Cybersecurity concerns becoming a boardroom issue
Posted on 06 March 2014.
The increasing frequency, sophistication, and business impact of cyber-attacks have pushed cybersecurity planning and protection from an operational concern of IT departments to a key theme on the strategic agenda of boards and CEOs.

Senior levels of the business still face an information gap that makes it difficult for them to align investments in risk protection to the true strategic value of an organizationís digital assets; this, according to a report by global business consulting firm Bain & Company.

Statistics show that:
  • The median cost of cybercrimes jumped 56 percent to $5.9 million per organization in 2011 over 2010, the most recent data available
  • Web-based attacks during the same period increased to 4,500 per day, a 36 percent rise
  • Mobile malware quadrupled in 2013, with Android attacks increasing by an astounding 26 times
  • DDoS attacks increased 27 percent in the same period
  • Financial motives now drive nearly 95 percent of cyber-attacks, placing the target squarely on strategic assets that can be monetized after a breach.
Every organization that has suffered a recent security breach, the report notes, has also already had some form of cybersecurity in place. Beyond that, too many organizations fail to align IT security capabilities with larger goals and overall risk appetite.

The report points to disconnects between an organizationís risk-management efforts and the development of necessary cybersecurity capabilities as a hidden cause behind the material causes of individual incidents, because business groups and IT often fail to discuss emerging threats or the relative importance of different kinds of digital assets.

Instead, according to the Bain report, compliance obligations, not strategy implications, are the greatest driver for cybersecurity considerations for three-in-four CIOs. The finding demonstrates the over-reliance placed on operational approaches to security.


101,000 US taxpayers affected by automated attack on IRS app

The IRS has revealed more details about an attack it suffered last month, mounted by unknown individuals with the aim to file fraudulent tax returns and funnel the returned money to their own bank accounts.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Feb 10th