Royal Bank Of Canada’s CISO On The ‘Cyber Poverty Line’: Plan For The Worst – Cybercrime Magazine

Report on the Economic Impact of Cybercrime on Sustainable Development Goals

Economic Disruption and the Threat to SDG 8

The escalating threat of cybercrime presents a significant obstacle to the achievement of Sustainable Development Goal 8 (Decent Work and Economic Growth). Illicit financial flows resulting from digital crime directly undermine global economic stability and sustainable growth.

• Global cybercrime damage costs are projected to surpass $10 trillion USD by 2025, an amount that would constitute the world’s third-largest economy.
• In Canada, fraud losses for businesses have reached an estimated $111 billion CAD in the past year, representing 7.2 percent of their total revenues.
• These substantial financial losses divert capital from productive investments, job creation, and initiatives aimed at fostering inclusive and sustainable economic growth.

Vulnerabilities in Digital Infrastructure and Industry (SDG 9)

Widespread underinvestment in cybersecurity measures compromises the integrity of digital systems, directly impacting Sustainable Development Goal 9 (Industry, Innovation, and Infrastructure). The resilience of the increasingly digitized global infrastructure is at risk.

• A significant number of businesses underestimate the risks posed by cyber threats, leading to inadequate investment in protective infrastructure.
• This lack of preparedness creates critical vulnerabilities in the digital foundations that support modern industry, innovation, and essential services.
• The industrialized nature of the cybercrime ecosystem is rapidly outpacing the defensive capabilities of many companies, threatening the stability of critical infrastructure.

The “Cyber Poverty Line” and its Implications for SDG 16

The concept of a “cyber poverty line” highlights a growing gap in institutional resilience, which is a core component of Sustainable Development Goal 16 (Peace, Justice, and Strong Institutions). This term describes the point at which an organization’s security measures are insufficient to defend against the sophisticated and organized criminal landscape.

1. Organizations fall below the “cyber poverty line” when their investment and preparedness in cybersecurity are outmatched by the capabilities of cybercriminals.
2. Crossing this threshold dramatically increases the likelihood of a successful compromise, such as fraud, ransomware attacks, or identity theft.
3. This trend indicates a weakness in building effective and accountable institutions capable of protecting citizens and enterprises from organized crime in the digital realm.

A Call for Proactive Planning to Safeguard Development

Given the pervasiveness of cyber threats, a reactive approach is no longer sufficient. Achieving the Sustainable Development Goals requires a proactive and strategic commitment to cybersecurity resilience across all sectors.

• For most Canadian businesses, being targeted by cybercrime is an inevitability, making proactive planning essential. One in five businesses has already been targeted.
• It is critical for organizations to develop, communicate, and implement comprehensive response plans for worst-case scenarios.
• This strategic planning is necessary to mitigate damage, ensure operational continuity, and protect the economic and social progress central to the 2030 Agenda for Sustainable Development.

Sustainable Development Goals (SDGs) Addressed in the Article

1. Which SDGs are addressed or connected to the issues highlighted in the article?

• SDG 8: Decent Work and Economic Growth: The article directly connects to this goal by highlighting the severe economic impact of cybercrime on businesses. The reported losses, such as “fraud losses equivalent to 7.2 percent of their revenues” and a total of “$111 billion CAD in the past year,” directly undermine economic productivity, threaten business sustainability, and consequently impact job security and economic growth.
• SDG 9: Industry, Innovation and Infrastructure: This goal is relevant as it calls for building resilient infrastructure. The article emphasizes the vulnerability of business infrastructure to cyberattacks. The concept of a “cyber poverty line” suggests that many companies lack the resilient digital infrastructure needed to protect themselves, which stifles safe innovation and industrial development.
• SDG 16: Peace, Justice and Strong Institutions: The article’s focus on cybercrime as a “criminal ecosystem” directly relates to SDG 16, which aims to combat organized crime and reduce illicit financial flows. The mention of “payment fraud” and “identity theft” are examples of crimes that threaten peace and justice, while the massive financial damages represent a significant form of illicit financial flow.

2. What specific targets under those SDGs can be identified based on the article’s content?

1. Target 8.1: Sustain per capita economic growth. The article demonstrates a direct threat to this target. The prediction that “cybercrime damage costs are predicted to exceed $10 trillion USD in 2025” shows a massive drain on the global economy, hindering the sustained economic growth this target aims for.
2. Target 9.1: Develop quality, reliable, sustainable and resilient infrastructure. The article implies that current digital infrastructure is not sufficiently resilient. The statement that businesses “under-invest in protecting themselves” and fall below the “cyber poverty line” points to a failure to develop the resilient infrastructure necessary to support economic development and withstand threats.
3. Target 16.4: By 2030, significantly reduce illicit financial and arms flows… and combat all forms of organized crime. The article’s content is directly aligned with this target. The discussion of “payment fraud” and the “criminal ecosystem” of cybercrime describes a form of organized crime that results in massive illicit financial flows, as evidenced by the billions of dollars in losses reported by Canadian businesses.

3. Are there any indicators mentioned or implied in the article that can be used to measure progress towards the identified targets?

• Financial losses from cybercrime as a percentage of revenue: The article provides a specific metric: “Canadian business leaders reported fraud losses equivalent to 7.2 percent of their revenues this year.” This can serve as a direct indicator to measure the economic impact on businesses (relevant to SDG 8 and SDG 9).
• Total monetary value of cybercrime damages: The article cites specific figures that can be used as indicators, such as the prediction of “$10 trillion USD in 2025” globally and the estimated “$111 billion CAD in the past year” for Canadian businesses. Tracking this value measures the scale of illicit financial flows (relevant to SDG 16).
• Proportion of businesses affected by cybercrime: The statistic that “One-in-five Canadian businesses have been targeted” and “one-in-seven have lost money to payment fraud” serves as an indicator of the prevalence of these crimes and the vulnerability of the business sector (relevant to SDG 9 and SDG 16).

Summary Table of SDGs, Targets, and Indicators

4. Create a table with three columns titled ‘SDGs, Targets and Indicators’ to present the findings from analyzing the article. In this table, list the Sustainable Development Goals (SDGs), their corresponding targets, and the specific indicators identified in the article.

Source: cybersecurityventures.com