CyberInsights Weekly #27
WEF Global Risk Perception Survey Report and what it means to cybersecurity professionals.
Cybersecurity professionals saw an increase in cyber attacks in 2020.
Cyber attacks did not make it to the top 5 risks of the World Economic Forum (WEF) global risk perception survey in 2020.
If as cybersecurity professionals, you see a paradox, read on.
Cybersecurity is not the biggest problem today
The WEF global risk perception survey spoke to 600+ leaders to identify their biggest perceived risks. Given how businesses have suffered in 2020, it is only natural that cyberattacks do not feature as a top 5 risk.
Clearly, the world thinks that environmental risks (marked in green) are a more pertinent, probable and more complex to tackle. Technology risks, for all the hullabaloo made, must take a backseat in the current world order.
Long term impact of cybersecurity risks - NIL
Cyber attacks make as much news as natural disasters and extreme weather events, but what is the impact to the world at large? Not much.
Cyber attack related risk events have short term impact. These are easily rectified and rarely cause long term damage to society. What matters in the long term are existential risks such as loss of biodiversity and water crises - survival of earth!
Pandemic and Technology risks
The immediate risk of infectious diseases is in the minds of world leaders. There are two technology related risks that figure in the top 10 of 2021 - digital power concentration and digital inequality.
These are more likely than cyber attacks and data fraud or theft. The WEF describes them as:
They have more long term societal impact. These risks have to be addressed with policies, regulation and dialogue with big tech.
How does it impact us?
Global leaders not perceiving cyberattacks and cyber theft and fraud as top of the mind risks have a few consequences for cybersecurity professionals.
While there may be a short term increase in corporate budgets due to work from home technology being implemented, it is unlikely that cybersecurity will be a big boardroom agenda in 2021.
What should we do?
Digital divide and digital power concentration are risks we should be aware of.
Cyber risk professionals should build their capabilities to identify risks in their product and processes that might contribute to the digital divide. For example, identify risks of AI/ML driven algorithms introducing unintended bias for users.
The risk of big tech failure and big tech playing big brother should be identified, documented and discussed with the board. For example, identify the impact of the changes to WhatsApp’s privacy policy on corporate WhatsApp groups.
The original WEF Global Risk Perception Survey report is available on this link:
https://www.weforum.org/reports/the-global-risks-report-2021