Fotimmz - Fotolia
Davos: The clock is ticking on climate change but cyber crime and emerging technologies add to risks
Climate change, natural disasters, extreme weather and loss of biodiversity are the greatest risks we face. With cyber conflicts, state-sponsored hacking and internet fragmentation, doing nothing is not an option, says the World Economic Forum
For the first time in history, the greatest and most pressing risks facing humanity are risks to the environment.
Extreme weather, the failure to tackle climate change, natural disasters and water shortages will have a catastrophic impact on populations.
Over the past 15 years of forecasts by the World Economic Forum, the most pressing risks facing the world have shifted from economic threats to the risks posed by cyber wars and technological dystopia.
Yet the threats posed by global-scale hacking, the rise of artificial intelligence (AI) and the potential disintegration of the internet have not gone away, according to the WEF’s 2020 study of global risks.
For businesses, cyber attacks are still the biggest source of concern, said John Drzik, president of global risk and digital at insurance broker Marsh, a contributor to the WEF’s Global Risks Report.
“For businesses, cyber attacks are still the number one risk in virtually all advanced economies, and data fraud and theft are a significant concern – number two in the US and high elsewhere,” he told Computer Weekly. “So I would not underestimate the technology risk.”
The difference in 2020 is that the risks have multiplied, putting renewed pressure on businesses and governments to take action on multiple fronts.
The planet is heating up, the ice is melting and biodiversity is “on fire”, said WEF president Borge Brende during a press briefing on 15 January. Doing nothing is not an option, he stressed.
“The cost of inaction today far exceeds the cost of action,” said Brende. “That’s why we now have to start to implement the necessary policies to deal with climate change.”
At a time when the world is facing slowing economies, geopolitical instability and looming trade wars, governments have less room to manoeuvre than they did just a few years ago.
And with interest rates at record lows, governments have less capacity to intervene to support economies should growth rates tumble.
Businesses face pressure from all sides on climate change. Regulators, such as the Bank of England, now stress-test financial services companies for climate risk, and investor and rating agencies are calling for greater environmental transparency.
In the US, economic damage caused by climate change could amount to 10% of Gross Domestic Product (GDP) by the end of the century.
The largest economies will feel the highest economic costs of climate change, while for smaller countries, the question is whether their populations will survive.
Pension funds that have invested in the oil, gas and coal industries may face catastrophic shortfalls as countries shift to more environmentally sustainable energy production.
And employees are voting with their feet, staging walkouts at Amazon, Google and other tech companies to protest at their employers’ environmental policies.
“All of the stakeholder groups in business, whether investors, employees, customers or regulators, are all starting to bring more attention to this issue,” Drzik told the press conference. “I think it will focus attention in the executive suite.”
Companies will need to become more resilient and more nimble to respond to unexpected regulatory changes.
The next wave of technology will dramatically reshape economies and societies. Cloud computing, autonomous cars, drones, AI and the internet of things create new opportunities, and new risks.
After environmental risks, cyber attacks pose the next biggest global threat, measured by both likelihood and impact, according to the WEF’s Cyber Risks Report 2020.
Cyber attacks are now a normal part of business across energy, healthcare and transport, often perpetrated by criminals who are able to hire hacking tools and malware on dark web forums.
Estimates suggest that damages from cyber crime could reach $6tn next year – equivalent to the GDP of the world’s third-largest economy.
The growth in isolationism around the world, and the impact of trade wars, is creating political uncertainty, which, in turn, is creating a higher risk of state-sponsored attacks, Marsh’s Drzik said in an interview with Computer Weekly.
There is no consensus yet on international treaties to limit cyber warfare or state-sponsored hacking, although a “Geneva Convention” on hacking may emerge in the future.
There is growing concern in states and businesses over the impact that a sponsored cyber attack could have on their critical infrastructure.
Digital technology is asymmetric, allowing smaller countries and criminal groups to attack larger states.
This trend is reflected in a shifting demand from organisations for cyber insurance, from covering the loss of private data to insuring against damage to property and business interruption from cyber attacks.
Many of the risks are generated by equipment suppliers that deliver technology with software vulnerabilities that can be exploited by hacking groups.
Companies are under pressure to use a more diverse range of suppliers, so they can continue to operate if parts of their networks are compromised.
“Some of the more significant cyber attacks have come through vendors and, you know, it now becomes the requirement to govern and manage the security of your vendors,” said Drzik.
Organisations will increasingly set minimum standards for the companies they want to trade with, in order to ensure that cyber attacks do not spread through their supply chains.
Read more about Davos
- Davos 2020: Climate change is set to be top of the agenda at the World Economic Forum, with Microsoft chief Satya Nadella declaring he aims to delete the company’s emissions.
- Davos 2019: Artificial intelligence is set to power the next stage of Industry 4.0, as manufacturers develop smart factories, digital twins of physical assets and deploy machine learning.
- Davos 2018: The cost of natural disasters is now at record levels, but the cost of cyber crime is far higher. The World Economic Forum hopes to persuade governments to work together on the problem, but with isolationist politics back in fashion, can it succeed?
For Peter Giger, group chief risk officer at the Zurich Insurance Group, it is not a matter of if, but when organisations are exposed to a successful cyber attack.
“Cyber risk is like other operational risks – it is a reality in life,” he said in an interview. “If you want to participate in an interlinked world, you are exposed to that risk.”
Organisations need to become more resilient, so they can detect and respond to cyber attacks when they happen.
Those that depend on a single supplier are vulnerable, even though they might benefit from lower costs, and having a diversity of suppliers makes business sense.
