- Security TWENTY
- Women in Security
Failing to improve cyber security could cost the world economy and lead to more frequent cyberattacks, according to a new report released by the World Economic Forum with the management consultancy McKinsey & Company, ahead of the Swiss-based forum’s Annual Meeting 2014.
The Risk and Responsibility in a Hyperconnected World report addresses options that institutions can take to improve cyber resilience and mitigate the economic and strategic impact of such attacks. With the recent proliferation of cyberattacks, corporate executives need to devote increasing attention to protecting information assets and on-line operations.
The report notes that major technology trends, including massive analytics, cloud computing and big data, could create between US$ 9.6 trillion and $US 21.6 trillion in value for the global economy. However, if attacker sophistication outpaces defender capabilities – resulting in more destructive attacks – a wave of new regulations and corporate policies could slow innovation, with an aggregate impact of about US$ 3 trillion by 2020.
Alan Marcus, Senior Director and Head of Information Technology and Telecommunications Industries at the World Economic Forum USA, said: “Developing resilience to cyber risks in our economic and social systems is not a question of simply building walls for security. There are trade-offs to be made with other goals we wish to value, such as privacy, growth, innovation, and the free flow of goods and data. But to make good decisions, we need better data.”
To protect against the strategic and economic effects of such attacks, the report outlines ways to build awareness, understanding and action with public and private sector leaders. It also assesses the economic impact of concerns around cyber risks and proposes a global framework aimed at coordinating collaboration and provides a capabilities based-map for businesses and governments.
James Kaplan, a Partner at McKinsey & Company, said: “There needs to be a fundamental change in the way we protect ourselves from cyber attacks. Check-the-box compliance-based approaches simply don’t work anymore. Companies and public institutions need to build cybersecurity capabilities that are scalable, deeply integrated into the broader IT environment and focused on addressing the more important business risks.”
The report draws on knowledge and opinions derived from a series of workshops and interviews from over 300 top global executives, government, civil society and experts from different sectors. It also includes additional survey data on cyber resilience capabilities, and provides a roadmap for collaborative action with which participants can gauge their current level of cyber risk capability and improve their readiness.
About the WEF
The World Economic Forum’s Risk and Responsibility in a Hyperconnected World project is a global, multi-industry, multistakeholder endeavour to improve cyber resilience, raise business standards and contribute to a safer and stronger connected society. A series of workshops have advanced the discussion to produce valuable guidelines and best practice principles for leaders titled the Principles and Guidelines for Cyber Resilience. Today, the partnership comprises more than 100 signatories.