Cyber-security on CEOs’ agenda
Data-driven world also means heightened risk of theft EXPERT VIEW
The flipside of a data-driven world is that there is more risk than ever before that personal data will be stolen — and that means business leaders must take strict action.
The beginning of every year marks the descent of the world’s political and business leaders on Davos, Switzerland, for the World Economic Forum. The forum sets the tone for the year’s geopolitical and economic climate, with the aim of provoking thoughts and actions that improve the state of the world.
Last year, the theme for the event was ‘Responsive and Responsible Leadership’. Looking back at 2017, it was certainly a trying year for both political and business leaders. As politicians struggled to tackle the rise of state-sponsored hacking, business leaders continued to grapple with a huge increase in cyber-security attacks.
This year, the theme reaffirms the need for cooperation to ‘Create a Shared Future in a Fractured World’. Looking beyond the clear social implications of 2018’s fractured world, there is another force that brings both opportunities and risks for society: technology.
Technology presents extraordinary avenues to improve people’s lives, especially in emerging markets. However, there is a common threat underpinning each technological advancement in our lives which can be summed up in a word synonymous with fracture: hacking.
With General Data Protection Regulation coming into effect in March, and governing bodies across the world scrambling to create regulation that can accelerate at the same rate as technological innovation, will 2018 be the year that cyber-security finally gets the attention it deserves?
‘Shared future in a fractured world’
In recent years, the concept of ‘sharing’ has become problematic, especially when data is involved. The value of data to businesses has increased exponentially.
Ginnie Rometty, CEO at IBM, wrote from Davos that data is now ‘key to competitive advantage.’ According to their research, only 20 per cent of the world’s data is publicly searchable. The remaining 80 per cent of this global data is sitting on private servers, the majority of which are owned by businesses. Sharing this data and pairing it with advanced artificial intelligence and machine learning could unlock all kinds of benefits for businesses and society.
However, as Rometty points out, the flipside of a data-driven world is that there is more risk than ever before that personal data will be stolen. The result of this is that malicious third parties can use personal data to target individuals for cyber-crime.
According to the WEF Risks Report, cyber-security was cited as the third mostlikely risk facing the world according to the 1,000 decision-makers surveyed, with data fraud or theft sitting at number four. Looking at the report, these two issues are the most likely man-made events threatening today’s world, highlighting the very real threat that cyber-attack poses.
On the geopolitical stage, state-sponsored hacking has become an unnerving open secret, as the main weapon for destruction shifts from physical weapons to well-placed lines of code. A prime example of this is seen in the wake of large-scale cyber-attacks originating from North Korea, who most recently have been using a form of malware called Fallchill that infiltrates aerospace and telecom networks.
Why cyber-security is key in 2018
This isn’t just a problem for the government. If reports are to be believed, the main targets for hackers aren’t cash-strapped governments, they are large companies with enough money to pay crypto-currency ransoms that further fund their operation. Crippling cyberattacks on a global scale have increased over the last year, including the WannaCry and NotPetya incidents.
For businesses, prolonged cyber-attacks such as these present a large cost, reputationally and financially. According to a recent study by Accenture, the average annual cost of cyber-security for organisations is now $11.7 million.
Given the perceived likelihood of cybercrime highlighted in the risks report, cybersecurity is an issue that businesses will inevitably need to deal with. The Accenture report supports this by citing that the average annual number of security breaches has increased by 27.4 per cent. This makes it a crucial action point for the CEO, especially as levels of innovation and automation continue to accelerate, resulting in their critical assets being tied up in technology.
CEOs are responsible for setting the vision and expectations for their employees. This is especially important in our current cybersecurity climate. Data from Willis Towers Watson’s cyber- insurance claims identifies employee negligence or malfeasance as an overwhelming source of breaches. If cybersecurity isn’t on the CEOs agenda, they can’t expect it to be on their employees’ agenda.
The good news is that organisations like WEF are building the infrastructure and tools we need to tackle this growing crisis. The new Global Centre for Cyber-security announced at the event in Davos will serve as a global platform for creating a safe and secure global cyber-space.
There is a growing feeling that we can no longer delay our response to the threat of cyber-security. Alois Zwinggi, managing director at the WEEF and head of the Global Centre for Cyber-security, was strong in the proclamation that failure to act now could result in a ‘digital dark age’.
In 2018 increased pressure from regulation and consumers will mean that there are no more excuses or apologies. If security isn’t a priority this year, your organisation risks being faced with the hefty bill for a deliberate oversight. The writer is chief digital officer at Tata Communications. Views expressed are his own and do not reflect the newspaper’s policies.