Cyber threats are the topmost global risks, according to the World Economic Forum. Their nature changes fast, they leave none untouched, and they seem random in their attacks. In this article at Harvard Business Review, Marc Barrachin and Algirde Pipikaite narrate why you need global collaboration to address cyber threats.
Cyber Threats: A Global Epidemic
Idaho National Lab senior cybersecurity analyst Andy Bochman remarks that you cannot protect yourself from hackers, no matter how much you spend. Nevertheless, you still want to try your best. The main issue that companies face is the data gap because businesses deal with cyber threats in isolation.
Knowledge is power, and it can save lots of companies from losing data as well as market reputation. Rest assured, several companies face similar cyber threats in the same timeline. If the initial victims report their incidents on a global forum, others can prepare a better defense mechanism. When organizations all over the world collaborate, lawmakers can implement the right protocols and analyze the correct information.
To collaborate globally, victims of cyber threats must share the following information:
- Dates when the attacks happened, got detected and reported
- The type of cyber threats—breach, malware, or DDoS
- The size of the attack impact on the organization
- The nature of the impact—data leak, money drain, loss in operations, legal issues, intellectual asset stealth, or reputation loss
- The approach attackers used to get the data—phishing, ransomware, virus, or zero-day
- Resolutions and the cost incurred
Of course, most companies do not disclose news regarding cyber threats for fear of reputation loss. Anonymity is paramount to encourage sharing these incidents. The organization, however, should release information on industry type, revenue range, workforce numbers, global reach, etc.
Though regulators release incidents, the information is vague. Moreover, they do not pose the right questions to get the relevant data. Even if cyber risk governance is essential, organizations reveal more when they hear about cyber threats. A public-cum-private relationship can initiate support for the affected companies. Cyber Net, backed by Israel’s National Computer Emergency Response Team (CERT), offers such partnerships.
To view the original article in full, visit the following link: https://hbr.org/2019/11/we-need-a-global-standard-for-reporting-cyber-attacks