​​Enhancing Cyber Resilience in Developing Countries​

Between 2014 and 2024, the World Bank supported 64 countries worldwide in building the foundations of cyber resilience. Establishing and enhancing Computer Security Incident Response Teams (CSIRTs)—the equivalent of firefighters in the digital realm—has been a cornerstone of the World Bank’s capacity building efforts.

Challenge

Cybersecurity risks are a major impediment to digital transformation, and to achieving the Sustainable Development Goals (SDGs) more broadly. From website defacements and distributed denial-of-service (DDoS) attacks to personal data theft and ransomware, cybersecurity incidents can have significant economic and social consequences. As essential goods and services such as energy, banking, water, and healthcare become more reliant on digital technologies, the impact of cybersecurity incidents is increasing significantly. 

Developing countries are particularly vulnerable because they often lack the institutional capacity and technical know-how to effectively protect the data that fuels their digital transformation, including the personal data of their citizens. CSIRTs, which support national stakeholders in detecting and responding to cybersecurity incidents, play a major role in enhancing overall cyber resilience and in building a national cybersecurity ecosystem. While most developed countries have established CSIRTs in each of their critical infrastructure sectors, many developing countries still lack a national CSIRT. According to the global Forum of Incident Response and Security Teams (FIRST), only five countries out of 22 in Western and Central Africa and 10 out of 26 in Eastern and Southern Africa have at least one operational CSIRT as of 2024.

Approach

​​World Bank support to help countries build the foundations of cyber resilience is holistic, focusing on developing national cybersecurity strategies, increasing cybersecurity skills, and establishing incident response capabilities. This work spans three pillars.

​​The first consists of technical assistance and financial support, leveraging World Bank instruments and co-financing to build the foundations of cyber resilience in developing countries. This emphasizes establishing and enhancing incident response infrastructure, developing national strategies, supporting the review and update of legal frameworks, building the capacity of national authorities, and growing the local cybersecurity workforce. Between 2016 and 2022, the World Bank organized a Global Cybersecurity Capacity Building Program that financed and supervised national cybersecurity maturity assessments in nine countries, including six in the Western Balkans. The assessments enabled the identification of key gaps in national cybersecurity ecosystems as well as the prioritization of the most relevant investments and policy reforms.

​​Furthermore, the World Bank has a key role in thought leadership: developing global knowledge products to identify and disseminate established and emerging best practices for enhancing cyber resilience. The World Bank aims to grow the evidence base for actionable policy advice through innovative research, data collection, guidance for policymakers, and practical tools for practitioners. For instance, in November 2023, the World Bank published “Hacking” the Cybersecurity Skills Gap in Developing Countries and Ghana: A Case Study on Strengthening Cyber Resilience. In 2024, the World Bank published a joint publication with FIRST entitled Digital First Responders: The Role of CSIRTs in Enhancing Cyber Resilience for Developing Countries.

​Finally, the World Bank works through its convening and partnership capabilities, facilitating dialogue and community-building among cybersecurity practitioners across countries and regions. This includes the organization of thematic workshops, global forums, and study tours, often in cooperation with other organizations. For example, in November 2023, the World Bank co-organized the Global Conference on Cyber Capacity Building (GC3B) in Accra, Ghana, with other partners. The event was a first-of-its-kind gathering of over 700 leaders, CSIRT managers, decision-makers, and experts, and enabled the creation of new partnerships and facilitated peer-to-peer learning.

Results

Between 2015 and 2024, the World Bank supported 64 countries worldwide in building cyber resilience foundations. Establishing and enhancing CSIRTs has been a key aspect of World Bank capacity building.

​In Bhutan, the World Bank provided financing and technical assistance to establish and operationalize the national CSIRT, BtCIRT, from 2015 to 2018. The CSIRT now significantly contributes to enhancing cyber resilience in Bhutan by providing expert technical support to key national stakeholders. Between 2016 and 2023, BtCIRT organized more than 20 workshops to build cybersecurity capacity in the country, handled around 1,200 cybersecurity incidents, and issued more than 600 alerts related to cybersecurity vulnerabilities and scams.

