Cyber Wars – From Global to Laptop
Last month, Security Magazine reported cyber attacks across numerous countries, government agencies and military groups, including the Pentagon. Some have suggested the attacks originated in China.
At the April RSA security conference in San Francisco, Melissa Hathaway, a top advisor to President Barack Obama, gave some details of a two-month study about the nation’s computer security. She suggested that the Administration won’t consolidate the patchwork of national agency protection into one person. But there is legislation in the U.S. Senate – S.773: Cybersecurity Act of 2009, which will establish, within the Executive Office of the President, the Office of the
National Cybersecurity Advisor.
The proposal states that the national cybersecurity advisor will be an assistant to the President, subject to confirmation by the Senate, and would have specific duties with respect to advising the President.
There’s no doubt that hackers, identity thieves and spies have increased attacks on the nation’s power grids, military networks and other government networks. The big question is: Are governments orchestrating or encouraging the attacks.
China denies involvement.
“We have reiterated many times our policies of firmly opposing and severely cracking down on all crimes that damage the Internet, including hacking,” China Foreign Ministry spokeswoman Jiang Yu told a regular press conference.
Ironically, there may be more losses in the U.S. in terms of computers and data from something as simply as losing a laptop computer or having it stolen.
An independent study on notebook security, commissioned by Intel Corporation, analyzed the potential business costs of stolen or lost notebook computers, suggesting that in an era where “the office” can be almost anywhere, good security precautions are essential.
The study, which was conducted by the Ponemon Institute, calculated that notebooks lost or stolen in airports, taxis and hotels around the world cost their corporate owners an average of $49,246 per loss, reflecting the value of the enclosed data above the cost of the PC.
The Mobile Worker
Analyzing 138 instances of lost and stolen notebooks, the study based the $49,246 price tag on costs associated with replacement, detection, forensics, data breach, lost intellectual property, lost productivity, and legal, consulting and regulatory expenses. Data breach alone represents 80 percent of the cost. The study found that data encryption makes the most significant difference in the average cost: A lost notebook with an encrypted hard-disk drive is valued at $37,443, compared with $56,165 for a nonencrypted version.
By the way, the greatest losses from a laptop or notebook computer come from those used by enterprise managers and directors and not the CEO. According to a Zalud Report interview of the researchers, the CEO’s laptop often does not contain a firm’s most sensitive data.
SIA Legislative Priorities
- Secure sufficient funding for the Student Safety and Campus Emergency Management grant program.
- Secure enactment of the School Safety Enhancements Act and appropriation of $50 million in fiscal year 2010.
- Secure full funding of $400 million in fiscal year 2010 for the Port Security Grant Program.
- Secure full funding of $900 million in fiscal year 2010 for the Transit Security Grant Program, and support the distribution of grant money directly to transit authorities without a local match requirement.
- Support the allocation of additional funding to protect facilities that contain dangerous toxins, diseases or agents.
- Support the allocation of additional funding to help hospitals and health care facilities conduct security assessments and purchase security equipment.
- Support legislation that promotes participation by the Department of Homeland Security in the development of technological standards by the private sector.