What is Cyber Systemic Risk?
“Cyber systemic risk” is Internet-driven risk that threatens to destroy the business viability of industry ecosystems.
While cybersecurity risk may be the familiar and recognizable type of cyber systemic risk, it is only recognizable like the tip of an iceberg is recognizable, because most cyber systemic risk lurks well out of view, deep beneath the surface in the ocean of virtual ones and zeros.
“Cyber systemic risk” generally is the Internet version of the financial crisis’ hard lesson of “systemic risk,” where the world learned that risks or disruptions to one or a few financial institutions could cascade to become risks or disruptions to the broader financial ecosystem. That’s because the inherent inter-linkages and inter-dependencies of financial institutions’ debt and liquidity exposed the then underappreciated fragility of the interwoven financial system.
The financial crisis exposed the need and the requirement for corporations to be more vigilant concerning enterprise risk management (ERM). Consequently the next crisis exposing enterprise risk is less likely to happen from a replay of known financial systemic risks, but from new unappreciated or ignored cyber systemic risks.
Cyber systemic risk is arguably more serious than financial systemic risk. That’s because the Internet inherently is: the most inter-linked, inter-dependent, intermediary system ever created; an insecure and un-private system; and more centralized and concentrated at the top than the financial ecosystem.