Fotimmz - Fotolia

Cyber security failure one of biggest risks facing countries and businesses, warns WEF

Cyber risks are among the top five risks facing organisations and governments over the next two to five years. Digital inequality and the over-crowding of space with communication satellites present further risks 

This article can also be found in the Premium Editorial Download: Computer Weekly: The race to quantum computing

Cyber security threats rank among the top risks facing the world, as governments struggle with climate change, growing social inequality and recovery from the pandemic, the World Economic Forum (WEF) warns.

The growing vulnerability of governments and businesses to cyber attacks will be one of the key risks under discussion as business leaders, politicians, academics and non-government organisations meet in a series of virtual discussions, from 17 to 21 January, replacing in-person discussions in Davos.

Cross-border cyber attacks, misinformation and the growing inequality between those who have access to digital services and those who don’t are among the most serious medium- and short-term risks facing governments and businesses, according to the WEF Global risks report 2022.

The WEF lists failure of cyber security as one of the top risks over the next two to five years, as threats such as ransomware and nation-state-backed attacks proliferate and organisations become more reliant on technology.

Growing technology risks will add pressure on businesses and governments to find better ways to mitigate cyber threats, said Carolina Klint, risk management leader for continental Europe at insurance broker and risk specialist Marsh.

“As companies recover from the pandemic, they are rightly sharpening their focus on organisational resilience and ESG [environmental, social and governance] credentials,” said Klint, one of the contributors to the report.

“With cyber threats now growing faster than our ability to eradicate them permanently, it is clear that neither resilience nor governance are possible without credible and sophisticated cyber risk management plans,” she stated.

Pandemic increased cyber risk

The pandemic has increased societies’ dependency on digital systems, increasing the exposure of organisations to cyber attacks.

Over the past 18 months, companies have rapidly invested in digitising their systems and have moved staff to home working, increasing their exposure to internet attacks.

At the same time, cyber attacks have been growing at a rate that is outpacing societies’ ability to prevent or respond to them, states the WEF report.

It says “lower barriers to entry for cyber threat actors, more aggressive attack methods, a dearth of cyber security professionals and a patchwork of governance mechanisms” are exacerbating the risk to digital infrastructure.

Ransomware is a particularly dangerous threat that represents a major concern for public safety, according to the cyber security leaders who contributed to the report.

Even in the best-case scenarios, the cost of defending against digital threats will increase, the WEF predicts.

This will be particularly challenging for small and medium-sized companies that typically spend 4% or more of their operational budgets on security, compared with larger companies that typically spend 1% to 2%.

Cyber security failure ranks as the number one risk in Great Britain, Australia, Ireland and New Zealand, and is among the top five risks in East Asia and the Pacific and Europe.

Tensions between nations will grow, as state-sponsored cyber attacks become more severe, turning cyber security into a “wedge for divergence” rather than cooperation among member states.

Disinformation, fraud and lack of digital safety are likely to reduce the public’s trust in digital systems further, the WEF predicts.

Digital inequality

Covid-19 has led to large investments in digital technology in some countries, but lower-income countries could find themselves stuck in a pre-pandemic “analogue economy”.

Digital inequality – the unequal access of populations to digital services – is a significant short-term risk in Latin America and Sub-Saharan Africa, two areas that are expected to have the slowest growth in 2022, and in other low-income countries.

Around 40% of the world’s population is not yet connected to the internet.

Developing economies will have limited resources to defend their critical infrastructure against cyber threats, or to develop regulations to protect data and privacy.

“There is a risk that concerns over cyber security could further hamper attempts to promote rapid and inclusive digitisation,” the WEF report states.

Crowded space

The rapid expansion of commercial satellite operators, driven by the development of internet communications, could generate tension between countries without international agreements on how to govern exploitation of space.

Increasing numbers of satellites orbiting the Earth could lead to a “proliferation of space debris” leading to a higher risk of collisions.

That could make it more difficult to use the orbital paths needed to host infrastructure in space to support systems on Earth, such as GPS navigation.

The loss of a satellite through collision with debris could spark tensions between countries, which could be exacerbated by weapons testing in space.

Increased activity in space may also have environmental impacts, potentially raising the cost of weather monitoring and climate change surveillance.

Managing future risks

The lack of global collaboration on Covid-19 offers a “sobering view” of the prospects of managing future global risks, such as tougher action on climate change and extreme weather.

Two years on from the start of the pandemic, the actions and behaviour of all stakeholders will determine how quickly the world recovers and develops the resilience needed to prepare for the next major shock, the report states.

The WEF is calling for collaboration between countries to develop rules of behaviour in cyber space, and to develop best practices in security that can be shared across industries and economies.

Initiatives should focus on blockchain, quantum computing and artificial intelligence, the WEF argues.

“Unless we act to improve digital trust with intentional and persistent trust-building initiatives, the digital world will continue to drift towards fragmentation and the promise of one of the most dynamic eras of human progress may be lost,” the WEF report states.

The report draws on insights from risk experts around the world, underpinned by a risk perception survey of 1,000 global experts and leaders, and insights from 12,000 people who identified critical short-term risks in 124 countries.

Read more on IT risk management