Report Calls for C-level Involvement in Cybersecurity
DATA PROTECTION—U.S.April 1, 2010
"The Financial Management of Cyber Risk," a new report published by the Internet Security Alliance (ISA) and American National Standards Institute (ANSI), is recommending C-level executives implement cybersecurity risk management programs at their companies. CIO reports that part of the goal is to get executives directly involved in such efforts, citing a federal cyberpolicy review indicating U.S. businesses lost $1 trillion worth of intellectual property to cyberattacks between 2008 and 2009. "We believe if we can educate American organizations about how much they're actually losing, we can move to the next step, which is solving the problem," said Larry Clinton of the ISA, pointing out that between 80 and 90 percent of cybersecurity problems can be avoided by a combination of best practices, standards and security technology.