In Bangladesh, the World Bank supported the establishment and operationalization of a CSIRT dedicated to e-government, BGD e-GOV CIRT, from 2016 to 2020. Since then, the CSIRT has been successfully responding to cybersecurity incidents affecting the Bangladeshi government’s digital infrastructure, resolving 70 percent of all reported incidents within two hours. In 2021, the CSIRT also delivered 67 in-depth technical training sessions to over 1,800 civil servants.   

​In Ghana, the World Bank supported the setup and operationalization of the national CSIRT from 2014 to 2017, later integrated into the Cyber Security Authority. World Bank support helped expand a team of three civil servants into a national cybersecurity authority of more than 100 qualified staff. CSA and the national CSIRT raised awareness of cybersecurity risks to more than 275,000 Ghanaians and created a point of contact for reporting cybercrime that was used more than 50,000 times. This enabled Ghana to rise from 86th place for cybersecurity capacity globally in 2017 to 43rd in 2021, becoming the top-ranking country in Western and Central Africa, according to the International Telecommunications Union (ITU).

One World Bank in Action

​​The World Bank partners with the International Finance Corporation (IFC) to produce global knowledge on cutting-edge cybersecurity topics. For instance, World Bank and IFC teams are working together to develop guidance on complex challenges such as cloud cybersecurity and cybersecurity risk management frameworks for international investments.​

World Bank Group Contribution

The World Bank provided $250 million of financing and $20 million of trust-funded grants to help build the foundations of cyber resilience in 64 countries between 2013 and 2023. The International Development Association (IDA) and International Bank for Reconstruction and Development (IBRD) financing enabled the establishment of incident response capabilities through national and sectoral CSIRTs. ​

Partnerships

In 2021, the World Bank established the Cybersecurity Multi-Donor Trust Fund (MDTF) in collaboration with Estonia, Israel, Japan, the Netherlands, the United States, and the Bill and Melinda Gates Foundation, among other partners. The MDTF finances activities that help accelerate and upscale cybersecurity capacity building so that countries and their citizens can take full advantage of digital transformation while managing associated risks. In Liberia and the Central African Republic, for instance, the fund has financed national cybersecurity maturity assessments that helped national governments identify key gaps and investment opportunities.

​The World Bank also partners with other international organizations, such as the Organization of American States, and with non-governmental organizations, such as the Global Forum on Cyber Expertise, the World Economic Forum, and the Forum of Incident Response and Security Teams (FIRST).  An example of such a partnership took place in the Kyrgyz Republic, where the World Bank provided financing and technical assistance to establish and operationalize a government CSIRT from 2021 to 2023. This activity was delivered through a partnership between the World Bank and the ITU. The ITU financed technical equipment such as hardware and software, while the World Bank provided training to civil servants through 13 technical workshops.

​​​Looking Ahead 

Since 2015, World Bank support for cyber resilience has focused on building essential foundations, such as national CSIRTs and modernized legal and regulatory frameworks. The World Bank will continue such work through upscaling and accelerating implementation efforts, particularly in low-income countries.

​Looking ahead, World Bank support will also include more sophisticated activities, such as designing action plans to develop human capital for the cybersecurity workforce and industry, including for middle-income countries. The World Bank will also extend its support to build cybersecurity capacity for critical infrastructures, including through the establishment of sectoral CSIRTs for energy, transport, and health.  

​The World Bank is currently supporting the government of Ukraine to enhance the overall “digital resilience” of the country through an innovative research program aiming at identifying synergies between cybersecurity preparedness, natural disaster risk management, and the protection of critical infrastructure in times of warfare and conflict. This framework can deliver significant value in other fragile and conflict-affected settings undergoing digital transformation.