If you’re looking for some uplifting reading, I would not recommend The Global Risks Report 2018. Published by The World Economic Forum (WEF), this report is a comprehensive examination of all the things that threaten to derail society. Climate change, tidal waves, water scarcity, terrorism; it’s the ultimate ‘worst-case scenario.’ It makes for sobering reading, but of course, the objective of the WEF Global Risks Report is to help economists and businesspeople mitigate risk.
In the introduction of the WEF’s report there’s a chart ranking threats by 2 criteria: likelihood and impact.
(Above: excerpt from The Global Risks Report 2018, published by The World Economic Forum.)
Here’s the thing that jumped out at me when I looked at this graph: cyberattacks; they’re right up there with ‘natural disasters’ and ‘water crises.’ In fact, two of the top five risks by perceived likelihood relate to cybersecurity; cyberattacks and massive data fraud. In terms of imminent economic threat, the WEF’s survey rates cyberattacks ahead of infectious disease and terrorism.
‘Cybersecurity risks are growing, both in their prevalence and in their disruptive potential. Attacks against businesses have almost doubled in five years, and incidents that would once have been considered extraordinary are becoming more and more commonplace... Notable examples included the WannaCry attack - which affected 300,000 computers across 150 countries - and NotPetya, which caused quarterly losses of US$300 million for a number of affected businesses.’
- WEF Global Risks Report 2018
I’m embedded in the cybersecurity industry so for me, the warnings in the Global Risks Report don’t come as a surprise. The WEF’s report corroborates statistics from international law enforcement agencies and government bodies that are telling the same story. The statistics on cybercrime are growing so fast at the moment that it’s hard to keep up, but the overall trend is very clear; cybercrime is accelerating explosively.
Summarising the cybersecurity state-of-play the WEF report quotes these staggering numbers:
Don’t let your company become a statistic
- WEF Global Risks Report 2018
The surge in cybercrime is being driven by opportunity; as more commerce is conducted online the opportunities for crime grow correspondingly. There’s been a lag between online investment and cybersecurity preparedness and that’s created a gap criminals were quick to push into.
I’m realistic about the threats from cybercrime that business is facing, but I’m also optimistic. Why? Because I’m in a position to see the fight-back as well as the attack. Cybercriminals have wielded some formidable weapons in recent years but conversely, those of us in the cybersecurity industry are also creating better tools to disarm them. Cybersecurity awareness amongst business leaders is also improving, and that’s key because it takes action by executive-level management to implement effective cybersecurity.
Cybersecurity best-practice is to put multiple security layers in place and not rely on any single defence.
The key thing to know about cybersecurity is that prevention is the only strategy that works. Once your company has suffered a data breach there will be precious little you can do. There’s a lingering virus-scan mentality with a lot of people, but the harsh reality is that by the time you discover a breach in your security the damage will probably have been done already.
An effective corporate cybersecurity policy needs to involve:
Cybersecurity is a leadership issue but when I talk to CxOs about their cybersecurity issues they often say something like ‘our IT department takes care of that...’
That sort of thinking is dangerous. Human beings are the weakest link in the cyber-defenses of any company, so every employee needs to understand cybercrime threats and know how to behave safely online.
The 2018 WEF Global Risks Report is a reminder that the time to act on cybersecurity is now.
Cybercrime is a global problem but there’s no way to police it in a centralised way. The solutions depend on individual businesses taking steps to make themselves secure.
If you find the complex challenges of data-security, hacking and cybercrime overwhelming then you are definitely not alone. A lot of businesspeople are disempowered by the magnitude of these issues and fail to act because they don’t know where to start.
I’ve written a cybersecurity handbook for business owners and CxOs: Surviving the Rise of Cybercrime. I wrote the book as a plain-language guide for non-tech executives. It’s a 60 minute read that will give you all the information you need to take control of the cybersecurity challenges faced by your company.
You can download a free copy of Surviving the Rise of Cybercrime, here: www.survivingcybercrime.com