Across both commercial and government organizations, current methods of performing cyber risk management are ineffective.
FORBES: Cyberwar Or Not Cyberwar? And Why That Is The Question
Company policy and the law is only just beginning to play its part in order to minimize cyber risk.
"China has powerful controls over content going out and coming in at every gateway, " says Jody Westby, chief executive of security consultancy Global Cyber Risk.
It extends from cyber terrorism to reducing risk in crowded places and investigating how to intercept new methods of telecommunications, he adds.
America, according to Secretary of Defense Leon Panetta is at severe risk from cyber-attack, and DHS has indicated that we are short at least 30, 000 security professionals.
FORBES: Japanese Secret Boxes: The Coolest Security Puzzles for Kids and Adults
Floating that information into the cyber world always carries the risk of identity theft, Forzley points out.
Executives interviewed for the report indicated that the social media risk is rising, and they worry about cyber attacks, breaches of confidentiality, fast-spreading malicious rumors about the company, as well as financial disclosures.
FORBES: Social Media Risk Is Like Wildfire. Where's the Fire Engine?
When companies are willingly to spend money on cybersecurity because they will get some of it back as a tax credit, cyber issues will then be on the radar of CFOs and risk officers as a priority and security will improve.
FORBES: Congress Needs to Go Back To School on Cyber Legislation
Alan Paller, the director of the SANS Institute, for instance, made this argument to us when he explained to us why offensive hacking should be included in the Cyber Challenge program for finding and training young hackers, despite the risk of fostering young cybercriminals.
"Commonly available cyber defences such as firewalls, antivirus and automatic updates for security patches can reduce risk, but they're not enough, " wrote Mr Charney.
Business, government and the public must constantly be alert to the level of risk if they are to succeed in detecting and resisting the threat of cyber attack.
Corporations should also use this opportunity to review their insurance coverage of losses due to cyber incidents, especially since the SEC has identified the extent and amount of insurance coverage as a risk factor to be considered in assessing whether to report.
FORBES: Disclosing Cyber Security Incidents: The SEC Weighs In
应用推荐