Cyber risk: Growing complexity demands a paradigm shift in thinking
With these sheer masses of search results which create even more inflationary usage, it is difficult to say which hot topics have substance and which are simply hot air.
The abundance of new word creations is straining to many. The IT visionary and critical thinker, Adam Greenfield, addresses this in his new book, “Radical Technologies: The Design of Everyday Life”. After all, we hardly understand anything about the complex technical systems that shape – and partially even dictate – our everyday life.
According to the author, it is not technology usage that is so overwhelming. Instead, it is the discrepancy between the digital world as a top-secret science and continuous, functional connectivity. All people must deal with this on their own. Depending on our location, for example, Google will recommend a restaurant around the corner – even if we are not hungry. Intelligent devices make the insinuation that they know what we want – not to mention, when we should work out in what intensity.
Smartphones already suggest the optimal route before we even know where we want to go next. Intelligent advertising spaces in a supermarket, train station or fast-food chain capture the age and gender of people going by, send custom advertisements, and record user reactions. Almost every object can deliver information in real time. This wonderful digital world is proof that the internet and digitalization have permeated almost every aspect of human life. The consequence of this hypermobile, 24/7 business, however, is a radical social, economic and cultural transformation.
The dark side of the digital world
In his 18th century book “Götz von Berlichingen”, Goethe said where the light is brightest, the shadow is deepest. This saying holds true for today’s hyperconnected, data-driven world. According to a global risk map in the annual Allianz Risk Barometer, cyber risk ranks as the top threat for Germany and the United Kingdom. Across the U.S. and Europe as a whole, cyber risk ranks second, topped only by business interruption. These vulnerabilities and disruptions to the business are not just caused by fires, explosions or natural disasters. New factors such as cyberattacks and geopolitical risk are coming to the forefront. The digital connections among companies, supply chains and machines are strengthening the effects of business interruptions because they can create a domino effect, spreading rapidly across regions or industries and leaving wide-scale damage. And these scenarios represent only a tiny portion of the actual risks around the globe.
A multifaceted, complicated topic
According to a current study on cybersecurity at the global risk management consultancy, Control Risks, many top managers are stressed by risks in cyberspace. In their global survey of managers and IT decision-makers, almost half of all participants confided that cyber risk is not taken seriously enough by the executive team.
Around 31 percent of participants also stated that they were very or extremely concerned that their company could become a victim of a cyberattack in the coming years. A third (34 percent) of responding companies, however, had no crisis management plan in case of a cyberattack. Following this year’s May 12th WannaCry randsomeware attack, which had affected 150 countries in less than 12 hours, this lack of preparation is shocking and alarming.
The complexity of cyber risk demands a whole new way of thinking
Technical solutions, firewalls and traditional antivirus software no longer suffice to provide companies complete protection. As Peter Rost from Rohde & Schwarz Cybersecurity pointed out in a guest commentary for the German industry portal RiskNet, consumers are no longer content with just an airbag when it comes to automobile safety. As the cyber risk expert noted, we buy cars with Electronic Stability Control (ESP) to actively prevent accidents instead of merely making them less critical when they have already happened. New concepts in cybersecurity are based on prevention with a “security by design” concept. Rost explains that since the security is integrated in the operating system during development, this drastically reduces or eliminates vulnerable spots instead of merely analyzing and fighting constantly evolving forms of attack such as zero-day exploits.
The technological solutions will not suffice for a Generation Y, Generation Nintendo, Net Generation, Generation@ or Digital Natives, who trade in their baby monitors for smartphones before leaving the playpen. Users must also reconsider their own usage habits and maybe even abstain from smartphone consumption from time to time.
I personally tested that theory last year while spending several weeks in the Canadian wilderness. After that type of abstinence, I truly realized how sensory overload and constant information with text, images and videos leave us feeling overwhelmed and permanently stressed. Many people are having a harder time focusing on one thing, because their minds are constantly somewhere else. There is no reception in the wilderness. The nice side effect is that data collectors could not capture any transaction data or annoy me with their latest shopping recommendations. A grizzly bear could care less. For me, it was a great relief.
Think about it. The seemingly simple world of mobile connectivity and the commercial sensors is really just based on widespread ignorance. Behind that façade lurks a motley, multifaceted risk map. This affects us as individuals, companies as complex systems, our society as a whole, and even the entire world order. And this digital world is growing more and more complex. That makes a paradigm shift in thinking essential.
Frank Romeike, Managing Partner, RiskNET GmbH