firewall at an office. Without the security of enterprise networks or virtual private networks (VPNs), people at home are more at risk from criminal individuals and institutions. According to the FBI, for instance, the onset of the pandemic brought a 300% increase in reported cybercrime. Leading cyber risk consultancy Kroll observed that in the first nine months of 2020, ransomware was the commonly reported attack, accounting for more than one-third of all its incident response cases. Moreover, these attacks, according to Deloitte’s Cyber Intelligence Centre, are frequently using Covid-19 as the bait to lure corporate employees and private customers into handing over sensitive data or downloading malicious software. “From the conversations I have had in the past

year, my impression is that people are less focused on cybersecurity now than they were previously, as they are too focused on the pandemic,” Jurgens explains. “Cybercriminals have taken advantage of that.” This vulnerability is placing a growing burden on companies, governments and individuals. Whether it’s concern over the pandemic, vaccination programmes or any other issues on the minds of businesses and their employees, malicious actors will take advantage of the potential opportunity.

“The awareness of risk always lags behind,” observes Jurgens. “Similarly, policy always lags behind what the technology experts can do. This is true in many areas of technological and scientific progress, and cybersecurity is one of them. Technology is moving faster than businesses and policymakers can adapt. At the WEF, we are doing our best to address that.” The WEF’s analysis of the industry shows that collective global spending on cybersecurity has now reached $145bn a year, and is predicted to exceed $1trn in the period 2017–21. Furthermore, the WEF projects growth in collective global cybersecurity spending by 2030 is set to be $433bn per annum. Dollars alone, however, will not solve the cybersecurity problem. What matters most is how that money is spent. To deliver effective results, those dollars must be invested in people and processes – as well as technology.

A call for cooperation

The WEF cannot advise on technology investments. That is not its mandate nor its field of expertise. What it can do, though, is bring together the right decision makers and technical experts to ensure that the billions spent on cybersecurity are directed at the real threats and yield the proper safeguards. “Complexity is increasing, interdependency is increasing, policy is increasingly fragmented and there is a large cyber skills gap,” Jurgens says. “Within a company, the chief information officer (CIO) or chief data security officer (CDSO) might

Finance Director Europe /

not even have access to the boardroom,” he adds. “We can bring people together, which is very important. We can connect cybersecurity experts with decision-makers and business executives to discuss their shared challenges.”

One key strand of its work is the Partnership against Cybercrime, which aims to drive momentum for a public-private partnership to combat cybercrime. To that end, it has created a dedicated community of leading law enforcement agencies, international organisations, cybersecurity companies, service and platform providers, global corporations, and leading not-for-profit alliances. Among them are the likes of Amazon, Cisco, Credit Suisse and Dell – as well as government organisations, including the European Commission, the FBI and Interpol. The aim of the partnership is to support the establishment of a global network of hubs for operational public-private cooperation, the idea being that it’d serve as the platform for interactions and the sharing of insight on a global and strategic level. One of its goals for 2021, for example, is the development of a shared threat-mapping process to help identify new opportunities for cooperation. “It is always about people in every domain,” Jurgens argues. “Building awareness is very important and cybersecurity must be recognised as a leadership issue. The WEF provides a playbook for cybersecurity and it focuses, in part, on education for employees on phishing attacks.”

One individual falling for a phishing attack could, for instance, reveal log-in details that would allow cybercriminals to use their identity to get behind the enterprise firewall. One click on a seemingly innocuous link in an email containing malware could install malicious code on enterprise systems, potentially stealing or encrypting sensitive data. “In our efforts, we are finding that countries and institutions recognise the need to work together,” says Jurgens. “We are working with all major countries to create a space where they can talk about the areas on which they can cooperate. When it comes to cybersecurity, it benefits all parties, whether states or businesses, to collaborate.” Jurgens accepts that cybercrime is not a problem that can ever be totally resolved. He recognises that it is an on-going battle that requires constant vigilance, co-operation and foresight. “It will be a challenge for a very long time,” Jurgens emphasises. “We can always make it harder for criminals. We can implement things to make it more expensive and less attractive. We can encourage better cybersecurity hygiene, we can focus on better pursuit of criminals for their actions, and we can make cybercrime less profitable. It is not about winning the war once and for all, but we can protect businesses, institutions and countries against the worst downsides.” ●


Global spending on security products in 2020, a 6% increase from 2019. IDC


The percentage of overall spending on cybersecurity that comes from banking, manufacturing and the federal/ central government. IDC


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53