Is It Time to Educate CEOs about Threats from Cybercrime?
Updated Jan. 3, 2012
The movement to persuade senior executives on cyber-security dangers is slowly growing.
Indeed, two business professors – University of Virginia’s Tim Laseter and Dartmouth’s Eric Johnson – argue there’s “A Better Way to Battle Malware.” They successfully argue in the lengthy article that senior executives could implement production quality controls to conquer cyber security issues.
Indeed, there’s plenty of evidence that cybercriminal activity is flourishing. Every week we see the headlines about newly discovered sinistere events. But USA Today first reported in 2010 that many CEOs have been unaware about the dangers to their firms when it comes to Internet security.
Eighty-one percent of information-technology professionals believed that their companies’ senior managers still do not comprehend the need to take proactive steps to ward off security threats.
That’s according to a study of nearly 591 of IT pros. It was conducted by the Ponemon Institute for NetWitness. Not only did it involve opinions about CEOs, the same fears were attributed to a lack of understanding by government agencies.
In addition to the 81 percent concerning senior executives, the study reports other red flags:
- 83 percent indicated their organization has been a recent target of advanced threats
- 41 percent said they were frequently attacked
So, it’s time to check with go-to security expert Dr. Stan Stahl. Is it really possible that senior executives don’t fully comprehend IT security dangers?
“Our experience confirms the validity of these statistics,” believes Dr. Stahl. “The cybercrime problem is only going to get worse as more and more small and medium size businesses fall victim to online bank fraud.”
Commenting in his blog, Dr. Stahl is a widely known pioneer and consultant in security and the prevention of identity theft. He is the expert on Federal Trade Commission rules under the Gramm Leach Bliley Act governing non-public personal information by financial institutions. He is also president of the Los Angeles chapter of the Information Systems Security Association, a nonprofit, international organization of information-security professionals and practitioners.
“The biggest challenge we see is helping the men and women who have to dedicate resources (people or money) understand (1) why they need to improve the security of their information systems, (2) the basic steps involved in improving systems security, and (3) the ancillary competitive benefits they can get from improved information systems security management,” he writes.
Indeed, the study also indicates 44 percent of attacks result in the theft of confidential information, and 45 percent of the cyber strikes result specifically in the “theft of intellectual property.”
“It’s to meet this challenge that we in the Los Angeles Chapter of the Information Systems Security Association (ISSA-LA) have embarked on an aggressive Community Outreach Program”, writes Dr Stahl. “Our objective is nothing less than to raise information security awareness.”
Of course, the association has local chapters in multiple cities; see www.issa.org.
Yes, it’s disappointing to know that senior executives are still in the dark. But IT pros can solve this problem. Here’s more: How CIOs Can Get More Respect in the C-Suite.
From the Coach’s Corner, this portal’s Tech section contains many Biz Coach articles on cybersecurity with solutions from Dr. Stahl. (Note: I’m very familiar with Dr. Stahl’s expertise as we’re both members of Consultants West, www.consultantswest.com.)
For more on Dr. Stahl, see his Web site and his blog.
“Distrust and caution are the parents of security.”
-Benjamin Franklin
__________
Author Terry Corbell has written innumerable online business-enhancement articles, and is a business-performance consultant and profit professional. Click here to see his management services. For a complimentary chat about your business situation or to schedule him as a speaker, consultant or author, please contact Terry.