“You can have an optimal positioning that maximises your short-term efficiency or you may have a more diverse position, so you will be better able to adapt to changing circumstances,” Giger told Computer Weekly.
Companies that do not adapt will face growing regulation or, in a Darwinian process of natural selection, will be taken out of the game.
“If you are not the master of your destiny, someone make take you out of the game,” said Giger. “That is not an unhealthy process.”
AI has become a new frontier in geopolitics and competition between global powers, says the WEF.
Russian president Vladimir Putin said in 2017: “Whoever becomes the leader in this sphere will become the ruler of the world.”
China has made AI a national security priority, and the US Defense Department’s joint Artificial Intelligence Centre has asked for its budget to be tripled, citing the rapid development of AI by China and Russia.
Members of the Organisation for Economic Co-operation and Development (OECD) have adopted principles to promote AI that is trustworthy and respects human rights and democratic values. Similar guidelines are being tested in Europe, the Middle East and Africa.
But the move by governments around the world to more nationalist agendas is likely to make it harder to introduce global governance of AI.
AI is likely to create huge social and geopolitical instability. Advances in automation will destroy many existing jobs. Whether it will create new jobs rapidly enough to avoid massive unemployment is open to question.
“When Ford started producing new cars, everybody thought it was the end of unemployment,” Giger told Computer Weekly. “We look at AI in the same way. It will make things obsolete, but it will offer new opportunities at the same time.”
The challenge for society will be to work out ways of managing AI systems in a way that allows people to benefit from their power, but to keep control at the same time.
According to the UN’s International Telecommunications Union, it will take “massive interdisciplinary collaboration” to unlock AI’s potential. Countries and business will need to cooperate to address “deepfake” videos, mass surveillance and advanced weaponry.
One of the emerging risks is the growing dependency of healthcare on computer systems that may be vulnerable to hacking attacks, and the storage of patient data online, posing risks to privacy.
“Increasingly, the boards, CEOs and also mainstream decision-makers need to contend with planning for cyber emergencies,” said Mirek Dusek, deputy head of the Centre for Geopolitical and Regional Affairs, at the WEF press conference on 15 January. “We exist more online. There is more of our lives online. So more is at stake.”
Healthcare systems around the world are under stress, as rising and ageing populations lead to greater demand for healthcare. Developments in AI and data analytics will mean that health services will be more reliant on technology.
“Customers need to be able to trust us to care for their data, to not sell their data and to protect it properly,” said Giger. “Having said that, if you talk to certain tech companies, they will tell you that the battery life of their apps is way more important to their users than the data privacy.”
Doctors sometimes make mistakes, but at least they are able to consult with other medical experts. “With an AI program, you could have systemic mistakes made in diagnostics, so it creates new risks as it creates solutions,” Drzik told Computer Weekly.
Breakthroughs in technology will be essential to managing the environmental risks facing the planet.
Datacentres, for example, which consume vast amounts of electricity, will become more effective and energy-efficient.
“Without a huge technological contribution, it is very hard to see a politically and socially acceptable scenario,” said Zurich’s Giger.
In the longer term, quantum computing could dramatically reduce the time needed to solve mathematical problems, making it possible to break encryption.
The technology risks making existing data security, which relies on encryption, useless, exposing critical infrastructure, power grids and military networks to cyber attacks.
Digital currencies, such as bitcoin, which operate outside clear regulatory framework, could undermine sovereign currencies, and cooperation against money laundering.
The internet of things (IoT), which will underpin everything from intelligent cities to self-driving cars, is creating new routes for hackers to access sensitive personal data or threaten national security.
There are an estimated 21 billion IoT devices worldwide, and that number is expected to double within five years.
Attacks on IoT devices increased by more than 300% in the first half of 2019, and in September that year, hackers used IoT devices to take down Wikipedia through a distributed denial of service (DDoS) attack.
These nascent technologies could lead to a widening digital divide between countries, as increasing wealth gaps make it harder for those left behind to catch up.
Automation is likely to hit these countries hardest, with low-skilled workers and women likely to be hit the hardest.
The WEF said: “The lack of a global technological framework could lead to a dystopia involving, for example, cyber bulling without consequences, workplace surveillance and the erosion of employee privacy.”
The possibility of the internet fragmenting into separate networks, for example in Russia and China, could also prevent the benefits of the next generation of technologies being realised.
The internet could also fragment through the uneven spread of technology, leaving some parts of the web relying on older protocols that are incompatible with newer parts of the internet.
The fragmentation of cyber space will present insurmountable barriers for law enforcement agencies to cooperate and for intelligence-sharing between cyber security agencies across incompatible systems, said the WEF.
It will also increase the cost of doing business, and reduce productivity, making it more difficult to use cloud services, for example.
Ten years to act
The consequences of climate change amount to a “planetary emergency” the WEF argues in its report, with consequences that are catastrophic, interlinked and wide-ranging.
Natural disasters, such as hurricanes, droughts and wildfires, are becoming more intense and more frequent. Polar ice is melting more quickly than predicted, leading to rising sea levels, and risks for populations in coastal areas.
Global temperatures are predicted to rise by at least 3C by the end of the century, and the damage caused by each degree rise in temperature will accelerate.
These risks are interconnected and cumulative. The global disruption caused by climate change is likely, in turn, to lead to geopolitical disruption, leading to a greater likelihood that nation states and organised crime will step up hacking, data theft and attacks on critical infrastructure.
“We only have a very small window,” said the WEF’s Brende. “If we don’t use this window in the next 10 years, we will be faced with a situation where we are rearranging the deckchairs on the Titanic.”