7 Cybercrime Facts Executives Need to Know

The bad guys are getting smarter. Whether they are terrorists who realize another way to hurt the world and advance their agenda is to destabilize the economies of developed nations, especially leaders like the USA, disgruntled insiders, or "ordinary" criminals with a predominant profit motive, cyber crimes are increasing and becoming more costly. In information technology security circles, there is some buzz about a July 2010 Cost of Cyber Crime Benchmark Study of a representative sampling of U.S. companies conducted by the Ponemon Institute. This organization conducts independent research on privacy, data protection, and information security policy.

By Jon Murphy
Wed, January 12, 2011

CSO — The bad guys are getting smarter. Whether they are terrorists who realize another way to hurt the world and advance their agenda is to destabilize the economies of developed nations, especially leaders like the USA, disgruntled insiders, or "ordinary" criminals with a predominant profit motive, cyber crimes are increasing and becoming more costly. In information technology security circles, there is some buzz about a July 2010 Cost of Cyber Crime Benchmark Study of a representative sampling of U.S. companies conducted by the Ponemon Institute. This organization conducts independent research on privacy, data protection, and information security policy.

Slideshow: Quiz: Separate Cyber Security Fact From Fiction

The point that the Institute is seemingly trying to make with their representative study is that Enterprise Risk Management (ERM), especially as it relates to IT, needs to ramp up; companies are getting lax again/still and re-assuming an attitude of "it" (i.e.: bad things) won't happen to them. The 23-page Ponemon Institute report is available online at their website but, here is a high-level, seven-point summary and my input of how the information may relate to your company's situation.

Cyber crimes are far more costly than taking steps to harden an environment beforehand

The study reports that the average for response costs for companies that were impacted was $3.8 million per year. The cost of the technologies and processes that could have effectively mitigated or prevented the same incidents, were generally less than 1/3 the cost. In other words, and rather obviously -- pre-planning and mitigation is a heck of a lot cheaper, in most cases, than merely reacting with an ad hoc response after an incident/breach.

Even more importantly, the appointment of a single top executive responsible for enterprise risk management, a la a Chief Security Officer, or better still, a Chief Risk Officer is a critical factor for success. Often autonomously reporting straight to the board of directors and with a true enterprise-wide view, not just technology centric, this executive can appropriately ensure that risk management is "baked in" at the start of projects and programs, rather than merely "bolted on" haphazardly as an afterthought. Also, merely relegating IT security and risk management to some "underling" as one facet of a job in some other line department is a quick recipe for big trouble.

Additionally, the creation and rollout of an ERM strategy and adherence to a voluntary governance/certification framework (such as ITIL / NIST, etc.) appear to both, substantially lessen the chance of occurrence and the total cost of a dealing with a cyber crime incident.

1 2 3 4 next page »

Originally published on www.csoonline.com. Click here to read the original story.

What is Tech Briefcase?

TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more

Bookmark content

Speed up your research efforts with content across the web.

Search and Store

Find the white papers you need. Create folders for any topic.

View Anywhere

Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.

Don't have an account yet?

You are here: Business/Management Topics » Legal » News

Most Recent Cybercrime Stories

White Papers »

Bring Your Own Device eGuide

As more and more CIOs are beginning to see significant benefits from letting employees choose the device they use to get their jobs done, the Bring Your Own Device (BYOD) trend is spreading. According to the Computerworld Consumerization of IT Study, about half of the 604 respondents said their organizations allow employees to do work using their own devices either away from the office or at work. Whether these devices are smart phones, tablets, or laptops that are used in the office or while working remotely, companies that embrace this trend are finding their employees are more productive and experience greater job satisfaction. What's more, enterprises can significantly reduce up front costs and allow for flexible work hours by letting employees use their device of choice anytime, from anywhere.

Enabling Remote Employees with High Quality Video

In this paper, we analyze the delivery of live and on-demand mobile video content. It focuses on specific ways in which organizations can follow best practices to ensure the experience of video communication is maximized for viewers, while keeping corporate networks running smoothly.

Business Video Empowers Social Media

There's no denying that the wisdom of a company resides in the heads of those directly responsible for the non-routine work of the organization. There's also no denying that management teams are looking to find better employee communications solutions and reduce costs. This is coupled with increased demand to better manage projects, customer service, product launches, training, and sales by workforces that are separated by time zones and using mobile devices. This need for wide-scale communications at lower cost is fueling recent organizational demand for scalable, affordable enterprise video and employee generated video content or "EGC"

A "YouTube-like" Experience For Employees

The wave of video in the enterprise will continue to rise as the communication medium and the enabling technologies become ubiquitous in our daily personal and business lives. Businesses must be fully aware of the challenges and requirements of deploying an enterprise video solution. With a proper approach, adequate preparation, and skilled analysis, your organization will be able to accurately build an effective, scalable YouTube for the Enterprise framework that leverages your existing IT infrastructure and is aligned with your business goals.

Generation Gmail: How are you dealing with "work-around email" workers?

This whitepaper aims to identify those users, the reasons they exist and to outline what your organization can do about them.

The CFO Guide to Budgeting Software

A mid-sized business needs the same financial performance control and measurement capabilities as a large corporation, but in a solution that's affordable, easy to implement and scalable. This guide simplifies the search by helping CFOs understand the 10 must-have characteristics of today's best financial performance management solutions.

Webcasts »

Optimizing the world of IT for end-users: Balancing freedom and choice with security and compliance to meet business

Download this eSeminar to hear from experts Ziff Davis Enterprise, VMware and HP and learn how client-side virtualization can improve your organization's performance, while reducing the IT burden of managing and maintaining an increasingly diverse client universe.

Operational Analytics - Changing the Competitive Dynamics of the Business

Date/Time: June 5, 2012, 11:00 a.m., EDT, 4:00 p.m. BST / 3:00 p.m. UTC

Please join us for this webcast, as Dr. Barry Devlin, Founder and Principal, 9sight Consulting, describes what operational analytics can do for your business and reviews an architectural approach that will enable you to make it a reality.

Introduction to Virtualization

Have you been thinking about what it would take to start using virtualization? Or do you know the basics and want to find out more? No problem. This webcast is designed for anyone with little to no knowledge of virtualization technology. Attend this webcast to learn:

-A basic overview of the business value of the technology and some key capabilities that make virtualization so valuable to IT and the businesses you serve.
-The basics for creating virtual machines and the key choices that can be made along the route to deployment.

Cloud-based Contact Center: Is it Right for Your Business?

View this on demand webcast to learn if moving business communications to the cloud is right for your business. Featured industry experts DMG Consulting LLC president, Donna Fluss, Frost & Sullivan principal analyst, Michael DeSalles, and Interactive Intelligence senior vice president, Joe Staples discuss this topic and help you answer your pressing questions at the conclusion of this web event.

Must have Tools and Techniques to Optimize the Sales Pipeline and Win more Deals

In this webcast, Vantage Point Performance's Michelle Vazzana will reveal how to coach your reps to better performing pipelines.

Sales Effectiveness in the New Sales Paradigm - A Webcast Featuring the Latest Forrester Research Study

In this webcast produced by the Sales Management Association (SMA), Forrester's Scott Santucci will explore the new sales paradigm and discuss how businesses must transform their selling models into dynamic, communications-intensive systems, empowering individual sellers to define, create and deliver value to customers.

Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter