Part 1 – Global Risks 2015:
Technological Risks: Back to the Future
The risk of large-scale cyber attacks continues to be considered above average on both dimensions of impact and likelihood (see Figures 1 and 1.6) This reflects both the growing sophistication of cyber attacks and the rise of hyperconnectivity, with a growing number of physical objects connected to the Internet and more and more sensitive personal data – including about health and finances – being stored by companies in the cloud. In the United States alone, cyber crime already costs an estimated $100 billion each year. 23
While the “Internet of Things” (IoT) will deliver innovations, it will also entail new risks. Analytics on large and disparate data sources can drive breakthrough insights but also raise questions about expectations of privacy and the fair and appropriate use of data about individuals. Security risks are also intensified. There are more devices to secure against hackers, and bigger downsides from failure: hacking the location data on a car is merely an invasion of privacy, whereas hacking the control system of a car would be a threat to life. The current Internet infrastructure was not developed with such security concerns in mind.
The IoT is likely to disrupt business models and ecosystems across a range of industries. While this will deliver innovation, the prospect of many large players across multiple industries being forced to change so radically at the same time raises potential systemic risks such as large-scale disruption in labour markets and volatility in financial markets. A major public security failure could also prevent the IoT from becoming truly widespread.
An important characteristic of global risks, which transpires across the cases included in this report, is their interconnectedness, shown in the Interconnections Map in Figure 2. It is important to stress that risks cannot be seen in isolation. The feedback loops between risks and the fact that they are also driven by underlying trends (Figure 3) raise their complexity and make it more difficult to control individual risks. Over past years, the speed of transmission and the strength of interconnections have increased.
The complexity of addressing risks, their likelihood and their potential consequences raise the question of preparedness, on the global, regional, national and local levels.
Box 1.7: Governing the Internet — the need for mechanisms to maintain a unified and resilient network
The pace of innovation and the highly distributed nature of the Internet require a new approach to global Internet governance and cooperation. As more people rely on the Internet, the question of Internet governance becomes increasingly important. Two kinds of issues exist: technical matters, to make sure all the infrastructure and devices that constitute the Internet can talk to each other; and overarching matters, to address cyber crime, Net neutrality, privacy and freedom of expression.
Responsibility for the technical infrastructure of the Internet is dispersed among several organizations, including the Internet Engineering Task Force (IETF) and the World Wide Web Consortium (W3C), the Regional Internet Registries (RIRs), the root servers’ operators, and the Internet Corporation for Assigned Names and Numbers (ICANN). The solutions they propose – policy models, standards, specifications or best practices – spread through voluntary adoption or ad hoc conventions, regulations, directives, contracts or other agreements.
No such systems exist for developing and implementing solutions to the overarching issues. Consequently, governments are feeling pressure to enact national measures to deal with their citizens’ data and privacy concerns. While laws that force the “localization” of infrastructure may be easier short-term solutions than collaborating to define global mechanisms for addressing the issues, the risk is that “data nationalism” could endanger the network effects that underlie the Internet’s ability to drive innovation and create social and economic value.
To advance the conversation, identify possible solutions and contribute to open, resilient and inclusive Internet governance, the World Economic Forum is embarking on a multiyear strategic initiative to bring together leaders from the public and private sectors with civil society leaders and the technical community to address these issues in an impartial, high-level dialogue. This effort will complement the expert-level discussions taking place at the Internet Governance Forum and various other grassroots and government-led initiatives.
25. Global risks may not be strictly comparable across years, as the names and description of the risks were revised between 2014 and 2015. The risks introduced in 2015 are not displayed in the figures and only the risks for which the name or the description were slightly revised between 2014 and 2015 are presented. Water crises was categorized as an environmental risk in 2014 but as a societal risk in 2015. To ensure legibility, the names of the global risks are abbreviated. Please see Appendix A for the full name and description.