WHAT THE CORONAVIRUS OUTBREAK CAN TEACH US ABOUT CYBERSECURITY

In 2015 the World Health Organisation raised the risk of “Disease-X”. At the time it was unknown and they projected it had the potential to trigger a global pandemic, with no known treatments or vaccines, leading to loss of lives and massive economic disruption. In a slightly similar vein, Lloyd’s of London annually model a cyber-attack pandemic, started by threat actors who hold the only known cure. The predicted consequences for economies and human lives of both predictions are devastating.

Today, both of these forecasts have real-world comparisons. In 2017 the NotPetya virus became a global cyber pandemic that spread from the Ukraine around the world in a few short hours. NotPetya paralysed organizations, crippled shipping ports and shut down government agencies globally. It caused over $10 billion in damages. In the world of healthcare, the Coronavirus (now named Covid-19) has infected more than 170,000 people in 157 countries and could cause in excess of $1 trillion of economic damage. That’s more than 3 times that of SARS – a similar virus that broke out 17 years ago.

One reason for the seismic disruptions caused by both medical and cyber pathogens is the interconnectedness of the global economy. Supply chains now span multiple continents. Air travel passenger volumes have doubled. Disruption in China is leading to disruption everywhere. The same dynamic is true for cyber-pandemics because digital supply chains span continents and cloud computing has become ubiquitous, leading to a digital interconnected web which is fragile and can be easily broken.