Cybersecurity Cannot Ignore Climate Change

For the past few years, I’ve met with various executives in cybersecurity who have yet to discuss the potential impact of climate change to their business. When climate change is mentioned, it’s usually dismissed. Dismissed due to deniers of the existence of climate change or simply because they haven’t found the time to understand the potential risks.

This needs to change.

Perhaps this is the first time you have ever read about cybersecurity and climate change… but climate change is real. It exists… and we are far from being ready to deal with the consequences within cybersecurity.

This week, the U.K. Met Office shared that we are exceeding the key global temperature limit and have a 50–50 chance that we will surpass the critical global heating threshold of 1.5° Celsius within the next 5 years.

What does this mean?

It simply means we are in danger. It means that more climate refugees, more severe weather storms, more fires, more drought, and more possible pandemics to come.

The Paris Agreement was meant to bring the world together to limit the impact of climate change by focusing on keeping it at 1.5° Celsius (hopefully) or 2° Celsius (worst case scenario) by 2050.

“At two degrees we see dramatic alterations to the ability of the Earth’s system to maintain the conditions that allow for human life and indeed other species’ life.” — ​​Maria Ivanova, a professor of global governance at University of Massachusetts Boston.

According to the UN, we may hit 3° Celsius by 2050 if nothing changes…yet, in cybersecurity, we don’t talk about climate change. Yes, think of the Encanto song We Don’t Talk About Bruno.

The Economist released This is what 3°C of global warming looks like in a video to showcase what this planet may become in the near future. Honestly, the future of this planet is looking pretty grim, including potential security issues due to climate change. We can expect attackers to interfere with dire aid and get into our supply chains that assist with providing much needed resources, such as clean water.

There are at least 5 issues that stand out when it comes to climate change and cybersecurity:

1. Protecting natural resources, such as clean water, from attackers

2. Shift of employees moving across and outside the country, impacting security and businesses

3. Increase of weather damages impacting businesses

4. Potential increase of pandemics impacting businesses

5. Protecting aid delivery from attackers

To understand what lies ahead with climate change and cybersecurity, let’s first look at the current state of our planet.

Our Planet’s Status

• One-third of all plant and animal species could be extinct in 50 years, PNAS study warns.

• Australian think tank IEP predicts that at least 1.2 billion people could be displaced by such climate-related events by 2050.

• A majority of the 30.7 million people displaced in 2020 were fleeing floods, wildfire, drought or heat waves, according to a recent report released by the International Federation of Red Cross and Red Crescent Societies.

• The Greenland and Antarctic ice sheets are losing significant amounts of land-based ice as a result of human-caused global warming, according to NASA’s Grace.

• Melting glaciers add to rising sea levels, which in turn increases coastal erosion and elevates storm surge as warming air and ocean temperatures create more frequent and intense coastal storms like hurricanes and typhoons. An analysis of satellite imagery from the past four decades suggests that global warming has increased the chances of storms reaching Category 3 or higher.

• At least 14 million tons of plastic end up in the ocean every year; plastic makes up 80% of all marine debris found from surface waters to deep-sea sediments.

• ​​The Great Pacific Garbage Patch is part of the five offshore plastic accumulation zones in the world’s oceans and is located halfway between Hawaii and California. It covers an approximate surface area of 1.6 million square kilometers — an area twice the size of Texas and three times the size of France.

• It’s estimated that between 1.15 million to 2.41 million tonnes of plastic are entering the ocean each year from rivers.

• Recycling isn’t actually working in the US because it lacks the infrastructure. Sixty-six percent of discarded paper and cardboard were recycled, 27 percent of glass, and 8 percent of plastics were recycled. Glass and metal can be recycled indefinitely; paper can be recycled five to seven times before it’s too degraded to be made into “new” paper; plastic can only be recycled once or twice — and usually not into a food container — since the polymers break down in the recycling process.

• According to the EPA, of the 267.8 million tons of municipal solid waste generated by Americans in 2017, only 94.2 million tons were recycled or composted.

• Many of the root causes of climate change also increase the risk of pandemics. Deforestation, which occurs mostly for agricultural purposes, is the largest cause of habitat loss worldwide. Loss of habitat forces animals to migrate and potentially contact other animals or people and spread viruses. Large livestock farms can also serve as a source for spillover of infections from animals to people.

