June 15, 2014
June 15, 2014
June 18, 2014
Computing & Information Technology
24.196.1 - 24.196.12
Are We Prepared: Issues Relating to Cyber Security EconomicsToday, more than ever, we know that the world of cyber security is a key global issue. Yet, thefinancial costs related to cyber security investment decisions that benefit organizations,government and the community must be balanced between the risks an organization may takewith its data, both that which it generates and that which it is entrusted with, and the cost ofprotecting that data. Data must be accessible to those people who have a need for it, and yet, bythis very accessibility to members of the organization it becomes vulnerable. Unfortunately,today insider threats are one of the main concerns of all organizations, both public and private.Add to that the often nonsystematic approach to protection that of that data, and significantproblems arise. The three main reasons to focus on the cyber security economics relate squarelyto the bottom line. If adequate protection measures are not taken, the data may be lost to outsidehackers or to employee threats. This in turn affects the bottom line when the organizations nameis tarnished. If sensitive data is lost or exposed to the public as we have seen in the recent past,lawsuits and legal fees become a bottom line expense. Finally, if organizations are not followingthe numerous regulations in place to protect sensitive data, both fines and criminal penalties maybe lodged against them. Once again, cyber security economics affect the bottom line. Bydeveloping an awareness and training program and an effective cyber security program,organizations will meet their data protection needs and save themselves from the plethora ofissues that can results in economic loss. In order to do this, top management withinorganizations must recognize and understand the need for the critical support, both in physicaland human resources that they hold the key to in order to make the change possible.This paper will discuss in detail the cyber security challenges facing today’s public and privateorganizations, including regulations, inadequate cyber security programs, policies, mandatorydisclosure of security incidents and intrusions, raising management’s focus on cyber securityneeds and will provide recommendations to improve an organization’s cyber security footprint.
ASEE holds the copyright on this document. It may be read by the public free of charge. Authors may archive their work on personal websites or in institutional repositories with the following citation: © 2014 American Society for Engineering Education. Other scholars may excerpt or quote from these materials with the same citation. When excerpting or quoting from Conference Proceedings, authors should, in addition to noting the ASEE copyright, list all the original authors and their institutions and name the host city of the conference. - Last updated April 1, 2015