The World Economic Forum’s Global Risks Report 2019 ranks data fraud/theft and cyber attack as two of the top five global risks in terms of likelihood. The big question now is how will organizations respond?
Reading the World Economic Forum’s annual Global Risks Report is not an exercise for the faint of heart. Now in its 14th edition, the report catalogs a litany of existential threats, such as extreme weather events and natural disasters, which would cause significant disruptions to global economies.
This year, the top five risks in terms of likelihood are: extreme weather events; failure of climate-change mitigation and adaptation; natural disasters; data fraud or theft; and cyber attack.
Yes, you read that correctly. Data fraud/theft and cyber attacks are two of the likeliest top five global risks. In fact, this is the third year in a row data fraud/theft makes it into the top five, and the second year cyber attack makes the list.
The WEF Global Risks Report 2019, created in partnership with Marsh & McLennan Companies and The Zurich Group, is based on the results of the Global Risks Perceptions Survey, which is completed by 1,000 members of the WEF community — made up of leaders in government, private sector and academia — along with input from the organization’s network of experts around the world.
Cybersecurity also made its way to the top 10 global risks in terms of impact. Cyber attacks and the breakdown of critical information infrastructure and networks were ranked seventh and eighth for the potential damage they could cause. This indicates survey respondents not only understand the sheer frequency of cyber attacks, they also appreciate the risk these incidents pose to our digital economy and our very way of life. These rankings reflect the global impact on our collective psyche of incidents such as WannaCry, Equifax and hundreds of other successful cyber attacks.
In fact, cyberspace itself is listed among what the report calls “global commons” which need extra protection, alongside climate change, outer space, and the polar regions.
If, after reviewing all this, you’re still able to sleep at night, the report features a fun section called “Future Shocks,” which considers the long term effects of things like quantum computing, weather manipulation tools, and food supply disruption. The section on quantum computing includes this comforting observation: “When the huge resources being devoted to quantum research lead to large-scale quantum computing, many of the tools that form the basis of current digital cryptography will be rendered obsolete.”
While much of this won’t come as a surprise to cybersecurity professionals, it’s worth considering the significance of our quotidian work in this broader global context. When we’re caught up in the day-to-day churn of our jobs, it’s easy to lose sight of how important cybersecurity really is to the global economy. This kind of context is also helpful to keep in mind when trying to communicate the value of your work to others in your organization.
The big question is how will organizations respond? Acceptance of the problems we face is the first step. The next step must be action.
We must hold global leaders and executives accountable for managing cyber risk responsibly. We, as a society, must demand it. As customers, we deserve it. We must shift our thinking away from whom can we blame — from nation-states to 15-year-old hackers in their parents’ basement — to how we stop them. We must collectively come to terms with the reality of a digital economy.
Everything is connected, which means every aspect of today’s business opens us up to a potential attack. We must develop security strategies to address the new risks created by digital transformation. Failure to do so will lead to a watershed moment that might have irreparable consequences.
By Renaud Deraison, co-founder and Chief Technology Officer, Tenable