From: Infosecurity-Magazine.com

Responsibility for cyber risk starts and stops with the board, says GCHQ; cyber attack is the most likely technology risk incident says the World Economic Forum; but the board isn’t taking it seriously, suggests Trustwave.

“My organization, GCHQ, now sees real and credible threats to cyber security of an unprecedented scale, diversity and complexity,” warns Iain Lobban, Director of GCHQ, in the government-produced 10 Steps to Cyber Security. “Responsibility to manage your company’s cyber risks starts and stops at Board level. You can never be totally safe.”

That this threat is recognized by business leaders is made clear in the World Economic Forum’s Global Risks Report 2013, published last week. Technological risks are one of the five major major risk categories surveyed among ‘1,000 experts from the World Economic Forum’s communities’ – the other categories are economic, environmental, geopolitical, and societal.

In the survey, the top ten technological threats are rated by impact and likelihood. The threat with the greatest impact is perceived to be ‘critical systems failure’. The threat most likely to happen is ‘cyber attacks.’ Since the latter might well cause the former, cyber security is clearly the greatest technological threat for 2013; well above other perceived threats such as a failure in the intellectual property regime, massive digital misinformation or unforeseen consequences of nanotechnology.

It would be reasonable to assume from this that major companies’ boardrooms are taking the cyber security threat seriously. Trustwave wanted to confirm this, and talked to Infosecurity about the results of a survey they will publish later this week. “Security is not a new issue,” John Yeo, EMEA director of Trustwave SpiderLabs, told Infosecurity, “so we wanted to find a way to validate that it really is already on the agenda.”

Read Complete Article