WHAT TO DO BEFORE AND AFTER A CYBERSECURITY BREACH?
Written by Gurpreet Dhillon, Ph.D
Cybersecurity breaches affect organizations in different ways. Reputational loss and decreased market value have often been cited as significant concerns. Loss of confidential data and compromising competitiveness of a firm can also cause havoc. There is no doubt that preventive mechanisms need to be put in place. However, when an IT security breach does occur, what should be the response strategy?
Top Questions Board Members Should Ask Senior Management About Cybersecurity Governance
Cybersecurity Governance: The Next Generation Leadership Opportunity for IT Managers
Cybersecurity Knowledge Networks Research Program
Professors J. Alberto Espinosa and Mark Clark, American University
Professors Espinosa and Clark lead the Cybersecurity Knowledge Networks research program, which assesses the configuration, fit, and effectiveness of knowledge within and across cybersecurity organizations. This research measures critical knowledge held by key stakeholders involved in cyber issues - technical staff, managers, investors, and others to identify gaps, opportunities, and knowledge hubs which can be leveraged for increased collaboration effectiveness, coordination, and performance. This is important because, for example, the degree to which knowledge is shared between executive and technical staff about risk implications of tactical decisions may have substantial impact in business value and risk exposure. To accomplish this, their approach measures specific knowledge content relationships among group members across various dimensions (e.g., content knowledge similarity, team member familiarity, task awareness), then uses network analysis to detect overlap, centrality, clusters, outliers, and potential boundary-spanners. These patterns can then be depicted visually and quantitatively to better understand how knowledge is organized and shared, leading to more effective collective cybersecurity practices.
Managing Cybersecurity in Global Supply Chains: Securing the Weakest Link
Professor Ayman Omar, American University and Peter Iannone, Alsbridge
Lately several major corporations as well as governmental institutions have seen unprecedented cyberattacks from various sources ranging from amateurs, organized crime members, and even nation backed sources. As companies start developing a wide range of plans to protect their data, one of the things that managers still have to address is the cyber security of their entire supply chain.
Global supply chains are becoming more complex and the need for information sharing across different members is critical for the success of the entire chain. This requires that key supply chain partners protect their data against attacks that may be directed directly at their companies or at the weakest link in their supply chain which could be a global supplier or distributor. The goal of this research is to understand how managers are dealing with cyber security threats in global supply chains and the strategies that are being used to protect vital data, knowledge, and know how.
Resilience to Cyberattacks
Professors Parthiban David and Augustine Duru, American University
Resilience is the ability to withstand shocks. Firms differ in the extent to which they are resilient to cyberattacks. Differences in resilience arise from a variety of safeguards such as Information Technology Investments, Risk Management, and Governance. There are benefits to resilience (as resilient firms are better equipped to cope with cyber shocks), but there are also costs (investments made in resilience come at a cost). What are the factors that make some firms more resilient than others? Do firms with higher resilience have higher financial performance and/or lower financial risk? Does resilience impact the likelihood of encountering a cyberattack? Does resilience mitigate the adverse consequences of a cyberattack?
Antecedents to and Consequences of Cybersecurity Vulnerabilities: A Study of Korean Companies' Data of Information Security Management Systems Certification
Professors Gwanhoo Lee, American University, Seunghyun Kim, Yonsei University, and Dan Kim, University of North Texas
As the society becomes hyper-connected, the risk of cyberattacks significantly increases. In response, the Korean government has introduced the ISMS (Information Security Management System) certification in order to facilitate companies to develop and operate continuous and comprehensive information security management systems above and beyond ad-hoc and limited security management systems. This study conducts an in-depth analysis of security vulnerabilities and defects that Korean companies commonly have based on the ISMS certification assessment data. In addition, it aims to help companies effectively develop their information security management systems by analyzing how organizational factors such as firm size and firm asset size affect information security defects.
Mapping Law in Uncharted Territory
Israel Martinez and Dr. Richard Schroth discuss the role of general counsel in cybersecurity.