Showing posts with label World Economic Forum. Show all posts
Showing posts with label World Economic Forum. Show all posts

Tuesday, October 18, 2016

Review - WEF Global Competitiveness Report

This September 2016 the World Economic Forum (WEF) published its annual Global Competitiveness Report 2016-17.  This report is almost 400 pages of a fairly comprehensive analysis of each country in the world and its relative competitiveness based on 12 separate factors (shown below):




And based on these 12 factors, the factors themselves are broken down into key elements for:

  • Factor-Driven Economies
  • Efficiency-Driven Economies, and
  • Innovation-Driven Economies
For instance Institutions and Infrastructure are key "Basic" requirements necessary for an economy to thrive and compete.

The WEF analysis then used these factors to ascertain the competitiveness of a country relative to the rest of the world as well as to its geographic region in many cases.  For instance, the top 10 most competitive countries using this methodology are:

And the bottom 10 are:

Infrastructure Factor

The elements reviewed to calculate each factor are listed in the "Technical Notes and Sources" section at the end of the report.  Since this blog is focused on infrastructure there is interest on the elements included in this calculation.  These include the following:

  • Quality of overall infrastructure
  • Quality of roads
  • Quality of railroad infrastructure
  • Quality of port infrastructure
  • Quality of air transport infrastructure
  • Available airline seat kilometers
  • Quality of electricity supply
  • Mobile-cellular telephone subscriptions
  • Fixed telephone lines
At first glance, this list is missing such elements as fresh/potable water supply, food availability and distribution, etc.  However, the "Technological Readiness" factors include the following that could be considered part of the strength of a country's infrastructure:

  • Availability of latest technologies
  • Firm-level technology absorption
  • Foreign Direct Investment and technology transfer
  • Internet users
  • Fixed broadband Internet users
  • Internet bandwidth
  • Mobile broadband subscriptions

Conclusion

As usual, the quality and content of this report are very good.  It is compelling and interesting and a useful reference for country policy development.

###



Posted by at
Labels: , , ,

Friday, October 30, 2015

Taking Infrastructure Seriously

Remember the 2013 infrastructure grade report from the American Society of Civil Engineers (ASCE)?  A snapshot of the 2013 grades for the US were quite damning and are posted in the picture below:


My immediate response is WOW followed by an emoticon of sadness :-(

These grades are two years old and I suspect they have not improved and perhaps have gotten even worse.

Maybe with a new Speaker of the House perhaps some new attention on this national crisis will happen (?) -- I certainly hope so.

In the World Economic Forum AGENDA, there is an article by the Honorable Gordon Brown (former Prime Minister of the United Kingdom) with the headline GORDON BROWN:  IT'S TIME TO TAKE INFRASTRUCTURE SERIOUSLY.

Mr. Brown's article offers a very critical and less than optimistic view of the world's current infrastructure crisis that prompted me to write this blog.  He offers some of the following facts:

  • There is a $20 Trillion backlog in infrastructure maintenance/upgrade requirements running to 2030
  • 18% of the world's citizens are left without electricity
  • 11% of the world's citizens are left without clean water
  • 20% are deprived of basic healthcare
  • 58M children denied primary schooling
Gordon continues to observe that without action on improving this blight in infrastructure eradicating extreme poverty cannot not be achieved.

Ideas Needed

Yes, infrastructure capital projects -- new and upgrades -- are expensive and may be risky; however, interest rates are low and there is new emphasis on public-private partnerships to take necessary actions to at least improve the current situation.  Unfortunately, we are so far behind in the US let alone the other parts of the economically advanced nations that paying attention to the less developed countries may be obscured by the problems we face.

Leadership is needed tackle this issue in conjunction with climate change....they are both intertwined and I'd like to commend Mr. Brown and the World Economic Forum for raising awareness on this daunting issue.

###



Posted by at
Labels: , , , ,

Saturday, January 31, 2015

World Economic Forum - Global Risks 2015

Each January the World Economic Forum (WEF) has a grand meeting in Davos, Switzerland.  This meeting brings together the major decision makers and influencers in the world to review the current state of the world and its risks.

