Cyber security, risk and privacy hot topics at 2014 World Economic Forum

Cyber Security a hot topic at the WEFOnce a year, world leaders and business executives gather in Davos, Switzerland to discuss political and economic issues of global importance at the World Economic Forum (WEF). This meeting occurred last week, and I was pleased to see that cyber security and privacy were common topics in formal and informal discussions. After all, recent incidents like the Target and Adobe breaches, and the Snowden leaks/ NSA security scandal have played out on the international stage and have guaranteed that cyber security will become an important issue for all leaders in 2014.

WEF issues two reports on cyber risk

On January 20, 2014, just a few days before the official start of the Davos event, the WEF, in partnership with McKinsey & Company, issued new research on cyber risk. Risk and Responsibility in a Hyperconnected World (pdf) discusses the need to improve our ability to deal with cyber attacks. According to the report, failure to improve cyber security on a global scale could cost the world economy trillions of dollars in economic value and lead to more frequent cyber attacks. In a press release from the WEF, Alan Marcus, Senior Director and Head of Information Technology and Telecommunications Industries at the World Economic Forum USA, stated “Developing resilience to cyber risks in our economic and social systems is not a question of simply building walls for security. There are trade-offs to be made with other goals we wish to value, such as privacy, growth, innovation, and the free flow of goods and data. But to make good decisions, we need better data.” Since analyzing vast amounts of data to make better security decision is what BitSight is all about, I wholeheartedly agree with Mr. Marcus’ statement.

Developed independently, the WEF's Global Risks Report 2014 (pdf) explored the worst-case scenario of a chronic breakdown of security, or so-called "cybergeddon", where hackers would gain the upper hand on legitimate users and major disruptions would become commonplace. The report states,“The world may be only one disruptive technology away from attackers gaining a runaway advantage, meaning the Internet would cease to be a trusted medium for communication or commerce. Fresh thinking at all levels on how to preserve, protect and govern the common good of a trusted cyberspace must be developed.” This emphasizes why it’s so important that countries devote resources towards developing new technologies that can help to foster transparency and aid organizations in their efforts to defend themselves across the extended enterprise.

Executives call for increased transparency in data collection & usage

Highlighting just how important cyber security and privacy was to the attendees, Salesforce CEO Marc Benioff said,"There's never been a more exciting time. It's usually the Nobel laureates at the World Economic Forum doing the economic review and we took their spot this year because technology is really important."

Several high-profile CEO’s participated in these conversations. Exploring how much privacy people need to give up in order to be protected, Yahoo’s President and CEO, Marissa Mayer, called upon governments to provide transparency around the data they gather and how they use it. Brad Smith, General Counsel for Microsoft, said that there are “alternative ways” of safeguarding public safety other than government “fishing expeditions”. He also called for more transparency from technology companies so that consumers can understand how their data is being used. The incoming CEO of Wal-mart, Doug McMillon, was also on hand. He explained that as Wal-mart becomes more of a technology centric company, they walk a fine line between using data to create a better customer experience and not creeping their customers out,“We have to do it in a way that makes people comfortable and builds trust as we go.”

A reminder that even the WEF is vulnerable

Certainly not the conclusion the WEF was hoping for, the event ended with a reminder of how serious an issue cyber security has become. After stating “that a failure to deliver a robust, co-ordinated approach to cybersecurity could cost the world up to $3 trillion”, the organization itself was found lacking when it was discovered that a security flaw on its website had exposed the email addresses of attendee’s for over a week.

Such an incident really drives home how essential it is that the whole world become involved in finding a solution to our cyber security issues. We hope that this forum was the beginning of a much broader global discussion and a continued exchange of ideas on how to combat cyber threats and protect consumer and business data. Most importantly, we hope that this will foster international cooperation to identify and mitigate threats and increase transparency across the board, so we can truly start to use data to our advantage in order to protect and serve us all.