The internet plays a critical business function in North America, and the United States in particular. Consider these facts from the Global Risks Report 2016, which was produced by the World Economic Forum in strategic partnership with Zurich:
- 87% of the U.S. population uses the internet, making it one of the best-connected countries in the world.
- The U.S. ranks 2nd globally for online business-to-consumer transactions.
- In 2014, cybercrime costs reached $100 billion in the U.S.—nearly one-quarter of the $445 billion in global losses.
North American business leaders are well aware of these costs, as well as the increasing frequency and business interruption of breaches. In fact, they elevated cyber to their number one risk, according to the Global Risks Report. Other regions of the world placed geopolitical and societal risks higher, but cyber remained in the top three risks for 18 countries, primarily in Northern Europe and Japan.
The Report outlines key interconnections with cyberattacks—such as adverse consequences of technical advances and a critical information infrastructure breakdown—whether it’s destroying a profitable e-commerce site or the ability to manage a global supply chain network. In addition, the “risk velocity” of a cyberattack—i.e., the high speed of onset and impact—requires an organization to be prepared with an equally high speed of response to help protect its competitive advantage.
The Ponemon Institute reports that while malicious criminals are responsible for 41% of cyberattacks, human error is responsible for 33% of them. This human factor is what can make cyberattacks more difficult to control and why decreasing the impact through a well-planned business continuity response management approach is of paramount importance.
These three steps can help your organization determine the right and rapid response to a cyberattack:
- Make it a board-level priority to examine the interconnections between advanced technology and cyber vulnerability. As organizations depend more on innovations such as cloud computing and 3D printing, it’s important to identify the new risk scenarios these technologies bring with them.
- Establish 360 degree risk assessments and scenario-based analysis. Determine where risk mitigation improvements should be made company-wide, and proactively adjust your digital infrastructure—whether it’s changing your backup locations or third-party vendor relationships.
- Build cyber resilience through stress testing. Once you’ve made improvements, test what happens if your systems go down—how will your e-functions, such as payroll, ordering or production recover? Can you continue to serve clients during a cyberattack? Are your suppliers equally resilient?
Your business peers in other regions of the world are facing not only cyber threats, but also more macro forces such as failure of national governance, large-scale involuntary migration and energy price shock, as shown in the global risk of highest concern map. North America is fortunate to have relatively stable governments and economies, yet all these international exposures may impact global trade and necessitate adjustments to strategy and execution plans. Continuing to grow your business both in the short-term and long-term will require the ongoing adoption of new, advanced technologies. And it will require building organizational resilience through an enterprise-wide approach to managing cyber risks.