The World Economic Forum today released its annual Global Risks Report (GRR), which in particular highlights:
- We will need to find new ways of practicing globalization that respond to the era of insecurity that many people experience.
- Political strains, most notably the increasing polarisation of society, require a radical rethinking of existing institutions and processes to address global risks.
- Risks are intensifying, but the collective will to tackle them appears to be lacking. Instead, divisions are hardening and we are drifting deeper into global problems from which we will struggle to extricate ourselves.
Looking a bit deeper, I take four main points away from this year’s report:
Firstly - of all global risks, the environment is where the world is most clearly sleep-walking into a catastrophe.
Alarm bells are ringing…
The IPCC’s Special Report on Global Warming of 1.5 °C (Oct 2018) gives us just 12 years to limit the most substantial impacts of climate change. Urgent changes are needed to reduce the risk of extreme heat, drought, floods and poverty, requiring significantly greater political unity and will than currently demonstrated.
Environmental risks dominate the GRR’s Global Risks Perception Survey (GRPS) for the third year in a row, accounting for three of the top five global risks by likelihood and four by impact. Survey respondents seem increasingly worried about environmental policy failure and its potential impact, with the most frequently cited risk interconnection being the pairing of “failure of climate-change mitigation and adaptation” and “extreme weather events.” Furthermore, the report highlights that climate change exacerbates the need to urgently close the global $18 trillion gap in infrastructure investment, and that rapidly growing cities and ongoing effects of climate change are making more people (and businesses) vulnerable to rising sea levels.
What can businesses do?
Against this backdrop, we strongly recommend that businesses develop a climate resilience adaptation strategy and act on it now. We recommend this strategy be built around 3 steps:
Step 1: Identify the broad business and strategic risks following the FSB TCFD’s scenario-based approach.
Step 2: Develop a granular view of the risks involved including, for example, individual locations.
Step 3: Develop a mitigation strategy involving appropriate resilience enhancing adaptations.
Second, technology continues to play a profound role in shaping the global risks landscape In the GRPS, “massive data fraud and theft” was ranked the number four global risk by likelihood over a ten-year horizon, with “cyber-attacks” at number five. This sustains a pattern recorded last year, with cyber risks consolidating their position alongside environmental risks in the high-impact, high-likelihood quadrant of the Global Risks Landscape. A large majority of respondents expect increased risks in 2019 of cyber attacks leading to theft of money and data (82%) and disruption of operations (80%).
This view among the many stakeholders forming the GRPS sample is also shared when looking at the business community alone. As the Regional Risks of Doing Business report 2018 highlighted back in November 2018, businesses view cyber-attacks as the #1 risk for doing business in North America, Europe as well as East Asia and the Pacific. This strongly suggests that businesses need to strengthen cyber security and resilience in order to maintain confidence in a highly connected digital economy.
So how can businesses respond to this growing threat? There are several steps to take, for example:
- Build a culture of awareness: Cyber risks are not just an IT concern, nor are they limited to certain sectors of an organization. Every employee, from the boardroom to the intern, plays an important role in keeping an organization cyber-secure, and understanding their responsibilities for holding data securely.
- Adopt a mindset of cyber resilience: With reputational risk, economic losses and legal consequences on the line, it is crucial for companies to create and implement an incident response plan in the event a cyber incident occurs. Responding quickly and effectively will not only mitigate these risks, but also ensure a successful recovery in the long run.
- Practice, practice, practice: While practice may not always make perfect, it can be pivotal when responding to a cyber incident. Just having an incident response plan in place is not enough; it’s imperative that the plan is practiced and updated on a regular basis, adjusting as needed for different scenarios and variations of cyber threats.
Third, geopolitical tensions are rising among the world’s major powers and economic risks have moved into sharper focus Geo-economic tensions ratcheted up during 2018, across trade, investment and sanctions policies. Furthermore, the rate of global growth appears to have peaked, while inequality - in particular within-country inequality - continues to rise and be seen as an important driver of the global risks landscape.
- GRPS survey respondents do not feel confident about an easing of the current situation. 91% expect increased risk in 2019 of economic confrontations/frictions between major powers. 88 % expect an increased risk of erosion of multilateral trading rules and agreements, and 85% expect an increased risk in political confrontations/frictions between major powers
Like many global risks, coping with such key geopolitical and geoeconomic issues is often a challenging and somewhat daunting task for businesses. Companies have a choice: manage geopolitical risks or be managed by them.
Leading organizations understand they don’t have to “roll with the punches” – they can take action, be proactive, and incorporate geostrategy into business strategy and operations. We believe the board, management and risk functions of an organization each have a role to play in managing geopolitical risks and opportunities. This can be managed in three steps: understand, prepare and act.
Step 1: Understand: understanding a company’s exposure to geopolitics is a global footprint assessment in which organizations consider the economic activities they engage in across the globe and how each might be impacted by geopolitics. Areas of focus include supply chain, people, corporate functions and stakeholders.
Step 2: Prepare: once an organization understands its geographic footprint and how its strategic goals could be impacted by geopolitics, it is time to prepare. Areas of focus include investing in knowledge and networks, considering strategic redundancies and modularity assessment.
Step 3: Act: a company needs to act as early as possible when geopolitical disruption occurs. There will be situations that can be proactively prepared for well in advance, and other situations where it will be important to quickly determine a course of action that minimizes disruption and cost. For example, potential protectionist measures, whether in the form, tariff or quotas, are something that a company can clearly prepare for. However, there will always be geopolitical events that are hard to predict.
My final take away is how increasingly interconnected and complex global risks have become. This demands a holistic risk management approach.
We must keep in mind that the increased interconnectivity and complexity of global risks are here to stay. In such a context, and with today’s increasingly complex and tightly coupled systems, caring for business means considering everything that could affect it.
Adopting a holistic approach to manage global risks is crucial. It's important to recognise early warning signs, encourage scepticism, and mitigate our cognitive biases through using structured decision tools. We must be open to learning the lessons from small failures which can help us to prevent catastrophe…rather than sleep walk into it.
Zurich Insurance Group is a Strategic Partner of the World Economic Forum, a Strategic Partner of the Global Risks Report, and a Partner of the Forum’s Global Center for Cybersecurity.