The year 2023 is the year of the polycrisis, where risks are more inter-dependent and reciprocally damaging than ever. That’s according to the World Economic Forum, the Swiss think-tank, which ahead of its annual meeting in Davos has released a ‘Global Risks Report‘.
You can read the report at https://www.weforum.org/agenda/2023/01/global-risks-2023-green-economy-davos-2023. It covers the energy crisis, followed by the cost of living, inflation and food supplies; and cyber crime and cyber insecurity.
Akshay Joshi, Head of Industry and Partnerships, Centre for Cybersecurity, part of the Forum writes:
Geopolitical and economic uncertainty around the world is exacerbating the threat of potentially catastrophic cyber attacks, increasing the risk for businesses across sectors.
In the past year, geopolitical risk roared back to the centre of world affairs, upending supply chains and disrupting major industries ranging from energy to food commodities. New technologies are also evolving quickly, and with these come new vulnerabilities, which attackers – some of whom have strong geopolitical motives – are often swift to exploit.
The risk of cyber-attack could include, for example, a crippling ransomware attack or a breach of sensitive consumer data — either of which would cause large-scale disruption and be costly reputationally and financially.
While progress has been made in bolstering cybersecurity awareness and preparation, there is more that businesses can do to increase resiliency, including improving cyber literacy, communication and information sharing.
The current focus on geopolitics and third-party risk offers an entry point for a wider conversation about cyber risk. The situation is improving, but not sufficiently swiftly for most organisations and businesses to be confident that they are equipped to address a major cyber event. Resilience and preparation should be at the centre of business strategy.
Comments
Javvad Malik, lead security awareness advocate at the cyber training firm KnowBe4, says: “In the modern world, technology is an integral part of every industry, with organisations of all sizes and verticals becoming increasingly reliant on their computer systems to operate efficiently. Consequently, this has made them more vulnerable to cyberattacks, which can come in the form of a targeted or opportunistic attack. This has resulted in even the industries that were previously considered low-risk being affected by malicious actors, leading to a greater need for security measures. Cybersecurity is an important issue that every organisation should take seriously and consider the impact attacks can have.”
And Mark Wojtasiak, VP of Product Strategy at the cyber firm Vectra said: “Critical National Infrastructure (CNI) is becoming an increasingly attractive target for criminal cyber gangs, posing the very real threat of major disruption to areas such as food, water and energy. In a time where vital services are already under immense strain from rising costs and supply disruption, organisations responsible for CNI can’t afford for cyber-attacks to cause further turmoil.
“While WEF outlines the need to develop cross-sector resilience to cyber risks, this should be seen as a starting block. In practice, CNI organisations have to address their rising attack surface, focusing on improving their visibility into their IT environments. This means reducing the noise they face from security alerts, and achieving clearer attack signal intelligence so security teams can accurately and reliably prioritises threats, stopping attacks before they become breaches.”
