Whether it be a 13-year old thinking he is clever hacking into your system, or an organized crime to steal coveted information, cyber-attacks are a frequent occurrence. For the CIO, part of their job description is to protect against these threats. In a post for The Accidental Successful CIO, Dr. Jim Anderson explores what CIOs can do.
The U.S. government proposed legislation that was written to encourage the sharing of cyber threat information between the government and businesses. In theory, this was an excellent idea and would surely help businesses be better equipped to face any outside threats. In practice however, it prompted one big question: Who should share first? CIOs believe it is the government’s responsibility to share information first, while the government is proposing that businesses share cyber threat information with the Department of Homeland Security.
CIOs are cautious to share their information with the government, and rightly so. By sharing their information, a CIO could possibly place their firm out of regulatory compliance. There is also the risk that undisclosed information may be leaked to their competition or that a retaliation attack may be brought on. CIOs are hesitant because they are not confident that any of this information is really of any value to the government too, so why risk it? They run the probability of added expenses from having to erase sensitive customer information or data because of the shared information with the government.
The bottom line is that the CIO’s position calls for keeping the company safe from everything and everyone who electronically may try to harm them. It is worth considering to look outside for help from the U.S. government, but it will boil down to a case-by-case matter whether it will be of benefit to the company. You can read the original post here: http://theaccidentalsuccessfulcio.com/security-2/when-it-comes-to-cyber-threats-cios-dont-like-to-share