There are significant differences in risk perceptions across the eight regions covered in the World Economic Forum. Over 12,000 executives highlighted concerns ranging from economic to political, societal and technological. Unemployment, failure of national governance and energy price shocks were among the top worries of executives across various regions.

Cyber attacks are the number one risk in Europe, East Asia and the Pacific and North America. This points to growing concerns about technological risks – cyber attacks were the top risk in two regions, according to the 2017 survey (East Asia and the Pacific and North America), and only one region in 2016 (North America).

Strengthening cyber resilience

“Cyber attacks are seen as the number one risk for doing business in markets that account for 50% of global GDP. This strongly suggests that governments and businesses need to strengthen cyber security and resilience in order to maintain confidence in a highly connected digital economy,” said Lori Bailey, Global Head of Cyber Risk, Zurich Insurance Group.

“Businesses are right to be concerned by the prospect of cyber attacks threatening them over the next ten years. Be it HR professionals opening infected CV’s from unknown sources, or employees clicking links on malware-riddled social media sites on their lunch break, users provide hackers with an easy route to bypass security,” Fraser Kyne, EMEA CTO at Bromium told Help Net Security.

Current protection methods are flawed

“These simple attack methods are still effective because the architecture cyber security is built on is fundamentally flawed, as it overwhelmingly relies on detecting these threats. Even the more sophisticated detection-based tools that utilise machine learning, AI and behavioural analytics to identify anomalies and patterns can potentially struggle to determine what is good and what is bad.

“If businesses are to truly mitigate the risk of cyber attacks over the next decade, they need to drastically diversify their defences. A new approach is needed to mitigate the risk of cyber attacks, one that provides effective isolation of threats, not just identification of threats. By adopting layered cyber security defences that utilise application isolation, organisations can ensure they are better prepared to cope with the threats they will face over the coming years,” Kyne concluded.

Source: Help Net Security