April 23, 2014
The world is on the verge of a cyber shock “similar to the 2008 financial crisis,” a new study says, outlining major triggers for potential disruption and urging governments and organizations to learn from the experience gained during the credit crunch.
Zurich Insurance has drawn a parallel between the mortgage market problems, which resulted in the global financial crisis seven years ago, and a potential major cloud provider failure, the consequences of which might be just as grave.
“Just imagine if a major cloud service provider had a ‘Lehman moment’, with everyone’s data there on Friday and gone on Monday,” the report  written by the Swiss insurance group in cooperation with the Atlantic Council think tank says. “If that failure cascaded to a major logistics provider or company running critical infrastructure, it could magnify a catastrophic ripple running throughout the real economy in ways difficult to understand, model or predict beforehand.”
Problems in the US sub-prime mortgage market in 2008 led to banking crisis which later resulted in a global economic downturn.
The current “interconnected nature of the internet” leads to the increasing danger of cyber risks, spurring similar type of scenario.
“Few people truly understand their own computers or the internet, or the cloud to which they connect, just as few truly understood the financial system as a whole or the parts to which they are most directly exposed,” Chief Risk Officer at Zurich Insurance, Axel Lehmann, said in a statement.
The new study says part of the problem in 2008 was that before the credit crunch “risks were assessed by financial institutions individually” and urges governments and organizations not to repeat the same mistake when it comes to tackling cyber threats.
The study warns people against being misled by the fact “the internet has been incredibly resilient (and generally safe) for the past few decades.” With the system getting ever more complex and ever more connected to real life, bigger shocks to it are unavoidable.
A company should no longer focus primarily on its own internal cyber security as an threat might be coming from outsourced services it’s getting or from its suppliers. Those are on the list of the seven “risk pools”  the study outlines.
Seven hundred and forty million data files were potentially exposed or stolen worldwide in 2013, making the year the worst in terms of the internet security thus far, according to the statistics given by the Online Trust Alliance and cited in the survey, which warns that the situation is only going to become aggravated.
“While our society’s reliance on the internet grows exponentially, our control of it only grows linearly, limited by outdated government procedures and ineffective governance.”
One of the major proposals in the report is supporting the idea put forward earlier by Microsoft, of establishing a G20+20 group, 20 governments and 20 global information and communications technology firms – to work out ways of ensuring viable security in cyberspace.