New Action Guide Aimed at Cyber Attacks

By Stephanie Jordan
in

The Internet Security Alliance (ISA) and the American National Standards Institute (ANSI) yesterday released a new action guide to assist business executives in the analysis, management, and transfer of financial risk related to a cyber attack.

The new ISA-ANSI publication, The Financial Management of Cyber Risk: An Implementation Framework for CFOs, is a response to the President’s request for a program that would help assign monetary value to cyber risks and consequences, giving organizations greater ability and incentive to address cybersecurity.

The action guide was developed by a cross-sector task force of more than sixty industry and government experts, and funded and managed by the private sector. The publication is a free resource.

“By bringing together this diverse group of cyber security experts, ISA and ANSI have identified the potential gaps in the process of analyzing cyber risk,” says Fran Schrotter, senior vice president and chief operating officer at ANSI. “We have given C-suite executives a tool that will assist them in developing and implementing a cyber risk management plan for their entire organization.”

In addition to strategic questions, the action guide offers sample charts to aid in calculating the probability and severity of financial loss from both risk events and the actions taken to mitigate them. It also includes a list of standards and reference documents to help businesses develop comprehensive risk management frameworks.

Electronic copies of the publication are available for free download at http://webstore.ansi.org/cybersecurity.

 

Published April 1, 2010