“In a world of complex and interconnected systems, feedback loops, threshold effects and cascading disruptions can lead to sudden and dramatic breakdowns.” — The World Economic Forum’s “Global Risks Report 2018”

First came the New Year’s Eve parties, followed by New Year’s resolutions and, finally, the annual meeting of global elites at the World Economic Forum (WEF) in Davos, Switzerland, on January 23–26. Just ahead of the event, the WEF released its “Global Risks Report 2018,” a compendium of data points and analysis about the state of economic health around the world.

The report, partly based on a survey of about 1,000 of its members conducted during the second half of 2017, covers all major categories of risk, including economic, environmental, geopolitical, societal and technological. The top four concerns include recurring themes, such as inequality and unfairness, political tensions within and between countries, the environment, and cyber vulnerabilities. It is across this spectrum of global risks that the report warns of “the increased dangers of systemic breakdown,” due in part to our increasing dependence on technology.

A Sharpened Focus on Cyber Risks

For the first time in the history of the “Global Risks Report,” two technological threats — cyberattacks and data fraud or theft — ranked in the top five risks by likelihood. Cyberattacks also figured high on the impact side, coming in sixth place. The report warned of the dangers that await if global leaders don’t take stock of the issues and become more engaged in improving policies, communication, coordination and risk decisions.

As many organizations have found out the hard way in 2017, cybercriminals have access to a target space that is growing at an exponential pace. The report noted that attacks against businesses have doubled in the span of five years and are now considered part of the cost of doing business. Not surprisingly, the report mentioned the prevalence of ransomware in 2017, including mentions of WannaCry and NotPetya, and the significant costs and disruptions created by those events.

The Internet of Things (IoT) is also spotlighted in the report, but not for the technological advancements it provides. Instead, WEF noted that there are now already more IoT devices than people on the planet, and these devices, with their lack of out-of-the-box-security, have already been used to launch distributed denial-of-service (DDoS) attacks at 100 gigabits per second. These events are part of a growing tally of cybercrime costs that could reach $8 trillion by 2022. The report also pointed to increasing evidence of disruptions to systems and services “that keep societies functioning,” including critical infrastructure, government agencies, banks, telecommunications and transportation.

How Cyberthreats Fit Into the Larger Picture

Cyber risks are just one of the many categories of threats that society faces today. However, the 2018 report dedicated more attention to this increasingly important issue, warning of the fragility and instability of technological systems and highlighting the uncertainty that could result from their widespread failure. WEF called out the possibility of “asymmetric economic warfare” as our modern economies increasingly rely on new technologies to drive everything from manufacturing systems to remote healthcare, and the financial infrastructure that powers our online banking and investment transactions.

Addressing the Need for Better Risk Assessment and Management

As a global barometer of economic health and a repository of top concerns, the WEF report also recommended solutions that can help us avoid the cliff. While it noted that global risks are growing in complexity and becoming pervasive with a strong potential for cascading failures, it also emphasized the need for reactions and responses to be determined and coordinated from both a local and global perspective. As 2017 has shown, knowing how best to respond to a cyber crisis is as important as all the work done prior to a breach.

While global economies have improved their ability to measure and mitigate conventional risks, they struggle to understand and address the complex risks that are found at the intersection of the various systems that make our modern world possible. The report section titled “Future Shocks” features stories that illustrate the potential impact of widespread complacency and demonstrate how rapidly risks can propagate between systems and geographic regions.

Toward the end of the “Global Risks Report,” two short essays discussed the need for resilience in complex organizations and the dangers of cognitive bias in risk management. The first essay urged businesses to consider supplementing traditional risk assessments with a “resilience lens” that considers how to improve the organization’s ability to respond to risks.

The second argued that our current understanding of why people react strongly to certain risks but not others is incomplete. It also illustrated the dangers of anchoring and confirmation bias, highlighting top leadership’s tendency to “approach risk analysis as a standalone activity to be ticked off a list, but then fall short on mitigating the risks that their analysis has identified.”

Starting the Conversation With the ‘Global Risks Report’

The “Global Risks Report,” with its focus on world-scale economic opportunities and risks, is written for enterprise leaders in plain, business-friendly language. This year, cyberthreats figure prominently along the various global risks found in our increasingly complex and interconnected world. It makes it a perfect New Year’s gift for chief information security officers (CISOs) to share with their business leaders as a way to examine common concerns and build trust through stronger communication and engagement on a topic that is critical to the survival of organizations around the world.

Listen to the podcast series: Take Back Control of Your Cybersecurity Now

More from Risk Management

The Growing Risks of Shadow IT and SaaS Sprawl

4 min read - In today's fast-paced digital landscape, there is no shortage of apps and Software-as-a-Service (SaaS) solutions tailored to meet the diverse needs of businesses across different industries. This incredible array of options has revolutionized how we work, providing cost-effective and user-friendly tools that streamline tasks and boost productivity. However, this ever-expanding application ecosystem comes with its challenges: namely, shadow IT and SaaS sprawl. According to a recent study by Entrust, 77% of IT professionals are concerned about shadow IT becoming a…

Are you ready to build your organization’s digital trust?

4 min read - As organizations continue their digital transformation journey, they need to be able to trust that their digital assets are secure. That’s not easy in today’s environment, as the numbers and sophistication of cyberattacks increase and organizations face challenges from remote work and insider behavior. Digital trust can make your organization’s digital transformation stronger. A lack of digital trust can do irreparable harm. However, according to ISACA’s State of Digital Trust 2023 report, too many organizations struggle to define and implement…

Most organizations want security vendor consolidation

4 min read - Cybersecurity is complicated, to say the least. Maintaining a strong security posture goes far beyond knowing about attack groups and their devious TTPs. Merely understanding, coordinating and unifying security tools can be challenging. We quickly passed through the “not if, but when” stage of cyberattacks. Now, it’s commonplace for companies to have experienced multiple breaches. Today, cybersecurity has taken a seat in core business strategy discussions as the risks and costs have risen dramatically. For this reason, 75% of organizations…

How IBM secures the U.S. Open

2 min read - More than 15 million tennis fans around the world visited the US Open app and website this year, checking scores, poring over statistics and watching highlights from hundreds of matches over the two weeks of the tournament. To help develop this world-class digital experience, IBM Consulting worked closely with the USTA, developing powerful generative AI models that transform tennis data into insights and original content. Using IBM watsonx, a next-generation AI and data platform, the team built and managed the entire…