Some Thoughts about Cyber Risks in the Global Risk Report 2020

Data Visualisation becoming more and more important in decision making, it's critical to be careful with graphs frequently used to analyse trends and research summaries published to a large number of stakeholders and decision makers.

For almost ten years, the World Economic Forum (WEF) shares, prior to the event, a Global Risk Report. It's an outstanding and very precious source of information and helps decision and rule makers (governments, corporates, research, NGO ...) to review their risk management strategies and short, medium and long term action plans.

Part of this Global Risk Report is an impact/likelihood matrix summarizing the major risk categories, very often, for busy readers with a "maximum 3 minutes" attention, the major takeaway of this very detailed and high quality report.

The 2020 edition highlights, and this are definitely THE critical, a question of survival, five environmental risk categories with the highest likelihood ! It's essential for every reader of this report to receive this ultimate alert ... especially if the reader expected anything different after this climate disaster year 2019 ! This years' WEF discussions focused on these risks for the humanity even if some decision makers still seem to be overconfident to be able to deal with them.

However, and this is the message I would like to send out with this short article, one takeaway from a < 3 minute visualisation could be almost as dangerous as the climate threatenings : Cyber Risk related categories, even if still highly positioned both in terms of impact and likelihood kind of appear "less threatening", or worse, "starting to be mitigated" and this would definitely be an extremely dangerous "analysis". Let's have a look on a comparison of 2019 and 2020 (I've tried to align at least the impact levels to make them comparable) :

Cyber Risk categories are plotted in purple and their impact looks very slightly higher in 2020 than 2019, their likelihood even lower ... and they seem to be "dominated" by environmental risk categories in both impact and likelihood. For information, the four main categories of these risks are defined as follows :

The Global Risk Report 2020 also adds two very interesting results : the evaluation by multi-stakeholders (C-level execs, political and NGO decision makers, experts ...) and the alternative evaluation delivered by the WEF's "Global Shapers Community", a network of "young people driving dialogue, action and change". It's very compelling to compare the impact/likelihood matrix of these two respondent groups :

This community, probably including several future leaders, rates the Cyber Risks significantly higher and a >3 minute reading of the report and the data visualisation makes it very clear that despite obvious and critical focus on environmental risks, the Cyber Risk threats continue to be part of the World's most critical risk exposures and should retain a maximum of risk attention among the decision and rule makers and their supervisors.

Finally, the huge investments necessary to reduce the Climate Risk exposures require significant mitigation of all other risk categories "below" the Impact/Likelihood position of these most impacting risks in order to be financed - any mitigated risk helps freeing up funds to get our arms around Climate Risk !

The Global Risk Reports can be downloaded on www.weforum.org/reports