As part of this annual event the WEF compiles and publishes its Global Risks assessment.  The 10th Edition was published this for assessing the global risks for 2015.  A picture of the report's cover is below.  The report can be downloaded at: http://www3.weforum.org/docs/WEF_Global_Risks_2015_Report.pdf 


As a student of infrastructure and security I find this report to offer tremendous insight into the challenges faced by society today.  Also, the report includes some excellent graphics to help the reader get a better sense of the interplay between the various risks and what they refer to as "risk constellations."

The authors have first established five categories of risk including economic, environmental, geopolitical, societal and technological.  Then, for each category there are a collection of different risks that are graded and assessed.  The individual risks are then evaluated on a quadrant (below) assessing the risk's Impact and Likelihood.



Then, based on the above mapping/assessment the top 10 risks are determined by Likelihood and Impact as shown in the next graphic.


Finally, an aspect I normally consider with these lists are those risks listed in both columns.  These include:

  • Water Crises
  • Unemployment or Underemployment
  • Failure of Climate Change Adaptation
Even though this is a short list, please consider how they are interrelated and how the water crises are aggravated by failure of climate change adaptation which can result in job loss thus unemployment.

Overall, I would highly recommend that you review the report and especially get a sense of the risk themes raised and how they impact your profession and personal life.

###




.


Posted by at
Labels: , , , ,

Thursday, April 17, 2014

Two Views of Today's Cyber Risks

This week I've had the chance to view two reports that gave me -- and I expect others -- a powerful view of the cyber challenges we face.  One report was a global view our reliance on the Web and the "...increasing danger of global shocks initiated and amplified by the interconnected nature of the internet."

The second article was a survey done by Control Engineering magazine on the global views of cyber security of the industrial controls domain.  The survey revealed that almost 50% of the respondents perceive the control system threat in their organizations to be at a moderate level, but 25% cite a "high" or "severe" threat level in their systems.

So, rather than provide detailed reviews of each document, let me help aim you to the appropriate links with some summary notes added:

Risk Nexus - Beyond Data Breaches: Global Interconnections of Cyber Risk -- Zurich and Atlantic Council
(LINK) 
This well-written report (30 pages) consistently raises the bar of the global risk relative to our reliance on the Internet and ecommerce in a manner similar to the annual World Economic Forum's Risk Reports.  Perhaps we are so closely connected to the Internet that we put our selves in harm's way relative to our economic -- and maybe even mental well being (?).

One quote that I find especially telling is:

"The internet of tomorrow will both initiate and amplify global shocks in ways for which risk managers, corporate executives, board directors, and government officials may not be adequately prepared."

Finally, take a look at Page 8 of the report...they include 7 aggregations of cyber risk that certainly made me think:


  1. Internal IT enterprise (hardware, software, servers, and related people and processes)
  2. Counterparties and partners (relationship between competing/cooperating entities, etc.)
  3. Outsourced and contract (IT and cloud providers, contract manufacturing)
  4. Supply chain (Exposure to a single country, counterfeit or tampered products, risks of disrupted supply chain)
  5. Disruptive technologies (internet of things, smart grid, embedded medical devices, driverless cars...)
  6. Upstream infrastructure (submarine cables, internet governance and operation)
  7. External shocks (major international conflicts, malware pandemics)

At a minimum I'd suggest you pass this report to your Board of Directors and Executive Management so they get a sense of another view of risks that need to be addressed and mitigated.


 Control Engineering Cyber Security Study - April 2014 (Registration Required)
(LINK)
Compliments to the Director of Research for Control Engineering, Ms. Amanda McLeman and her colleague Mark Hoske for this summary report.  The report is based on a survey of about 190 respondents from February 7 to March 2, 2014.  So the data is fairly contemporary.

This summary report is a collection of graphs showing the demographics of the respondents as well as the summary results of the questions.

A good summary graph of the Threats considered by the respondents is below:


If you cannot adequately read the graphic above the top three system components the respondents are most concerned about are:

  1. Computer assets that are running commercial operating systems
  2. Connections to other internal systems
  3. Network devices
Finally a summary of key "bullets" from the report include:
  • 24% of respondents said they had NEVER performed a systems security vulnerability test
  • 25% of those surveyed indicated their computer emergency response team appears well trained and capable
  • 41% agreed having industry-required standards without government involvement would improve or enable their efforts to implement proper control system cybersecurity.  (So, maybe the NIST Cyber Security Framework has some hope?)
Thanks for taking the time to read my comments and have a good week!

