Cyber Attack: Risk Management Primer for CEOs

No business, government, nongovernmental, or other organization of whatever size is invulnerable to cyber attacks. Business owners and executives, including managing directors, cannot afford to put at risk the security and stability of their operating and financial systems, confidential information, intellectual property, and business transactions to cyber predators through lack of knowledge or initiative.
Download the PDF

EXECUTIVE SUMMARY

Cyber Attack CEOsToday’s businesses rely increasingly on corporate IT networks and their connection with the global Internet as the backbone of their sales, sourcing, operating, and financial systems. However, the convenience of global connectivity comes at a cost—the vulnerability of network infrastructures and systems to the malicious actions of cyber criminals and espionage agencies. Yet few CEOs or managing directors are prepared to lead their companies against these dangers. Too often CEOs and directors fail to understand the level of potential risk and liability, and cede responsibility for dealing with cyber attacks to their IT department. Instead, leaders of corporations, nongovernmental and not-for-profit organizations, and public sector agencies in the 21st century must know enough to at least ask the right questions of their chief information officer.

No business, government, nongovernmental, or other organization of whatever size is invulnerable to cyber attacks. Business owners and executives, including managing directors, cannot afford to put at risk the security and stability of their operating and financial systems, confidential information, intellectual property, and business transactions to cyber predators through lack of knowledge or initiative. Just as CEOs and directors are responsible for ensuring that their chief financial officer has managed their funds appropriately, so they must be convinced that the CIO has taken all reasonable and prudent steps to safeguard the company’s digital resources. Moreover, the nature of the Internet demands that corporate officers extend these concerns to their business partners, suppliers, and vendors, by insisting that they also take precautions against electronic aggression that could put both parties at risk.

EVENT:  Cybercrime Wake-Up Call Needed

CEOs who think cybercrime is just the business of CIOs are like Enron’s shrugging off the companies books as something for the accounting department. Those provocative words from Dr. Paul Twomey, president and CEO of ICANN, highlighted an all-star panel discussion on the launch of Cyber Attack: A Risk Management Primer for CEOs and Directors released on December 12 by the British-North American Committee (BNAC) and the Atlantic Council of the United States, the U.S. sponsor of the Committee.