The RE: View for May 12-May 30
Jun 4, 2014 8:30am
The RE: View is a bimonthly look back at the headlines that caught the attention of our RE: Cyber contributors that senior executives and Board members should consider when assessing and managing cyber risk.
May 30, 2014
Do you have the right staff and governance structure to protect your networks? With the latest round of high-profile data breaches, bells are ringing in the C-Suite. Several companies are seeking to hire a Chief Information Security Officer (CISO) for the first time, or are elevating the position of the CISO to be on par with the Chief Information Officer (CIO) and report directly to the Chief Executive Officer and Board. Many companies are also looking to bring CIOs or technology experts onto the Board.
May 29, 2014
5 Big Cyber Threats for Small Business, Property Casualty 360
Do you think being small makes your company immune to cyber threats? Quite the contrary; small and medium businesses are top targets for cybercriminals. A recent FireEye white paper highlights five reasons your small or midsize business is a prime target for cybercriminals: (1) your data is more valuable than you think, (2) cyber attacks offer low risk and high returns for cyber criminals, (3) you’re an easier target, (4) many SMBs have their guards down, and (5) most SMB security tools are no match against today’s attacks. However, you can protect your business by putting a cyber risk management plan in place. See Cyber Risk Management and Assessment for more information.
May 28, 2014
A recent PwC paper points out that not only does the NIST Cybersecurity Framework comprise “leading practices from various standards bodies that have proved to be successful when implemented,” but also “may deliver regulatory and legal advantages that extend well beyond improved cybersecurity for organizations that adopt it early.” Consider the pros and cons for adopting the NIST Cybersecurity Framework and how you might implement the Framework in your own company. Read the full paper for analysis of the benefits of and challenges posed by implementing the Framework.
May 16, 2014
CEOs Can No Longer Sit Idly By on Cybersecurity, Entrepreneur
Let the resignation of Target’s CEO following a massive date breach serve as a wakeup call to CEOs. As noted in a recent Entrepreneur article, CEOs can “no longer understand a company’s cybersecurity initiatives in only a cursory manner.” The article suggests CEOs should put cybersecurity training at the forefront of their strategic priorities and strategically undertake cybersecurity initiatives to help mitigate large risks and gain competitive business advantage.
May 15, 2014
Retail Breaches Bolster Interest In NIST Cyber Security Advice, InformationWeek
Following Target’s data breach, in which hackers infiltrated Target’s point-of-sale system by exploiting a vendor’s IT system, corporate executives are looking more closely at the cybersecurity of their supply chain. One tool for assessing the cybersecurity risk in your supply chain is the NIST Cybersecurity Framework. Consider how your company might use the Framework to manage vendor cybersecurity risk.
May 12, 2014
What is cyber insurance? Why do I need it? Where do I get it? This brief article provides an overview of the evolving cyber insurance marketplace.