In May 2016, Cybersecurity Ventures released its Cybersecurity 500 list, a “global compilation of leading companies who provide cybersecurity solutions and services.” Already at approximately $400M per year, cybersecurity is calculated to cost for the global economy could reach $3 trillion by 2020. Meanwhile, extreme weather and climate events may already be costing the global economy $1.2 trillion per year—so who is at the top of the “Climatesecurity 500”?
Well, we couldn’t find such a large list, or even a list.
With such comparable magnitudes of costs, one would expect a similar number of firms and innovators in this space. One might argue that big consulting firms like PwC and KPMG are occupying the climate risk space, but, they also have large cybersecurity offerings which don’t seem to crowd out hundreds of other cyber solutions and services.
Cyber and climate risks share similar features, such as global reach, potential to shut down operations for extended periods of time and ability to impact critical infrastructure, such as electricity grids.
One explanation could be that cyber attacks can include the extraction of customer data and direct attacks of financial assets that can lead to significant reputational damage and lasting distrust of corporations by their customers. It is also easier to put a face on cyber crime—whether it is a government, individual or hive of hackers—and know what their motives are—primarily to steal financial data, but also acquisition of company and state secrets, espionage, retribution or simply “bragging rights.”
Climate risks are much more random, faceless and often considered “acts of God.” Companies may also be under a false sense of security thinking that they are already managing climate risks by tracking historical flooding, storm, temperature, fire, etc… data—we have seen, time and time again, that the past is a poor predictor of the future. Further, the presentation of climate data—in long-term projections and at regional spacial scales—can make addressing these risks seem very far removed as a C2ES survey finds that companies are lacking ” ‘actionable science’ that helps them understand locally-specific risks or risk scenarios.”
Comparison and analysis of the maturation of these two markets warrants greater analysis and there could be a variety of other reasons for this differentiation. But, the stakes are so high, its important to find out how risk information can better disseminate across companies and communities.
To help move the industry forward, Adapt Ready is focused on helping customers and the world better understand the real risks they face, take action and avoid losses. Hopefully we will soon see a list of company’s helping the world adapt to one of the other biggest security threats of our time.