###




Posted by at
Labels: , , , , , , , , ,

Tuesday, January 28, 2014

2014 World Economic Forum Risk Report - High and Low Lights...

Each year I look forward to reading the annual World Economic Forum (WEF) Risk Report.  The WEF has been publishing these very compelling reports for the past 9 years.  The 2014 Risk Report was published on December 31, 203 and can be found at this LINK.


This year's report maps 31 global risks according to the level of concern, likelihood and impact, and interconnections among them.  Of these risks they identify the Top 10 Risks of Highest Concern and they have also included a fascinating discussion on what they call "Digital Disintegration" which examines cyberspace and its future for the globe.

The graphic below shows the 31 global risks and their categories including how the Top 10 Risks are detailed.



Infrastructure Risks

 Of course as I look at the 31 risks, I am very interested in the "critical infrastructure-centric" issues that the WEF survey participants highlighted.  My own personal "Top 10" list includes the following from the list of 31:

  • Economic: Failure/shortfall of critical infrastructure
  • Environmental:  Greater incidence of extreme weather events
  • Environmental:  Greater incidence of natural catastrophes
  • Environmental:  Greater incidence of  man-made environmental catastrophes
  • Environmental:  Water Crises
  • Geopolitical:  Large-scale terrorist attack
  • Societal:  Mismanaged urbanization (inadequate infrastructure and supply chains)
  • Technological:  Breakdown of critical information infrastructure and networks
  • Technological:  Escalation of large-scale cyber attacks
  • Technological:  Massive incident of data fraud/theft
Risks in Terms of Likelihood and Impact

On page 17 of this 60-page report there are two tables showing the evolving global risk landscape from 2007 to 2014 based on the World Economic Forum Global Risk Reports.  The referenced table shows a fascinating movement of risk likelihood and impact moving from economic/technological issues to more geopolitical and environmental issues.  Comparisons are shown in the graphic below:



I've starred the two of concern for both likelihood and impact -- that is in the area of cyber -- both attacks and information infrastructure breakdown.  So, in spite of the list of 31 and the top 10 risks shown above, please consider that our digital arena is at risk among the top 5 of 31 risks.

Report Section 2.4: Digital Disintegration

A quote from the report:

While cyberspace has proved largely resilient to attacks and other disruptions so far, its underlying dynamic has always been such that attackers have an easier time than defenders.  There are reasons to believe that resilience is gradually being undermined, allowing this dynamic of vulnerability to become more impactful."

Unfortunately, this quote is consistent with my past writings on "Assumption of Breach" and that the attackers have it easier than the defenders -- just remember my kitchen sieve model where the CISO needs to cover every hole with one hand yet the attackers only need one opening...ugh!

So, as noted in the WEF report cyber risks can be summarized through the acronym CHEW -- crime, hactivists, espionage and war.  However, the WEF report also notes that a large cloud provider could suffer an "...Enron- or Lehman-style failure virtually overnight."  

The report continues to note that environmental triggers could easily play a role in disintegrating our digital backbone through such events as an earthquake devastating Silicon Valley (e.g., San Andreas fault) or a solar super storm could cause major outages of national electric grids, satellites, avionics or signals from global navigation satellite systems.

Hence, our ever expanding reliance on the digital highways and systems may increase the risks to our global economy.

Finally, the WEF report goes on to note:

Increasingly, there is recognition that the growing role of cyberspace is not only a technical and geopolitical concern but also presents serious risks to economic well-being.  While failure of critical online infrastructure represents a systemic risk that could impact global growth, so does a large-scale loss of trust in the Internet.  ... Effective methods for measuring and pricing cyber risks may even lead to new market-based risk management structures, which would help in understanding the systemic interdependencies...that now depend on cyberspace.

Conclusions

As usual, the 60-page report from the World Economic Forum is full of interesting perspectives on the economic, environmental, geopolitical, societal, and technological arenas surrounding global commerce and society.  I would highly suggest you take a minute to download the report and at least page through the many points of discussion in the report and gain a perspective a bit different from your normal cable news channel.  Of course I focused on the infrastructure and cyber issues in this blog; however, I also believe you will gain some very interesting perspectives on the challenges facing our children and the "teetering" issues in our increasingly multipolar world.

###




Posted by at
Labels: , , , , , , ,
Subscribe to: Posts (Atom)