WEF wants international rules to increase cyber security

World Economic Forum Annual Meeting
Sheila Zabeu -

January 17, 2023

To combat cybercrime, which is expected to generate losses of US$ 10.5 trillion per year by 2025 and increase cybersecurity, international rules must be established. The World Economic Forum (WEF) warning was made, which highlights in the Global Risks Report 2023 the threats present in a deeply interconnected world, in particular, cyber threats.

Among the rising cost of living, natural disasters, conflicts and geo-economic tensions, climate change and other risks on a global scale, the study highlights the spread of cybercrime and cyber insecurity among the 10 main risks in the periods of two and 10 years. According to the study, the situation is expected to worsen over time, as new technologies are expanding the reach and impacts of cybercriminals’ actions, which are increasingly complex and invasive.

WEF Global Risks Report 2023
Source: WEF

As if that weren’t enough, the world is also experiencing a shortage of skilled labour – a gap between demand and supply of more than 3.4 million cybersecurity professionals was recorded in 2022, an increase of more than 26% over the previous year’s figures. And the scenario is not expected to change much in 2023, given the mismatch between the availability of cybersecurity professionals and an evolving threat landscape with attacks that are harder to detect and combat.

Even with this daunting outlook, there are no current clear and widespread international norms, standards, and rules to mitigate and prevent cybercrime. According to the WEF, much of the problem stems from the fact that many government officials, companies and civil society groups are not obligated to report data breaches and cybercrime publicly. Many do not do so for fear of reputational damage.

However, this is beginning to change. The US Critical Infrastructure Cyber Incident Reporting Act of 2022 guides the industry in voluntarily reporting cybercrime cases. In late 2022, the European Union also adopted legislation to strengthen cybersecurity measures to improve the resilience and incident response capabilities of the region’s public and private sectors. The new directive, called NIS2, will replace the rules in place until then for network and information systems (NIS) security.

For the WEF, to intensify actions against cybercrime, it is necessary that international rules are strengthened and that the notification of violations becomes mandatory for most sectors of activities. Only then will it be possible to understand the absolute magnitude of the challenge associated with cybersecurity and develop more targeted solutions.

The United Nations (UN) is discussing how to implement international rules through a treaty to combat cybercrime. In embryonic stages since 2019, the first meeting on the topic was held in 2022 amid concerns that it could also contribute to expanding government regulation of online content, criminalise free speech and undermine privacy. For now, countries are negotiating the treaty’s parameters, with most Western governments determined to uphold individual data protection and privacy rights.

Challenges and opportunities generated by technology

As cybercrime expands, other risks associated with technology tend to grow. For example, the accelerated and often uncontrolled development and deployment of new technology solutions and the closer interweaving of existing technologies, such as IT and OT, give rise to risks that threaten critical infrastructure at national and even international levels.

Moreover, the WEF’s Global Risks Report also stresses that the technology sector should be the target of stricter industrial police and state interventionist measures in 2023 and beyond. It will certainly receive state investment from military and private groups to stimulate Research and Development of more advanced technologies, such as Artificial Intelligence and quantum computing, among others. For countries that can afford these investments, the technology will help solve a series of problems and health, food and climate crises, for example. For those who cannot invest, the inequality, misinformation, and difficulty of access to education will grow even more.