Monday
Oct202008
Cyber Security and the “financial meltdown”
Monday, October 20, 2008 at 3:17PM
“We are experiencing a financial meltdown due to a fundamental misunderstanding and mismanagement of modern financial systems, which is generating a crisis of confidence in our core institutions. Today, all our critical infrastructures are reliant on cyber systems that are also misunderstood and mismanaged. These vulnerabilities place both our financial and physical security in jeopardy unless we update the method we use to control our cyber systems,” said Larry Clinton, president of the Internet Security Alliance (ISA).
The ISA and the American National Standards Institute (ANSI) released today a new action guide for top financial advisers at companies around the country on the analysis, management and transfer of financial risk related to cyber attack. Two thousand copies of the action guide are now on their way to executives around the nation, and electronic copies are available for free download at http://webstore.ansi.org/cybersecurity.
Ty Sagalow of the American International Group said “up to $3 trillion a day moves over the internet. And the main protocol to protect this data is over 30 years old. Some estimate that the total cost of a data breach grew to $197 per record in 2007. And the privacy rights clearing house has identified more than two hundred and thirty million records of U.S. residences that have been exposed due to security breaches since January 2005.”
Cyber Security is the protection of any corporate system, computer system, or software program against any kind of unauthorized disclosure, transfer, modification, or disruption, whether it is internal, external, accidental, purposeful, for criminal or terrorist purposes, or the result of negligence.
The ISA and the American National Standards Institute (ANSI) released today a new action guide for top financial advisers at companies around the country on the analysis, management and transfer of financial risk related to cyber attack. Two thousand copies of the action guide are now on their way to executives around the nation, and electronic copies are available for free download at http://webstore.ansi.org/cybersecurity.
Ty Sagalow of the American International Group said “up to $3 trillion a day moves over the internet. And the main protocol to protect this data is over 30 years old. Some estimate that the total cost of a data breach grew to $197 per record in 2007. And the privacy rights clearing house has identified more than two hundred and thirty million records of U.S. residences that have been exposed due to security breaches since January 2005.”
Cyber Security is the protection of any corporate system, computer system, or software program against any kind of unauthorized disclosure, transfer, modification, or disruption, whether it is internal, external, accidental, purposeful, for criminal or terrorist purposes, or the result of negligence.
Reader Comments (1)
In the realm of risk, unmanaged possibilities become probabilities. As CIO, I'm always looking for ways to help my team, business teams, and ad hoc measures of various vendors, contractors and internal team members. A book that is required reading (specific chapters, depending on nature of projects and teams) is "I.T. WARS: Managing the Business-Technology Weave in the New Millennium."
We keep a few copies kicking around - it would be a bit much to expect outside agencies to purchase it on our say-so. But, particularly when entertaining bids for projects and in the face of challenging change, we ask potential solutions partners to review relevant parts of the book, and it ensures that these agencies understand our values and practices.
The author, David Scott, has an interview here that is a great exposure: http://businessforum.com/DScott_02.html
The book came to us as a tip from one of our interns who attended a course at University of Wisconsin, where the book is in use; I like to pass along things that work, in the hope that good ideas continue to make their way to me. I hope you can make use of this info...