February 3, 2017 By Christophe Veltsos 2 min read

On Jan. 11, the World Economic Forum (WEF) published “The Global Risks Report 2017.” As we did for the 2016 edition, we dug in this year’s report to analyze key findings as they relate to cybersecurity.

Digging Into WEF’s ‘Global Risks Report’

The report tracked top risks from the past 10 years. While cyberattacks ranked fourth in 2012 and fifth in 2014 in terms of likelihood, massive incidents of data fraud and theft occupied fifth place in the 2017 report.

In terms of impact, the 2014 edition listed critical information infrastructure breakdown as the fifth most impactful problem. In fact, that single entry was the only one across 50 cells of high-impact risks tracked for the past decade.

At first glance, the report indicated that cyber risks matter only marginally in terms of likelihood and very little in terms of impact. This, however, is misleading.

Technological Risks and Trends for 2017

Looking at the list of technological risks tracked for 2017, the report specifically mentioned:

  • Adverse consequences of technological advances;
  • Breakdown of critical information infrastructure and networks;
  • Large-scale cyberattacks; and
  • Massive incidents of data fraud and theft.

Among the many interesting diagrams in the report, the global risk landscape visual organizes risks across likelihood and negative impact. The chart showed that cyberattacks — along with terrorist attacks, data fraud/theft and natural disasters — are highly likely to occur. It also showed that cyberattacks rank high in terms of negative impact, just below infectious diseases, food and water crises, fiscal crises and the risks mentioned previously.

In many ways, the failure to register cyber as a top five risk is illustrative of the many unknowns the digital realm presents to global leaders, who often struggle to understand just how vulnerable we all are and how pervasive technology has become. With this pervasiveness comes dependency, a rising trend mentioned in the report. WEF also singled out emerging technologies, such as artificial intelligence, for their potential cybersecurity benefits.

Balancing Security and Government Reach

The report emphasized that cyberattacks and breaches have led many countries to enact tough national security and counterterrorism measures. That changes the rights of citizens and alters how governments work in the 21st century.

An accompanying article, titled “Weaponized AI, Digital Espionage and Other Technology Risks for 2017,” cautioned global firms about the potential loss of digital supply chain access due to the continued — and very much deserved — push for better security and privacy to protect citizens’ data. The article also highlighted concerns that aren’t new for security professionals, but are finally getting much needed global attention: Technology has created new opportunities for industrial espionage or sabotage from afar, as well as for the hacker-for-hire living next door.

Putting It All Into Perspective

The report should help cybersecurity professionals appreciate the challenges and risks facing the C-suite, board directors and world leaders. Cyber is but one wave in a raging storm of global uncertainty, and top executives have a lot on their plates. It is therefore critical to communicate cyber risks in terms of impact on business objectives.

If it feels like the 2017 WEF report is light on cyber, it is. But for many years, the organization has been urging government and business leaders to become more aware of security risks and the global need for cyber resilience in this age of hyperconnectivity.

More from Risk Management

Back to basics: Better security in the AI era

4 min read - The rise of artificial intelligence (AI), large language models (LLM) and IoT solutions has created a new security landscape. From generative AI tools that can be taught to create malicious code to the exploitation of connected devices as a way for attackers to move laterally across networks, enterprise IT teams find themselves constantly running to catch up. According to the Google Cloud Cybersecurity Forecast 2024 report, companies should anticipate a surge in attacks powered by generative AI tools and LLMs…

Mapping attacks on generative AI to business impact

5 min read - In recent months, we’ve seen government and business leaders put an increased focus on securing AI models. If generative AI is the next big platform to transform the services and functions on which society as a whole depends, ensuring that technology is trusted and secure must be businesses’ top priority. While generative AI adoption is in its nascent stages, we must establish effective strategies to secure it from the onset. The IBM Institute for Business Value found that despite 64%…

Ermac malware: The other side of the code

6 min read - When the Cerberus code was leaked in late 2020, IBM Trusteer researchers projected that a new Cerberus mutation was just a matter of time. Multiple actors used the leaked Cerberus code but without significant changes to the malware. However, the MalwareHunterTeam discovered a new variant of Cerberus — known as Ermac (also known as Hook) — in late September of 2022.To better understand the new version of Cerberus, we can attempt to shed light on the behind-the-scenes operations of the…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today