If you’re looking for a scary story, put down the H.P. Lovecraft novel and pick up the 11th edition of The Global Risks Report 2016, courtesy of the World Economic Forum.
The cyber attack threat takes center stage in North America, standing out as the most likely risk by far. The report reflects the perceptions of nearly 750 experts and decision-makers in the World Economic Forum’s constituencies surveyed in late 2015.
The risks perceived as the most likely to beset various regions this year include:
The truth is that governments, businesses, organizations, and citizens in most parts of the world face pretty much the same dangers from cyber threats as their North American counterparts.
The Grant Thornton International Business Report 2015, for example, shows that cyber attacks are estimated to have cost Asia Pacific businesses $81 billion in the preceding 12 months, while firms in both the EU and North America saw revenue losses just over $60 billion.
Cyber dependency is a global trend in a world where digital businesses reside in increasingly connected, smarter and more automated environments.
That means that an entity’s risk is increasingly tied to that of other entities, making it harder for any single party to fully protect itself. This raises “the odds of a cyber attack with potential cascading effects across the cyber ecosystem,” the report states.
Consider also the impact of other risks that can lend more fuel to the cyber-attack flames. “Chronic and resurgent violence, conflicts, and economic and social volatility will remain prominent features of the current and future reality,” the report notes. Such conditions only make it easier for bad actors to gain new recruits to conduct cyber-attacks, be they criminal or terrorist in nature.
The World Economic Forum’s 2015 Executive Opinion Survey, out of 140 global economies, 18 put cyber-attacks on their list of top three risks and eight consider them a risk of highest concern for doing business. These are Estonia, Germany, Japan, Malaysia, the Netherlands, Singapore, Switzerland, and the United States.
Growing awareness is a good thing, but improved readiness to face these attacks is even better. If there’s a happy ending to this scare story, it is that defenses can be improved, although organizations must first fully grasp the extent of their cyber-security risks and the investments required to better manage those risks and build resilience.
The Global Risks report recommends actions that businesses can take to better defend themselves, such as:
It’s unlikely that every organization can prevent every cyber attack, but companies should emphasize methods to identify and effectively mitigate them by streamlining mechanisms for:
That sounds like a good plan to us, and hopefully it’s one that organizations of every stripe will waste no time putting into action.