Support 416-591-6711 option 1 or Email Us

The World Economic Forum Orders a Global Wake-Up Call - Cybersecurity

Wed, 26 Jun 2019

Are you prone to sleepwalking? The World Economic Forum (WEF) thinks that you are. In fact, they are worried that the majority of the population is sleepwalking into a series of global crises. The WEF released the 14th Edition of The Global Risks Report (GRR), and it reads more like a crossover script to an upcoming action movie, imagine The Day After Tomorrow meets Hackers, than a predictions report. The GRR discusses the threats that pose the most risk to the world’s economy, environment, and population safety. The predicted perils are both multi-faceted and interconnected. Which makes them problematic on their own and highly formidable when you look at them as a whole. The enhanced pace of the digital economy is one of the critical factors influencing the 2019 GRR.  

Technology is shaping our future, bettering how we live and digitally connecting our world. With this global interconnectivity and society’s rising cyber-dependence, come negative ramifications. Defined by the WEF as, “intended or unintended adverse consequences of technological advances such as artificial intelligence, geo-engineering and synthetic biology causing human, environmental, and economic damage. [i] Most worrisome is the prediction of extreme social uncertainty and growing divisions between societies that advance as technology advances. Fake news, national security breaches and fear threaten to divide us. In the GRR, of the “Top 10 risks in terms of Likelihood,” over ten years, the top three were environmental – extreme weather, climate change, and natural disasters. But, rounding off the top five were "Data fraud or theft" and "Cyber-attacks" in spot numbers four and five, respectively.

The World Economic Forum Orders a Global Wake-Up CallFeeling unstable and a little insecure

The WEF polled a large, global group and, out of the respondents, 82% expected heightened risk of a “Massive incident of data fraud or theft” leading to stolen data and money over the next ten years. 80% of respondents believed that “wrongful exploitation of private or official data that takes place on an unprecedented scale” will lead to a disruption in operations. New instabilities began to emerge through WEF’s research. For example, approximately two-thirds of responders presume the menaces related to fake news and identity theft will rise in 2019. Three-fifths of respondents had the same attitude regarding the loss of privacy to corporations and governments. These responses aren't surprising.

It was one year ago, in January of 2018, that there was a massive breach of Aadhaar data in India that exposed almost 1.1 billion citizen records. The hackers evaded the security system (which included biometric authentication) and were able to access names, addresses, phone numbers, email addresses, and photographs. Criminals were paying 500 rupees for ten minutes' access to the database.[ii] Google was hit three times last year. LinkedIn revealed almost eighteen million email addresses and went on a phishing trip to draw in more users. Facebook faced its most significant data breach thus far when nearly fifty million records were compromised. It was no vacation for over five-hundred million guests when Marriott Starwood was hacked, and personal information retrieved. And, in July, the US government admitted that hackers had gained control of utility company control rooms. 

The risk of cyber-attacks and critical information infrastructure breakdown are interconnected, a fact that terrifies many as these attacks are set to increase over the next ten years according to WEF. Not only did cyber-attacks make the top ten for likelihood they also made the "Top 10 risks in terms of impact" coming in at number seven. In 2018, the combination of determined cyber-attacks and slack security practices led to substantial breaches of personal information. 

Most look to software as their most likely security weakness; however, 2018 proved that vulnerabilities in your IT armor can be unexpected. The Meltdown and Spectre threats were due to deficiencies in modern processors that allowed the theft of data. Meltdown ‘melted down’ the separation between user applications and the operating system, while Spectre violated the separation between various applications. Both of these have widespread reach, impacting desktop, laptop and cloud computers. Potentially every Intel processor from 1995 on is susceptible.[iii]

Five ways to protect your company

  1. Changes to the Canadian Personal Information Protection and Electronic Documents Act (or PIPEDA), in place as of November 2018, mean that data breaches must be disclosed to those made vulnerable. Also, companies may be required to pay hefty fines (up to $100,000 per violation).[iv] The message is clear, protect what is important, or pay.
  2. Get top-notch defenses in place. You need to make your security as strong as it can be to thwart all attacks and to locate and defend all vulnerabilities.
  3. Create a cyber-safe culture in your company. Cyber risks and security measures are not only for the IT department to worry about. Every employee needs to buy in, from those in corner offices to those in cubicles, whether remote or onsite. A team approach is integral to maintaining cybersecurity.
  4. Contact a cybersecurity solutions provider, like ISA, to help your company develop cyber resilience. An incident response plan is vital in case a cyber incident happens. The ability to respond quickly and act accordingly will lessen the impact of a security breach and help with a speedy and successful recovery.
  5. Make cyber-security a priority. Let's face it, cyber-security doesn't show well. A glamourous professionally designed office looks good. Witty marketing gets attention. But these won't save you, your customers, or your supply chain, from cyber-threats. It's not showy, but cybersecurity needs to be at the foundation of your company in a digital economy.
  6. Practice and update. Technology is always changing, and hackers are continually adapting. That means you need to change and adapt too. There’s not much point in having outdated contingency plans. 

They’ve tried to warn us 

Coming in at number eight on the impact top-ten this year is the "breakdown of critical information infrastructure and networks." WEF defines this as "cyber dependency that increases vulnerability to outage of critical information infrastructure (e.g., internet, satellites, etc.) and networks, causing widespread disruption." There is a growing need to protect the cybersecurity of critical infrastructures such as sanitation systems and energy grids. The merging of physical infrastructure with cyber-technologies increases functionality, however, it also increases the risk of cyber attacks. Attacks on any single infrastructure area, from financial systems to communications networks, to the energy grid, could cripple communities or entire countries. 

The World Economic Forum Orders a Global Wake-Up Call

In 2010, the WEF GRR outlined critical infrastructure risks that have only been magnified over the eight years since with the rise in digitalization and the Internet of Things. In 2010, the GRR stated, "As the Internet and CII move from 1.0 to 2.0 and beyond, more content from multiple and varied sources will be housed together on the customer or end-user side, creating a highly complex environment for security governance and protection. The degree to which ICT systems are increasingly embedded in vital systems and services, from finance to transportation and energy, heightens the level of systemic risk and the potential for a cascade of failures with severe economic and social impact.”[v]

The interconnectivity that makes life more convenient and benefits humanity in so many ways, also means that a successful cyber-attack on, for example, a country’s electrical grid, could result in terrible, widespread effects. Whatever the industry, from nuclear power to transportation, from sales to service, if your company is online then you need protection. As IBM CEO Ginni Rommety said, “Cybercrime is the greatest threat to every company in the world.Work with an ISA Security Advisor to make your company cyber-resilient today.

 

 



‹ Back