MSPs are usually involved in the daily grind of warding off cybercriminals who resort to phishing attempts or DDoS attacks, but what if something much more sinister was lurking out there? According to the World Economic Forum’s Global Cybersecurity Outlook 2023, something just might be, and the organization’s dire warnings set off discussion and alarm bells across the globe.
However, after digging into the report and talking with outside experts there is some reason for optimism, despite the grim headlines.
A catastrophic mutating event will strike the world in 2 years, report says
Popular Mechanics summarized the World Economic Forum’s report and there were other headlines screaming similar warnings. But what exactly did the report say? It can be summed up in one statement that caused most of the concern:
Global geopolitical instability has helped to close the perception gap between business and cyber leaders’ views on the importance of cyber risk management, with 91 percent of all respondents believing that a far-reaching, catastrophic cyber event is at least somewhat likely in the next two years.
“That is a survey result, not the gospel. You could probably take a survey of people in California and get 90 percent believing a major earthquake could strike within two years, but that doesn’t mean one will,” explains Troy Dennis, a cybersecurity analyst in Los Angeles. Dennis says this report does spark discussion, which is a positive thing.
Survey findings should incentivize preparation
“I don’t think people should panic because a survey shows a large segment of experts are worried about a catastrophic cyber event. I do think, just like worrying about an earthquake, you should use the report as an incentive to get prepared,” Dennis advises. “If the report and the inaccurate headlines that have appeared in some places cause people to discuss the issue of cybersecurity, that is not a bad thing.”
Digging into that 91 percent statistic even more, it shows that the anxiety of business leaders centers almost solely around geopolitical uncertainty. Will the conflict in Ukraine spill over to other areas? The report surveys business and cybersecurity leaders and does find gaps between the thinking of the groups that the forum is trying to address. The report also concludes that progress is being made:
The 2023 Global Cybersecurity Outlook study showed that the profound disconnect between how cyber leaders and business leaders perceive cyber issues – a core finding of the 2022 edition of this report – has begun to close.
Increased awareness is closing cybersecurity perception gaps
The World Economic Report says that discussion and awareness around cybersecurity issues are increasing, which is helping to close the gap.
Overall, the study indicates that business leaders are more aware of their organizations’ cyber issues than they were a year ago. They are also more willing to address those risks. Nonetheless, cyber leaders still struggle to articulate clearly the threat that cyber issues pose to their organizations in a language that their business counterparts fully understand and can act upon. As a result, agreeing on how best to address cyber risk remains a challenge for organizational leaders.
“This is where MSPs, CISO’s, and other stakeholders need to illustrate risks better. Everyone can understand the analogy of an earthquake. Often a busy CEO or comptroller wants to know the ROI from the expenditure. If you lose them, they don’t care about the granular minutiae of cybersecurity. You have to make them understand with analogies like this,” Dennis states.
Statistics point to growing acceptance of cybersecurity regulations
Meanwhile, here are some other statistics from the report, which you can read for yourself here:
- 73 percent of respondents think a more robust regulatory environment will help strengthen cybersecurity.
- 36 percent agree that their organization is cyber resilient.
- 59 percent of businesses and 64 percent of cyber leaders ranked talent recruitment and retention as a critical challenge for managing cyber resilience.
“There are a lot of interesting statistics in the report, but the growing acceptance of the effectiveness of regulation is noteworthy,” says Dennis, “it shows there is perhaps a more muscular role for government in cybersecurity.”
Read the report, take a breath, and use it as a reminder to tend to the fundamentals of cybersecurity.
“Most breaches and attacks are the result of the basics not being taken care of,” Dennis warns.
Photo: Blue Planet Studio / Shutterstock