According to the White House Cyberspace Policy Review (CSPR), between 2008 and 2009 American business losses due to cyber attacks had grown to more than $1 trillion of intellectual property - a staggering figure that impacts not only American business, but also our national security, which is dependent upon a robust and secure information infrastructure.
In the CSPR report, President Obama asked for a program that would help assign a monetary value to cyber risks and consequences, giving organizations a greater ability and incentives to address cybersecurity.
A new publication from the Internet Security Alliance (ISA) and the American National Standards Institute (ANSI) responds directly to the President's request, offering a pragmatic action plan that addresses cybersecurity from an enterprise-wide perspective.
The Financial Management of Cyber Risk: An Implementation Framework for CFOs provides concrete, actionable recommendations for developing strategies that cross functional and departmental boundaries in mitigating the dangers and consequences of cyber risk.
This new publication aims to meet this challenge head on by helping executive leaders to make informed decisions about risk management from a strategic, cross-departmental, and economic perspective.
The report will be released at a press conference on Wednesday, March 31, 2010, from 1:30 to 2:30 p.m. EST at the National Press Club in Washington, DC.
Featured Speakers will include:
- Joe Buonomo, President and CEO, Direct Computer Resources, Inc.
- Michael Castagna, Vice President for Corporate Information Security, Sallie Mae;
and former Chief Information Security Officer, U.S. Department of Commerce
- Larry Clinton, President of the Internet Security Alliance (ISA)
- Brad Gow, Senior Vice President, Specialty Errors and Omissions, Zurich North America
- Fran Schrotter, Senior Vice President and COO, American National Standards Institute (ANSI)
- Justin Somaini, Chief Information Security Officer, Symantec Corp.
The Financial Management of Cyber Risk: An Implementation Framework for CFOs is a 76-page action guide that has been developed by more than sixty technical experts from industry, government, and academia.
The project is being led by the Internet Security Alliance (ISA) and the American National Standards Institute (ANSI). The publication is supported and endorsed by its premium sponsor, Symantec Corporation, the world's leading provider of internet security. Partner sponsors include Direct Computer Resources, Inc., and Phillips Nizer.
About the Internet Security Alliance:
The Internet Security Alliance was created to provide a forum for information sharing and thought leadership on information security issues. A unique trade association, ISA represents corporate security interests from the Defense & Aerospace, Banking & Financial, Food Service, Entertainment, Telecommunications, and Manufacturing industries before legislators and regulators. In so doing, the alliance aims to identify and standardize best practices in Internet security and network survivability, while creating a collaborative environment to develop and implement information security solutions.
About the American National Standards Institute:
The American National Standards Institute (ANSI) is a private non-profit organization whose mission is to enhance U.S. global competitiveness and the American quality of life by promoting, facilitating, and safeguarding the integrity of the voluntary standards and conformity assessment system. Its membership is comprised of businesses, professional societies and trade associations, standards developers, government agencies, and consumer and labor organizations. The Institute represents the diverse interests of more than 125,000 companies and organizations and 3.5 million professionals worldwide. The Institute is the official U.S. representative to the International Organization for Standardization (ISO) and, via the U.S. National Committee, the International Electrotechnical Commission (NYSEMKT:IEC), and is a U.S. representative to the International Accreditation Forum (NYSEMKT:IAF).
The full report will be published online, and the Infosec Island Network will make the locations available as soon as possible following the press conference.
The Infosec Island Network is committed to serving the risk mitigation needs of SMBs and mid-market enterprises across numerous industries, government agencies, legal, financial, healthcare, educational, nonprofit organizations, and the information security community at large.
Disclosure: no positions