ICANN have released the news release below suggesting that CEOs and company directors need to tackle cybersecurity threats, as well as publishing a story on the ICANN blog. It is described as the must read paper on cybersecurity for CEOs.”One thing is clear — every business, every government, every organization that uses the Internet in its day-to-day operations is vulnerable. Simply put, cyber security is no longer ‘one for the IT department.’ Just as CEOs and Directors are responsible for ensuring that their Chief Financial Officers manage funds properly, they must now satisfy themselves that the Chief Information Officer has taken steps to safeguard the organization’s resources.”CEOs and Directors Need to Tackle Cyber Security ThreatsThis event was hosted and organized by the Atlantic Council at which ICANN’s CEO was asked to speak. It is presented for information.CEOs must make cyber security a top priority or their businesses could fall victim to industrial espionage similar to recent cyber attacks on such large companies as Rolls-Royce and Royal Dutch Shell. That’s the conclusion the report Cyber Attack: A Risk Management Primer for CEOs and Directors released today by the British-North American Committee (BNAC) and the Atlantic Council of the United States, a U.S. sponsor of the Committee.The one global Internet, for which ICANN coordinates addresses, makes possible about $2.8 trillion in global e-commerce annually.”As enterprise on the Internet has become more sophisticated, so have cyber criminals,” said Dr Paul Twomey, ICANN’s President and CEO, and one of the report’s main authors. “The message of this report is clear – senior government figures and leaders of corporations need to make cyber-security a personal priority.””Global investors, CEOs and board directors, while measuring risks to the corporate bottom line, will have to know what they are doing to prevent data compromises. CEOs are not IT experts and they don’t have to be. This report is a quick comprehensive reference list of things that every chief executive should know and do,” said William Mayer, founder of Park Avenue Equity Partners and chairman of the BNAC Cyber Security and Business working group.”We live in a completely different environment wherein people and businesses are dependent on technology and the Internet and while this helps us run are companies better, we need to realize that there are corresponding risks and threats. Cyber security is therefore critical to the success of every enterprise,” said Frederick Kempe, Atlantic Council president and CEO and a BNAC member. “It must be an integral part of every CEO and directors thinking and planning.”The report calls on CEOs and corporate directors to take actions to protect their businesses and organizations from cyber attacks. It identifies information security threats, and most commonly made mistakes in data security and provides recommendations for business and corporate leaders to manage cyber security risks.”This report is a timely reminder to all organisations – large and small, public and private – of the need keep up with best data security practices. The risks are very real but help is at hand,” said Clive Mather, until recently president and CEO of Shell Canada and a BNAC member.Among its recommendations, the report urges CEOs and directors to:
- Establish a comprehensive information security policy, implemented by senior management;
- Hold a company-wide security audit to expose vulnerabilities and strengths and give a complete picture of an organization’s security requirements;
- Underpin a robust security culture with frequent and rigorous testing; and
- Prioritize keeping abreast of changes in security technology and best practices, including through participation in relevant international information security organizations.
The report further provides a comprehensible information security checklist of recommendations chief executives and directors must follow to protect their corporations against industry espionage. Endorsed by members of the British-North American Committee, a group of distinguished business, academic, and labor leaders from the United Kingdom, the United States and Canada, the report is available online at http://www.acus.org/docs/071212_Cyber_Attack_Report.pdf [PDF, 1,400].About the British-North American Committee:
Launched in 1969, the British-North American Committee (BNAC) is a group of leaders from business, labor, and academia in Canada, the United Kingdom and the United States committed to harmonious, constructive relations among the three countries and their citizens. BNAC is sponsored by three nonprofit research organizations — the British-North American Research Association in London, the Atlantic Council in Washington, and the C.D. Howe Institute in Toronto. Alan R. Griffith, formerly of the Bank of New York, and Sir Paul Judge, chairman of Teachers TV, are, respectively, the North American and British co-chairmen. Professor Thomas H.B. Symons, C.C. is chairman of the Executive Committee.About The Atlantic Council of the United States:
Founded in 1961, The Atlantic Council of the United States is an independent, non-partisan organization dedicated to stimulating dialogue and discussion about critical international issues with a view to enriching public debate and promoting consensus on appropriate responses in the Administration, the Congress, the corporate and nonprofit sectors, and the media in the United States and among leaders in Europe, Asia, and the Americas. The Atlantic Council’s mission is to promote constructive U.S. leadership in international affairs based on the central role of the Atlantic Community in meeting the global challenges of the twenty-first century. For more information about the Council’s work, please visit its website on www.acus.org.The above news release is available from icann.org/announcements/announcement-12dec07.htm while the posting on the ICANN blog is available from blog.icann.org/?p=256.