The World Economic Forum (WEF) recently published the Global Cybersecurity Outlook 2022. The report identifies the trends and analyses the near-term future cybersecurity challenges. Due to the COVID-19 pandemic, the accelerated shift to remote working, along with recent high-profile cyberattacks, resulted in bringing cybersecurity top of mind among key decision-makers in organisations and nations.
About the Global Cybersecurity Outlook 2022
On 18 January 2022, the World Economic Forum (WEF) has released the first-ever Global Cybersecurity Outlook report during its online Davos Agenda summit. It presented findings on how to shift from cybersecurity to cyber resilience.
In 2021, the World Economic Forum Centre for Cybersecurity engaged over 120 global cyber leaders to generate high-level insights on emerging cyber threats.
The World Economic Forum Centre for Cybersecurity held this survey in collaboration with the consultancy firm Accenture.
Global Cybersecurity Outlook report aims to provide an in-depth analysis of the challenges that security leaders are dealing with, the approaches they are taking to stay ahead of cybercriminals and the measure they are implementing to enhance cyber resilience.
- Insights for the Global Cybersecurity Outlook 2022 were gathered from four sources, which were:
- A survey of global cyber leaders;
- Cyber Outlook Series sessions conducted by World Economic Forum throughout 2021;
- The team held multiple interviews with the experts and bilateral meetings;
- Data has been collected from reports, research, and articles published by the World Economic Forum and reputable third parties.
The report uses a retrospective analysis of the recent year to share the details and concerns of cyber leaders with one objective, that is, helping the decision-makers prepare for the next generation of cyberattacks.
Key Highlights of the Global Cybersecurity Outlook 2022
The accelerating pace of digitalisation, fuelled by the COVID-19 pandemic, has led to a record-breaking year for cybercrime. The global digital economy had surged during the Coronavirus pandemic, but so has cybercrime.
In 2021, the ransomware attacks had significantly increased, with global ransomware attack volume increasing by 151%. There was an average of 270 attacks per organisation.
As per the survey, 59% of the cyber leaders believe that cyber resilience and cybersecurity are synonymous with the differences not well understood.
81% of the respondents believed that digital transformation is the leading driver in improving cyber resilience.
As many as 87% of the executives are planning to improve cyber resilience at their organisation by strengthening resilience processes, policies, and standards for how to engage & manage third parties.
Addressing gaps in cyber resilience
The research revealed three critical perception gaps between security-focused executives and business executives. The organisations are lagging in the following areas:
- Prioritizing cyber security in Business Decisions: while 92% of the business executives surveyed agree that cyber resilience is integrated into enterprise risk-management strategies, only 55% of security-focused leaders surveyed agree with the statement.
- Gaining leadership support for cybersecurity: 84% of the respondents share that cyber resilience is considered a business priority in their organisation with support and direction from leadership, but 68% see cyber resilience as a vital part of their overall risk management.
- Due to this misalignment, many security leaders still express that they are not consulted in business decisions, resulting in less secure decisions and security issues.
- Recruiting and retaining cybersecurity talent: The survey found that 59% of all respondents would find it challenging to respond to a cybersecurity incident due to a shortage of skills within their team.
Major cybersecurity attacks
- Ransomware: 80% of the cyber leaders stressed that ransomware is a dangerous and evolving threat to public safety. Ransomware attacks are increasing in frequency and sophistication.
- Social engineering attacks: As per the survey, social engineering attacks are the second-highest concern for cyber leaders when it comes to cyber threats.
- Malicious insider activity: A malicious insider is defined as an organisation current or former employees, contractors, or trusted business partners, who misuse their authorised access to critical assets in a manner that negatively affects the organisation.
Cyber resilience of small and medium businesses
- As per the research, 88% of respondents indicate that they are concerned about the cyber resilience of small & medium-sized enterprises (SMEs) in their ecosystem. SMEs are seen as a critical threat to supply chains, partner networks and ecosystems.
- Cyber leaders have indicated that clear and productive regulations are needed to allow and encourage information sharing and collaboration.
Influence on cyber security
- As per the report, the two factors that have the greatest influence on cybersecurity are:
- Automation and machine learning (48%).
- Remote and hybrid work environment (28%).
Estimated amount of data created on the internet in one minute
- Youtube upload: 500 hours of content uploaded
- Email sent: 197 million
- Whatsapp messages sent: 69 million
- Linkedin connections made: 9,132
- Instagram stories shared: 6,95,000
- Tinder swipes: 2 million
- Twitch swipes: 2 million
- TikTok downloads: 5,000
- Netflix subscribers: 28,000 watching
- Amount spent online: 1.6 million USD
Concerns
- As per the report, 42% of the infrastructure is broken down by cyber-attacks.
- 24% of the cyber-attacks are identity thefts.
- 20% of the cyber-attacks were ransomware attacks.
- 10% of personal assets are lost.
- 55% of organisations across the world were affected by cyber-attacks in 2021.