After the leak of the Panama Papers and a string of ransomware attacks, will these new developments lead to new priorities for lawyers, doctors and enterprises at large? Can financial losses or the damage to the reputation of a health system or law firm lead to a new sense of urgency to update accepted security practices and even codes of conduct with hospital data? Will regulatory bodies mandate more training for these two distinguished professions that have largely opted out of serious cybersecurity training up until now?
The job of the Chief Information Security Officer (CISO) has become challenging. As security has become a top-level concern for executive boards who are paying attention to the business impact of security, CISOs now have a seat at the table.
Your company may think it has adequate insurance coverage for a network breach, but there’s a good chance that it does not. According to the findings of a recent UK government report, over half of the companies surveyed thought they had the right coverage in place, while only 10 percent actually did. Another sizable group of those surveyed responded that they had no idea which of the many cyber risks facing their company even could be insured.
Frankly, it’s costing U.S. businesses more than other nations’ enterprises worldwide, according to data collected in the 2014 Cost of Cyber Crime Study: United Statesfrom the Ponemon Institute and HP Enterprise Security. The mean cost of cyber crime for a company in the U.S. last year was $12.7 million per year; other countries’ enterprises mean costs ranged from Germany’s $8.13 million to Russia’s mere $3.33 million. The study observes a $1.1 million (or 9.3 percent) increase in cyber crime costs for the U.S. from last year’s report.
Security breaches cost organizations around the world millions of dollars each year. The average cost of each breach is upwards of $6 million according to a report from the Ponemon Institute, and perhaps more concerning, 50 percent of organizations surveyed were not confident in their security programs.
The tool does not require identifying information, and it does not collect data without opt-in permission.
June 1, 2014
Tool users, including information-security, risk, financial and other senior executives, can input a range of expenses and estimated costs for either a specific scenario or actual breach, and the app, sponsored by Booz Allen Hamilton, would generate a comprehensive report explaining the total cost and enabling a cost-benefit analysis of security strategies.
An engaged leadership team already understands the greater domain awareness provided by converged surveillance systems, but how about the next step toward robust risk management: cybersecurity and cyberspecific insurance?
Schools, businesses and enterprises across the world have experienced a paradigm shift since the terrorist attacks on Paris and Belgium. As active shooters and terrorists get more creative in choosing and evaluating softer targets, security leaders are striving to keep their enterprises safe and alert without damaging the culture.