By Akshai Joshi, Head of Industry and Partnerships, Centre for Cybersecurity, World Economic Forum.
- According to the World Economic Forum’s Global Risks Report 2024, cyber insecurity is a global risk over multiple time horizons, with risks including malware, deepfakes and misinformation.
- Cyber inequity is growing, while an increase in digital devices and online presence means cyber risks will rise exponentially.
- Attendees at Davos ’24, this year’s annual meeting, discussed concerns surrounding cyber security in the coming year and beyond.
Cyber security is at the forefront of our AI future, agreed experts at this year’s annual meeting… Indeed, a race is afoot between cyber defenders and attackers; the “good guys” and the “bad guys.” Who’s winning is a question that was hotly debated.
Findings from the World Economic Forum’s Global Cybersecurity Outlook 2024 are sobering…
Significant cyber threat
Over a third of organizations have suffered a material cyber incident…in the last year. The threat landscape is vast, complex and rapidly evolving. Security teams are up against a relentless, complex, and sophisticated volley of breach attempts, ransomware and phishing attacks.
Indeed, according to the Forum’s Global Risks Report 2024, cyber insecurity is a global risk over multiple time horizons. Cyber risks such as malware, deepfakes and misinformation threaten supply chains, financial stability and democracy.
In a year where nearly 4 billion people will go to the polls, amid the growing threat of mis-and disinformation urgent action is required to safeguard the integrity of democratic processes. Fortunately, as heard through various sessions at the annual meeting, decision-makers are coming together to address these cross-national, multi-layer threats.
Preparing for the future means preparing for multiple different future scenarios. How can global leaders cooperate to build cyber resilience and ensure that the defenders win? Below are the week’s key insights and considerations…
Growing cyber chasm
There is growing cyber inequity between organizations that are cyber-resilient and those that are not. This mismatch creates a major economic divide between the largest and most developed economies – who reap the rewards of new technologies – and less developed nations, sectors and communities who continue to fall behind.
More than 100 executives surveyed at this year’s Annual Meeting on Cybersecurity called for urgent action to address growing cyber inequity, which poses a systemic threat in the age of interdependence. Without work to close this inequity, “these risks will fall on the balance sheet of the public sector,” said John Doyle, president and chief executive officer at Marsh McLennan.
Cyber criminals do not know national borders and so this work requires a global coordinated response. In January 2023, the Forum’s Partnership Against Cybercrime members launched the Cybercrime Atlas initiative to map and better understand the cyber criminal ecosystem.
The cyber skills gap
There is a significant cyber skills gap, which continues to widen at an alarming rate.
Leaders must take action to invest in cyber skills across organizations. As Sadie Creese, Professor of Cybersecurity at the University of Oxford, said, “Investing in cyber-risk fitness in our leaders” is a good place to start. There is also scope for corporate boards and government oversight bodies to update their knowledge by ensuring cyber experts regularly brief them. At the employee level, the goal should be to ensure that all frontline staff cover the cyber security basics well. In considering the cyber-skills gap, the biggest challenge is time.
“To upskill, you can’t use traditional educational processes. You have to think, ‘How might we be attacked?'” said Debjani Ghosh, president of the Indian trade association NASSCOM. She gave the example of CyberShikshaa, a short course initiative in India training women in cyber skills.
Speakers shared the conviction that building capabilities will be a collaborative global effort. The Forum’s Bridging the Cyber Skills Gap initiative is already working to build a strategic cyber security talent framework.
Strategic imperative
The battle for better cyber security is just beginning and its role as a strategic imperative will only intensify.
By 2030, the number of people online is set to surge. For cyber security, the attack surface is growing exponentially; therefore, pace and scale will be as important as any technological capabilities…
Emerging technologies may amplify the risks. “Quantum is going to create a cyber security Armageddon,” said Ana Paula Assis, chairman of the EMEA division at IBM. But new technology can also amplify the capacity of cyber defenders. The Forum, in collaboration with the Financial Conduct Authority U.K., recently launched a whitepaper outlining guiding principles and a roadmap to ensure a quantum-secure financial sector. It is in this complex space that convergence becomes important…
Trust, tempo and talent
These insights from Davos 2024 echo the findings of the whitepaper Cybersecurity Futures 2030: New Foundations, published by the Forum with the Centre for Long-Term Cybersecurity at U.C. Berkeley.
Global cyber security can be achieved by aiming for the three “Ts” of cyber security: trust, tempo and talent. The online spread of mis- and disinformation is now a core cyber security concern.
Stemming the growing gap in cyber inequity will be a crucial goal of cyber security efforts over the next decade. In so doing, cyber defenders must keep up with the speed of innovation.
Regarding talent, cyber is not just about technical talent. Multiple skill sets will be required to build cyber resilience and combat malicious actors worldwide. All this is to ensure we preserve trust in our shared digital future.
This article was originally published by the World Economic Forum and has been reprinted with permission.