The world is on the verge of a cyber shock “similar to the 2008 financial crisis,” a new study says, outlining major triggers for potential disruption and urging governments and organizations to learn from the experience gained during the credit crunch.
Zurich Insurance has drawn a parallel between the mortgage market
problems, which resulted in the global financial crisis seven
years ago, and a potential major cloud provider failure, the
consequences of which might be just as grave.
“Just imagine if a major cloud service provider had a ‘Lehman
moment’, with everyone’s data there on Friday and gone on
Monday,” the report written by the Swiss insurance group
in cooperation with the Atlantic Council think tank says. “If
that failure cascaded to a major logistics provider or company
running critical infrastructure, it could magnify a catastrophic
ripple running throughout the real economy in ways difficult to
understand, model or predict beforehand.”
Problems in the US sub-prime mortgage market in 2008 led to
banking crisis which later resulted in a global economic
downturn.
The current “interconnected nature of the internet” leads to the
increasing danger of cyber risks, spurring similar type of
scenario.
“Few people truly understand their own computers or the
internet, or the cloud to which they connect, just as few truly
understood the financial system as a whole or the parts to which
they are most directly exposed,” Chief Risk Officer at
Zurich Insurance, Axel Lehmann, said in a statement.
The new study says part of the problem in 2008 was that before
the credit crunch “risks were assessed by financial
institutions individually” and urges governments and
organizations not to repeat the same mistake when it comes to
tackling cyber threats.
The study warns people against being misled by the fact “the
internet has been incredibly resilient (and generally safe) for
the past few decades.” With the system getting ever more
complex and ever more connected to real life, bigger shocks to it
are unavoidable.
A company should no longer focus primarily on its own internal
cyber security as an threat might be coming from outsourced
services it’s getting or from its suppliers. Those are on the
list of the seven “risk pools” the study outlines.
Seven hundred and forty million data files were potentially
exposed or stolen worldwide in 2013, making the year the worst in
terms of the internet security thus far, according to the
statistics given by the Online Trust Alliance and cited in the
survey, which warns that the situation is only going to become
aggravated.
“While our society’s reliance on the internet grows
exponentially, our control of it only grows linearly, limited by
outdated government procedures and ineffective governance.”
One of the major proposals in the report is supporting the idea
put forward earlier by Microsoft, of establishing a G20+20 group,
20 governments and 20 global information and communications
technology firms – to work out ways of ensuring viable security
in cyberspace.