February 3, 2017 By Christophe Veltsos 2 min read

On Jan. 11, the World Economic Forum (WEF) published “The Global Risks Report 2017.” As we did for the 2016 edition, we dug in this year’s report to analyze key findings as they relate to cybersecurity.

Digging Into WEF’s ‘Global Risks Report’

The report tracked top risks from the past 10 years. While cyberattacks ranked fourth in 2012 and fifth in 2014 in terms of likelihood, massive incidents of data fraud and theft occupied fifth place in the 2017 report.

In terms of impact, the 2014 edition listed critical information infrastructure breakdown as the fifth most impactful problem. In fact, that single entry was the only one across 50 cells of high-impact risks tracked for the past decade.

At first glance, the report indicated that cyber risks matter only marginally in terms of likelihood and very little in terms of impact. This, however, is misleading.

Technological Risks and Trends for 2017

Looking at the list of technological risks tracked for 2017, the report specifically mentioned:

  • Adverse consequences of technological advances;
  • Breakdown of critical information infrastructure and networks;
  • Large-scale cyberattacks; and
  • Massive incidents of data fraud and theft.

Among the many interesting diagrams in the report, the global risk landscape visual organizes risks across likelihood and negative impact. The chart showed that cyberattacks — along with terrorist attacks, data fraud/theft and natural disasters — are highly likely to occur. It also showed that cyberattacks rank high in terms of negative impact, just below infectious diseases, food and water crises, fiscal crises and the risks mentioned previously.

In many ways, the failure to register cyber as a top five risk is illustrative of the many unknowns the digital realm presents to global leaders, who often struggle to understand just how vulnerable we all are and how pervasive technology has become. With this pervasiveness comes dependency, a rising trend mentioned in the report. WEF also singled out emerging technologies, such as artificial intelligence, for their potential cybersecurity benefits.

Balancing Security and Government Reach

The report emphasized that cyberattacks and breaches have led many countries to enact tough national security and counterterrorism measures. That changes the rights of citizens and alters how governments work in the 21st century.

An accompanying article, titled “Weaponized AI, Digital Espionage and Other Technology Risks for 2017,” cautioned global firms about the potential loss of digital supply chain access due to the continued — and very much deserved — push for better security and privacy to protect citizens’ data. The article also highlighted concerns that aren’t new for security professionals, but are finally getting much needed global attention: Technology has created new opportunities for industrial espionage or sabotage from afar, as well as for the hacker-for-hire living next door.

Putting It All Into Perspective

The report should help cybersecurity professionals appreciate the challenges and risks facing the C-suite, board directors and world leaders. Cyber is but one wave in a raging storm of global uncertainty, and top executives have a lot on their plates. It is therefore critical to communicate cyber risks in terms of impact on business objectives.

If it feels like the 2017 WEF report is light on cyber, it is. But for many years, the organization has been urging government and business leaders to become more aware of security risks and the global need for cyber resilience in this age of hyperconnectivity.

More from Risk Management

How will the Merck settlement affect the insurance industry?

3 min read - A major shift in how cyber insurance works started with an attack on the pharmaceutical giant Merck. Or did it start somewhere else?In June 2017, the NotPetya incident hit some 40,000 Merck computers, destroying data and forcing a months-long recovery process. The attack affected thousands of multinational companies, including Mondelēz and Maersk. In total, the malware caused roughly $10 billion in damage.NotPetya malware exploited two Windows vulnerabilities: EternalBlue, a digital skeleton key leaked from the NSA, and Mimikatz, an exploit…

ICS CERT predictions for 2024: What you need to know

4 min read - As we work through the first quarter of 2024, various sectors are continuously adapting to increasingly complex cybersecurity threats. Sectors like healthcare, finance, energy and transportation are all regularly widening their digital infrastructure, resulting in larger attack surfaces and greater risk exposure.Kaspersky just released their ICS CERT Predictions for this year, outlining the key cybersecurity challenges industrial enterprises will face in the year ahead. The forecasts emphasize the persistent nature of ransomware threats, the increasing prevalence of cosmopolitical hacktivism, insights…

How I got started: Ransomware negotiator

4 min read - Specialized roles in cybersecurity are proliferating, which isn’t surprising given the evolving threat landscape and the devastating impact of ransomware on many businesses.Among these roles, ransomware negotiators are becoming more and more crucial. These negotiators operate on the front lines of cyber defense, engaging directly with cyber criminals to mitigate the impact of ransomware attacks on organizations.Ransomware negotiators possess a unique blend of technical expertise, psychological insight and negotiation skills that allow them to navigate the high-stakes environment of ransomware…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today