• The recent Ebola epidemic in West Africa probably occurred in part because bats, which carried the disease, had been forced to move into new habitats because the forests they used to live in had been cut down to grow palm oil trees.

• Each year, the U.N. publishes a report evaluating the gap between the latest climate pledges and the Paris Agreement’s goals. Last year, it concluded that the world is falling short. This year’s report finds that the updated pledges would probably result in warming of around 2.7° Celsius.

• If the Paris Agreement is implemented effectively, net-zero emissions pledges could limit warming to 2.2°C, closer to the well-below 2°C goal of the Paris Agreement.

• Plastic on average can take 500 -1000 years to decompose.

• CO2 can stay in the atmosphere for up to 1,000 years.

• More than half of the 60,000 tonnes of clothes imported each year ends up in illegal desert landfills, with dire consequences for the environment and the local community.

• Globally, transportation accounts for between 15 and 20 percent of emissions each year. Motor vehicles are the leading cause of air pollution in the United States.

I know these statistics are scary. It’s much easier to ignore the truth. I guess they are right that ignorance is bliss. But, now you know. Since you know, it’s up to us to start talking about climate change and get cybersecurity ready to protect and defend from attackers while companies start incorporating the potential impacts of climate change on their company’s business.

So here is what we can start doing.

Our Current Cybersecurity Status on Climate Change

We have to understand that as technology advances, there is more tech that needs energy consumption. If energy is from burning fossil fuels, this is a problem. That’s right, if your Tesla is powered by fossil fuels as its energy source, you aren’t driving an Eco-friendly car. Overall, we must push for cleaner energy to ensure that while we create new technology that we are not taxing the planet, especially when it comes to data centers.

Several tech companies are focused on achieving net-zero emissions by 2050. However, the goal should be focused on achieving net-zero emissions by 2030, if possible. Net-zero emissions is most likely to become a company standard, as countries will require stricter energy policies.

Environmental, Social, Governance (ESG) frameworks allow for companies to acknowledge the risks ahead and prepare for them while pushing for net-zero emissions. Various ESG frameworks dive into the supply chain and business impact on the environment. I highly recommend looking at the Task Force on Climate-related Financial Disclosures (TCFD) framework; it helps companies prepare for what may occur to one’s business when the world hits 2°C. Additionally, ESG pushes for companies to become aware of their waste and Greenhouse Gas (GhG) emissions.

By thinking about what we consume and provide, we can start to understand that our decisions carry a carbon footprint. To learn more about calculating a carbon footprint:

For individuals: www.footprintcalculator.org for individuals

For companies: https://ghgprotocol.org/ghg-emissions-calculation-tool

Another way to think about our consumption is by knowing the supply chain of an item. It allows us to have a better understanding of what our decision can do to our world. For example, when we give out t-shirts at conferences, there’s a chance it contains synthetic materials made from plastic. This allows for the t-shirt to not decompose for more than 500 years! I mean are you planning on wearing that t-shirt and passing it down for many generations? More like wearing it maybe a few times and then donating or throwing it away, which then lands in a desert in Chile waiting to decompose. Additionally, the textile industry is one of the biggest polluters to our world’s water. Not to mention the cheaper the t-shirt, more likely it was a fast fashion item that had sweatshop conditions and potentially child labor. Once the t-shirt is made, it’s then transported to another facility to do printing or sewing, which then is transported to a company’s office or a storage facility. From there, the t-shirt is transported to an event. Overall, that swag t-shirt is a contributor to climate change… and no it’s not recyclable.

Believe it or not, most items aren’t recyclable. Electronic waste (e-waste) is another global problem we are currently dealing with.

So here’s a quick overview on what we can start to do in cybersecurity:

1. Know your waste and reuse items as much as possible.

2. Get your companies onboard with ESG.

3. Track your carbon footprint.

4. Ensure events produce low emissions and trash, such as virtual & hybrid events.

5. Volunteer and help protect resources.

6. Purchase less, including tech.

7. Update yourself on the latest on climate change and legislation.

8. Donate tech equipment to local charities, don’t assume it can be recycled.

9. Rethink swag, less plastic waste.

10. Spread this blog post and talk about climate change!

Overall, this blog post is ridiculously long but it’s one that I hope provides a conversation starter about why cybersecurity cannot ignore climate change anymore.

More on this topic to come!