The 16th edition of the World Economic Forum’s (WEF) Global Risk Report was released on Tuesday, and many of the risks/threats contained are unsurprising. The results are based on the Global Risks Perception Survey and were completed by 650 members of the World Economic Forum’s diverse leadership communities. According to this, the key threats of the next decade include extreme weather, climate action failure, human led environmental damage and digital power concentration. However, among these risks we are also facing cybersecurity failure, which is ranked 4th in the ‘clear and present danger’ section. What may not come as a surprise is that not enough people realise the significance of cybersecurity, and how to properly protect their information. This leaves individuals, as well as enterprises vulnerable to cyber-attacks.
Jonathan Knudsen, senior security strategist at Synopsys says that: “Admitting that a problem exists is the first step in overcoming that problem. Managing cybersecurity requires organizations of all types and sizes to address cybersecurity directly. Organizations that use software (basically everyone) should put policies and processes in place to minimize risk and protect data. Organizations that build software must make security an integral part of their development efforts. The costs of managing cybersecurity today are a small price to pay in comparison with the mammoth costs of cybersecurity failures in the future. “
Over the past year we have battled through an unexpected pandemic, which forced us into our homes and away from friends, family, and co-workers. We were forced to adapt to a new, even more digitalized world, without enough time to really grasp what was going on. COVID-19 has ‘accelerated the fourth industrial revolution’, digitalizing human interaction. While there have been benefits, which will leave our society transformed (such as the ability to work remotely and the rapid development of the vaccine), the rapid shift also leaves room for new risks.
The WEF’s report clearly defines cybersecurity failure as something we will have to deal with over the next decade. Not only this but the swift move to digitalize has led to digital divides caused by automation bias and manipulation. Jobs, that were previously performed by human beings, are now being completed by algorithms making ‘sophisticated’ decisions. Nevertheless, cyber criminals have found ways to infiltrate the algorithms and use them for malicious and manipulative purposes, such as misinformation campaigns, phishing attacks and Ransomware.
In a comment made by Chris Clements, VP of Solutions Architecture at Cerberus Sentinel, he outlines: “Cybercrime remains a lucrative business. Criminal gangs extort millions of dollars from their victims and in addition to funding lavish lifestyles for the members provide ample budget for developing powerful hacking tools and purchasing zero-day exploits. Against such sophisticated threats the vast majority of defenders don’t stand a chance. It’s often shocking to the security professionals tasked with protecting and organization and its data just how easy it is to bypass or defeat security controls like anti-virus or how fast attackers can crack passwords. Beyond business disruption these attacks will increasingly affect the health and safety of people- we’ve already witnessed the death of a woman in Germany in 2020 directly attributed to a ransomware attack on a healthcare provider.”
Additionally, the number of countries that have reported organized social media manipulation increased by 150% between 2017 and 2019. According to Trevor Morgan this is a result of “individuals [being] at the mercy of organizations who process and store their data.” Data being stored and managed using algorithms and tech may be extremely beneficial and practical but is never 100% secure.
Trevor Morgan, product manager at comforte AG commented: “Ranking cybersecurity failure as a very high ‘clear and present danger’ is certainly very appropriate. The report by the World Economic Forum clearly spells out the reasons for such a high ranking: the negative repercussions of cybercrime affect nearly every business, government, and consumer operating in our current digital world. Businesses that suffer from cybersecurity failures face highly damaging regulatory scrutiny, legal fallout, and reputational harm. Governments risk sensitive state information falling into the wrong hands, potentially compromising entire nations. Even at the individual level, peoples’ right to data privacy (which is becoming more and more accepted as a fundamental human right) can be violated either by personal decisions (how to use and propagate their own data, where to store it, and how to protect it) or by the decisions of organizations that have collected that personal data for a variety of purposes. In essence, everybody has a stake in making sure that the failings in cybersecurity are corrected at every level of society.”
This year alone, businesses, individuals and even the health care system have suffered from cyber-attacks. Attackers used the fear of COVID-19 along with the dire need for the vaccine to their advantage, reeling their victims in with promises of financial support, information on infectious diseases and even the ability to skip the COVID-19 vaccine queue. Considering our collective move to a digital lifestyle is continuously evolving, we must place more emphasis on how we secure our data and information. Unfortunately, we can assume that these types of attacks are only going to get worse.