Tuesday, September 1, 2009

Blog Purpose: Assist Senior Management Secure Organization Against Cybercrime Threat

"The secret of success lies in managing risk, not ignoring it.”
Merrill Rukeyser

Cyberspace has become the new Wild Wild West. Cybercriminals roam at will. They steal our money. They steal our identities. They steal our business' intellectual property. They control our computers. They threaten our children. They even threaten our national defense.

In the earlier days of the internet, threats to information systems rarely drew the attention of senior management. The mantra of the day was firewall and anti-virus. And most of the time that was enough.

That’s changed. Just glance at four of our recent bloglines:
· Cyber Thieves Steal $447,000 From Wrecking Firm
· More Business Banking Victims Speak Out
· Eastern European cyber gangs stealing millions from small to mid-sizes businesses through online banking fraud

These aren’t the stories of pimply-faced 14-year olds proving their manhood by launching I Love You viruses on the still-pure internet. No. These are the stories of criminals stealing money from corporate bank accounts.

If this isn’t business at risk, we don’t know what is!

Senior management can no longer ignore the risk of cybercrime. The price of inattention has grown too high.

Senior management must take responsibility for managing the risk of cybercrime.

CitadelOnSecurity is all about how to do this.

Effectively managing cyber-risk requires understanding the cybercrime challenge. It requires knowing the information security management strategies and tactics required to meet this challenge. And it requires insightful leadership to integrate these strategies and tactics into the broader organizational culture.

It is the purpose of CitadelOnSecurity to provide you this understanding, knowledge and insight.

CitadelOnSecurity is organized into three main elements:
  1. Cybercrime news stories categorized into topical elements for easy browsing. We post these stories because they say something important about the cybercrime threat and what’s required to successfully manage cyber-risk.
  2. Citadel information security management guides designed to provide practical usable information and guidance on managing cyber-risk.
  3. Citadel thought-pieces—like this one—designed to provide more of a big-picture perspective about information systems security.
There’s an old saying that when life gives you lemons, make lemonade. It’s no different with cybercrime.

The lemons of cybercrime provide the ingredients for competitive advantage. As the threat of cybercrime grows, consumers and businesses alike are increasingly insisting that the organizations they do business with take effective steps to manage the security of their information. This means that organizations with strong security management will have a competitive advantage over those that do not. Thus, investments in information security management have the opportunity to translate into a positive return on that investment. Sometimes good deeds are rewarded.

Stan Stahl, Ph.D.
President
Citadel Information Group