Geopolitical instability raising risk of ‘catastrophic cyber attacks’: WEF study
Davos: Geopolitical instability is increasing the risk of catastrophic cyberattacks, according to a report launched at the annual meeting of the World Economic Forum in Davos on Wednesday.
More than 93 percent of cybersecurity experts and 86 percent of business leaders who were interviewed for the report believe that “a far-reaching, catastrophic cyber incident is likely to occur in the next two years” and that a critical skill The gap is in danger. Society and key infrastructure.
The “Global Cyber Security Outlook 2023” report is based on polls, workshops and interviews with over 300 experts and senior executives. Half of the companies surveyed said that the current scenario is forcing them to re-evaluate the countries in which they do business.
Despite the challenges, organizations are improving cyber resilience, which is one of the key priorities of the WEF’s Cyber Security Center.
The report states that awareness and preparedness will help organizations balance the value of new technology against the cyber risk that comes with it.
It highlighted the need to address the shortage of talent and skilled experts. A significant 34 percent of cybersecurity experts said their team lacked some skills, while 14 percent said they lacked a critical skill.
The problem is more pronounced in key sectors such as energy utilities, where nearly 25 percent of cybersecurity experts surveyed say they lack the critical skills needed to protect their organizations’ operations.
Addressing this problem requires expanding the cybersecurity talent pool, according to “Global Cyber Security Outlook 2023,” written in collaboration with Accenture.
There are many successful cyber security skills programs running around the world, but many have difficulty scaling to large numbers. Greater cross-industry collaboration and public-private partnerships are needed to overcome this challenge.
Geopolitics is reshaping the legal, regulatory and technological environment. “As global instability exacerbates cyber risk, this report calls for a renewed focus on cooperation,” said Jeremy Jurgens, WEF Managing Director.
“All stakeholders from the public and private sectors who are responsible for our common digital infrastructure must work together to build security, resilience and trust.”
A WEF news release coinciding with the launch of the “Global Cyber Security Outlook 2023” highlights key industry figures on a range of topics.
“Research shows that business leaders are now more aware of their organizations’ cyber risks. However, it is important to assess and translate business risk into actionable next steps across the entire organization,” said Paolo Dal Cine, Global Lead, Accenture Security need to move forward.”
“Long-term cyber resilience requires a closely coordinated team effort across the C-suite to gain a clear view of cyber risks so that security is embedded into all strategic business priorities and the digital core is protected Can go As our digitally connected world continues to expand, now is the time to build a cyber resilient business for customers, employees and supply chain partners.
Commenting on the skills gap, Ken Zee, Fortinet’s Chairman of the Board and CEO, said: “The threat landscape continues to expand and evolve with cyber adversaries targeting organizations of all sizes, locations and industries around the world.
“Disruption of operations or services against the backdrop of global skills gap and compromise of data due to cyber attack puts every individual, organization and even nation at risk. We see more progress in the fight against cybercrime when we work together to encourage best practices.
“Shared data and trusted global partnerships can enable more effective responses and better predict future attack strategies to prevent adversary attempts.”
Leaders are now more likely than a year ago to view data privacy laws and cyber security regulations as an effective tool for mitigating cyber risks in the region. But speed is clearly an issue.
On the question of regulation, Hoda Al-Khazaimi, director of the Cyber Security Center and founder and director of AmartSec at New York University, Abu Dhabi, said: “Standardisation may take 18 months but cyberattacks take seconds. The speed at which emerging technologies implemented, it often trumps our ability to build security measures around them. If organizations are to be cyber-resilient, we need to go beyond simple compliance with regulations.”
Underscoring the importance of investing in cyber security, Nikesh Arora, CEO and President of Palo Alto Networks, said: “Cyber attackers do not rest against macro-economic challenges, they inflict a double whammy on them. Which is not powered by AI and automation.
“As companies accelerate their digital transformation journey, it is time to re-imagine and invest in cyber security architecture – intelligent platforms. Boards and the C-suite must adopt a strategy that transforms cyber security operations From innovation to being deeply embedded throughout the enterprise, only then will organizations be able to create a state of resilience that enables, not hinders, their strategic business outcomes.
According to the “Global Cyber Security Outlook 2023” report, a long, vexing challenge is how to price cyber security. It quoted one survey respondent as saying: “Board members are interested in investing in risk, opportunities and costs.
“We need to better answer the questions, what is the return? How do I know this is a good investment among the myriad things I could potentially be invested in? How can we improve creating effective metrics to help boards make better informed decisions?”
Cyber security is also influencing strategic business decisions, with 50 percent of participants in the research saying it was a consideration when evaluating which countries to invest in and do business with.
Compared to the previous year, the report found that board-level executives are more likely to prioritize cyber risk and are more aware of their role in addressing it. This has led to increased conversations with cybersecurity leaders, “Cyber leaders, business leaders and boards of directors are now communicating more directly and more.” The bad news is that they “continue to speak different languages.”
According to the report, too often when security and business leaders discuss cyber security, the rapidly evolving landscape of cyber risks gets lost in translation. Chief information security officers may fail to articulate the complex data they collect – risk points, threat factors, mapping criminal operations – into an accessible story that results in specific mitigation actions in their organizations.
Instead, they need to tell stories that align with their corporate and business priorities. “Boards must be presented with a cyber currency that aligns with the expectations of customers and executives and helps address the challenges of the regional ecosystem,” said Christophe Blasseau, Senior Vice President of Cyber Security and Global Chief Information Security Officer at Schneider Electric. Help.”
Despite this challenge, the “Global Cyber Security Outlook 2023” reports that the disconnect between cyber security managers and business executives has begun to close. Both experience increasingly high degrees of risk exposure and are allocating more resources to coordinate responses in an effective manner, adding that the priority today is on speed.