening their cyber defences in the face of serious cyber threats from Iran.
  • Turkiye’s aspirations in cyber remain within the strategic environment, but it does not yet display world-leading strength;
  • With few external threats, the push for digitalisation of the economy appears to be a higher priority for Brazil, South Africa and Nigeria than developing their core cyber-intelligence capabilities.

Cyber Capabilities and National Power: A Net Assessment is the second volume in a two-part series that uses an original methodology developed by the IISS to assess national cyber power. A total of 25 countries are studied across both volumes to illuminate the distribution of cyber power in the world today. This second volume assesses the cyber power of: Brazil, Estonia, Germany, the Netherlands, Nigeria, Saudi Arabia, South Africa, United Arab Emirates, Singapore and Turkiye.

Key assessments:

  • The role of the war in Ukraine – the report highlights the profound impact of cyber operations in the war against Ukraine, the substantial upgrades of cyber security in the Persian Gulf, and the challenges for other countries of navigating US-China tensions as they craft national cyber policies.
  • The United States remains the world leader in cyber – volume one identified the United States as the only country to merit tier one cyber-power status; none of the ten states reviewed in volume two meet the requirements to qualify for this category.
  • Germany and the Netherlands are the strongest cyber powers among the ten countries studied – this is a result of their prominence in aspects of the global digital economy,  leadership in global cyberspace affairs and strategic positioning as NATO members and the collective cyberspace capabilities of the European Union. Effective partnerships with other cyber-capable states, including the United States, make up for gaps in core cyber-intelligence capabilities and offensive cyber operations.
  • Size matters when it comes to cyber power – while Singapore and Estonia are both significant actors in cyberspace affairs and have implemented exemplary practices in cyber security and resilience, the report finds that Singapore and Estonia cannot be regarded as world leaders given their modest cyber-intelligence capabilities and lack of indigenous ICT industry and personnel.
  • UAE and Saudi Arabia have yet to fulfil their potential as cyber powers – despite their use of cyber assets for intelligence, especially in cyber surveillance, neither country currently demonstrates world-class strengths in other categories. Both are strengthening their cyber defences in the face of serious cyber threats from Iran and, given their significant wealth, are well placed to procure foreign cyber services.
  • Turkiye’s high aspirations held back by domestic governance – with various strategic concerns driving Turkiye’s strategies for cyberspace, including terrorism, the civil war in Syria, disputes in the Eastern Mediterranean, Cyprus or Ukraine, the country may well aspire to be a cyber power. Yet it is not a world leader in any of the seven categories of cyber power, with its main constraints being in domestic governance.
  • An absence of external threats explains low cyber-power aspirations of Brazil, NIgeria and South Africa – all three show low levels of consistency in the digitalisation of the economy and society, with the inevitable impact on cyber capabilities. The push for digitalisation of the economy nonetheless appears to be a higher priority than core cyber-intelligence capabilities.

The IISS methodology for measuring national cyber power differs from the index-based approaches developed by other organisations. It is broader and qualitative, analysing the cyber ecosystem of each state and how it intersects with international security, economic competition and military affairs. As the national circumstances of each state continue to evolve, the national assessments only represent a snapshot in time.

The states are assess in seven categories: strategy and doctrine; governance, command and control, core cyber-intelligence capability, cyber empowerment and dependence; cyber security and resilience, global leadership in cyberspace affairs; offensive cyber capability.

The report categorises selected countries in three tiers of cyber power. The first tier is for states with world-leading strengths. Those with world-leading strengths only in some categories account for tier two. Finally, tier three countries display strengths or potential strengths in some of the categories, but significant weaknesses in others.

An online version of the dossier is available to download here. 


For Editorial Inquiries Contact:
Editor Kym Bergmann at

For Advertising Inquiries Contact:
Director of Sales Graham Joss at

Previous articleGE Aerospace selected by Bell for V-280 Valor Future Long-Range Assault Aircraft
Next articleEM Solutions unveils expansive factory upgrade


Please enter your comment!
Please enter your name here