Experts in cyber risk, citing financial mismanagement behind the current economic crisis, are warning business executives they need to better understand how to manage their own cyber systems to avoid another crisis.
The American National Standards Institute (ANSI) and the Internet Security Alliance (ISA) released a new guide to assist business executives in the analysis, management and transfer of financial risk related to a cyber attack.
In 2004, the Congressional Research Service estimated the annual economic impact of cyber attacks on businesses – which can come from internal networks, the Internet or other private or public systems – to be more than $226 billion. In 2008, U.S. Department of Homeland Security Secretary Michael Chertoff named cyber risks one of the nation’s top four priority security issues.
“We are experiencing a financial meltdown due to a fundamental misunderstanding and mismanagement of modern financial systems, which is generating a crisis of confidence in our core institutions. Today, all our critical infrastructures are reliant on cyber systems that are also misunderstood and mismanaged. These vulnerabilities place both our financial and physical security in jeopardy unless we update the method we use to control our cyber systems,” said Larry Clinton, president of the ISA.
He said the new guide is “extremely practical” and will assist organizations in managing their cyber infrastructure by shifting the locus of control to the chief financial officer.
Developed by a cross-sector task force representing more than 30 private and public sector organizations, The Financial Impact of Cyber Risk: 50 Questions Every CFO Should Ask approaches the financial impact of cyber risks from the perspective of core business functions.
The document provides guidance to CFOs and their colleagues responsible for legal issues, business operations and technology, privacy and compliance, risk assessment and insurance, and corporate communications. It is organized in a question-based format, which makes it applicable to virtually any industry and any set of business circumstances.
“We urge all the owners and operators of our nation’s cyber systems to join with us in our joint effort to upgrade our nation’s security,” Clinton said.
Electronic copies are available for free download at http://webstore.ansi.org/cybersecurity.
Banks Still Face Legal Claims After $25 Billion Settlement
MF Global Judge to Examine Insurance Payments for Former Executives
Daredevil CEOs May Put Companies at Risk
California Independent Contractor Law May Be Liability for Agents, Brokers
North Carolina Continues Auto Regulation Debate As Rates Stay Same for 2012
Long-time California Lobbyist Looks to 2012 Legislation Affecting Insurance
Mine Safety Chief Seeks to End Complacency Over Safety
Virginia Court Grants Rehearing of Global Warming Claims Case
