- Disable critical infrastructure in a major city,
- Steal millions of dollars from banks around the world,
- Infiltrate defense systems, extort millions from public companies,
- Or even sabotage our weapons systems.
Today, all of those things have already happened in various countries across the globe. Yet you may find that it isn’t easy to always get the details on actual attacks — because, governments don’t want to reveal the extent of national security vulnerabilities. And private companies – especially banks and other financial institutions – don’t want to frighten away customers by revealing that their systems have been compromised.
U.S. Particularly Vulnerable
As one of the world’s largest and most prosperous nations, the United States has the most bandwidth running through its society and is more dependent on that bandwidth. That means virtually all consumers and businesses are exposed.
Without being an alarmist on this issue, and if you really begin to track developments of risk surrounding cybersecurity related events, every risk manager would be remiss by not being aware of at least the following observations recently reported in the media:
- During 2010, one out of every four companies had information stolen. That’s a 50% increase over 2009.
- The Kroll Annual Global Fraud Report notes that 2010 marked the first time ever that the cost of electronic theft has topped that of physical theft.
- In China, 98% of businesses have been victims of fraud.
- When polled, 48% of U.S. business leaders said the threat of fraud has deterred them from pursuing business opportunities in at least one foreign country.
- WikiLeaks – a controversial website that collects and posts highly classified documents and video – has enraged and embarrassed the Obama administration (and endangered many U.S. allies in Iraq and Afghanistan) by releasing U.S. embassy cables.
If the U.S. government cannot protect its own secret information online, you might reasonably wonder just how secure the data is on your own personal and business sites.
Obviously, cybersecurity is a complex issue that has no easy answers — and certainly in the short run —and perhaps, especially for small and mid-sized organizations — keeping in touch with this risk related issue is a critical input to the process of continuously improving existing information and physical security sections of your organization’s business continuity plan. That is a good course of action to take.
To that point, our website will offer our readers access and links to those cybersecurity related stories that could assist that continuous improvement process. Our first report on gathering that information and those reference links is available below:
Keep in touch to view more forth coming and relevant information security related stories, and, if you find this information of value, then be sure to pass it along to those information security specialists in your own organization. And, of course, please share your own favorite cybersecurity risk related article with us to help our readership better understand and deal with this ever growing potential risk to themselves, their communities, and their workplace environments.
Photo courtesy of justgetthere.us