From: CFO
Evaluating the probability and cost of a data breach is part art, part science. New risk models promise to help with the science.
In a February editorial about the buildup of cyber attacks between the United States and Iran, The New York Times quoted President Obama’s observation that, compared with conventional weaponry, cyberweapons provide “no clear line between offense and defense.” For example, getting into the enemy’s networks to exploit its weakness and disable its ability to attack you is both offense and defense. Citing “major banks, Sony Pictures Entertainment, [and] an electrical utility,” the newspaper observed that such recent examples reveal that even corporate computer systems once considered impregnable are vulnerable to attack.
In the borderless world of information technology, in fact, computer-security specialists and corporate risk managers have begun working on the assumption that it’s impossible for companies to keep their networks completely free from penetration. Given that reality, they’re zeroing in on the need to detect hackers once they’re inside the system and respond to the attack, rather than just focusing on sealing networks from every possible breach.
Leave a Reply