FCW reports on the InfraGuardconference held this week in DC. FBI Director Robert Mueller said that many companies are maintaining a code of silence by not reporting cyberattacks. That's the same as not reporting a crime. Sure, no one wants the publicity associated with being a victim of a disgruntled teenager hacker, but the issue is bigger than that.
A NY Times story I read recently about cyberextortion implied that shake downs of companies whose businesses are dependent on technology happen every day of the week. It’s practiced by IT thugs and organized crime organizations, and it doesn’t just target online casinos or the gullible among us. IBM’s Global Business Security Index Report last week reported that government computers were by far the most frequent target of cyber attacks.
So what’s going to happen (if it hasn’t already started) when terrorists start to threaten the virtual beheading of American businesses? Will we have learned enough from past attacks to protect ourselves? That’s where InfraGuard would come in. With more than 85 percent of the nation’s critical infrastructure in private hands and increasingly interconnected through computer-based systems, the FBI's Mueller said (in the FCW article), partnerships such as InfraGard’s are vital to expose risks, vulnerabilities and threats.
So why aren’t more companies coming forward with their experiences to help build a body of knowledge that will benefit all? Mueller said most companies believe that reporting a security breach will harm their image or competitive advantage in the marketplace or expose confidential information. Techdirt wonders whether reporting and documenting the attacks is just too much trouble for businesses focused on this quarter’s results.
What's your theory?
View Comments
There are currently no comments to display.
Post a Comment
To post a comment, you must be a registered user of FCW.com and be logged in. Use one of the forms below to login or register for FREE to FCW.com. To protect your privacy, you can use an alias as your username.
