The Internet Security Alliance (ISA) and the American National Standards Institute (ANSI) released today a new action guide to assist business executives in the analysis, management and transfer of financial risk related to a cyber attack.
The ISA-ANSI publication, The Financial Management of Cyber Risk: An Implementation Framework for CFOs, responds directly to the President’s request, offering a pragmatic action plan that addresses cybersecurity from an enterprise-wide perspective. Developed by a cross-sector task force of more than sixty industry and government experts, this publication has been funded and managed by the private sector and is offered as a free resource on cyber risk mitigation for organizations across the country.
The Financial Management of Cyber Risk: An Implementation Framework for CFOs approaches the financial impact of cyber risks from an holistic perspective, including relevant chapters that touch upon the core business functions of all organizations, no matter the size or industry sector. In addition to strategic questions, the action guide offers sample charts to aid in calculating the probability and severity of financial loss from both risk events and the actions taken to mitigate them.
The guide also includes a list of standards and reference documents to help businesses develop comprehensive risk management frameworks. Electronic copies are available for free download at http://webstore.ansi.org/cybersecurity.