Is there a tech solution for teetering economies?

The cost of cybercriminals taking down a single cloud provider could equate to the fallout from a major hurricane.
23 August 2019

The Reichstag Dome on top of the Reichstagsgebäude (The Reichstag building), historic edifice constructed to house the Imperial Diet. Source: Shutterstock

Previously in this column, I suggested that cybersecurity failures have introduced another layer onto global economic uncertainty.

Capital One suffered a massive data breach, even after bank employees warned internal auditors and management about high turnover in the cybersecurity unit and delays with technological implementations. Additionally, cloud services were misconfigured, and the bank’s coders weren’t always in-sync with the cybersecurity team.

As people worry about troubling economic forecasts, it’s important to take a closer look at data practices.

Society is now dealing with an alarming status quo. Financial institutions, tasked with the issuing of credit, are vulnerable to security disruptions. Point-of-sale malware can compromise major retailers for prolonged periods of time without detection.

In the past, traders took these things in stride. When Hudson’s Bay Company, an age-old, Canadian retail business group, failed to protect its POS systems, shares dropped but quickly recovered. However, markets might be more inclined to react if everyone is already on edge and the financial consequences of data breaches are increasing; both of which appear to be true.

Economies on edge

The Dow Jones suddenly plunged 800 points in mid-August, partly in response to an inverted bond yield curve. The German economy, the fourth largest in the world, contracted in the second quarter. It has been suggested that the atmosphere of uncertainty has been more damaging than direct effects from trade disputes and the long-brewing issue of Brexit, although a global decline in car sales did produce a clear and direct impact on Germany’s output.

Political leadership might seem capricious, but consumers are making up their minds: Mobility-as-a-service seems increasingly viable in the long-term through autonomous vehicles, even though Uber and Lyft are hemorrhaging cash today. Carmakers will need to quickly adapt.

As uncertainties and consumer shifts produce broad effects, the European Central Bank is considering a large bond-buying program to spur economic growth. However, the legalities of the ECB’s multi-billion-euro crisis-fighting measures are continually under dispute. Previously, the program injected €2.6 trillion (US$2.9 trillion) of liquidity into the system over 45 months, shifting risk from the domestic and foreign private sector to the public sector. The solutions to these economic complications are also very complicated.

The risk of data breaches

On the cybersecurity front, governments are trying to direct corporations to be more responsible stewards of data by specifying practices and imposing penalties. But governments are also struggling to protect their own data.

According to a report from 4iQ, an identity intelligence company, the government is increasingly vulnerable to data breaches. It was the largest growing exposed sector in 2018, with public sector identity exposures increasing 291 percent from the previous year. 4iQ concluded that dark web brokers are actively including citizen data and voter databases in their illicit data portfolios. The report also found that hackers have increasingly directed their attacks toward small businesses and supply chain vendors.

Even if technology gets better at identifying these malicious actors, the long arm of the law likely won’t be able to reach them. There isn’t a powerful deterrent. It’s possible that cybercrime could slow the rate of adoption for new technologies. And if IP and business strategies are continually compromised, that could deter some R&D investments.

Quantified damage

Better practices are urgently needed. The White House’s Council of Economic Advisers assessed the costs of cybercrime to the US economy at US$57 billion or greater in 2016. If cybercriminals take down a single cloud provider, it could result in US$50 billion to US$120 billion of economic damage, according to risk analysis. That loss is comparable to the fallout from a major hurricane.

Many seem ready to accept cybercrime as the cost of doing business in our modern, global economy and, in fact, it represents an underground economy of its own. But as security postures adapt to new threats and as AI becomes more robust, can the costs be contained?

In 2017, Axel Wirth, a technical architect with Symantec, wrote, “The annual global spend on cybersecurity is approaching $100 billion while global losses to businesses due to cyber incidents are nearing $1 trillion. We are clearly underspending on security, but do we need to spend $1 trillion to avoid the loss of $1 trillion? The truth probably lies somewhere in between, and the right approach may not be to just spend more, but also to spend smarter.”

Tech adaptation

Insufficient investments, misaligned incentives, and misconceived security metrics can be corrected within enterprises of all sizes. There is also a lot of work that needs to be done with processes and people, particularly with regards to access governance controls and protocols that withstand social engineering.

Data is the new currency… and data practices are impacting actual, traditional currencies. But as threats and uncertainties pile onto each other, is there a tech solution for teetering economies?

Investors are leaning heavily on algorithmic trading during these murky times. Open banking is creating new levels of competition and transparency in the financial world but the sharing of transactional data between large banks and FinTech startups also creates new risks.

And as regulators try to nudge corporations in what they consider to be a better direction, there is potential for new players to capitalize on compliance with high-tech offerings. The global RegTech market size is expected to reach US$55.28 billion by 2025, according to Grand View Research. North American growth is partly driven by the financial industry’s adoption of RegTech products and services.