Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Financial Management of Cyber Risk

Published: 2010-04-04
Last Updated: 2010-04-04 16:35:26 UTC
by Mari Nichols (Version: 1)
2 comment(s)

Last Wednesday an interesting report was released called "The Financial Management of Cyber Risk: An Implementation Framework for CFOs".  Please take advantage of this new document that the Internet Security Alliance (ISA) and the American National Standards Institute (ANSI) have graciously provided.  The PDF guide is free for download, after registering, on the ANSI web site.  The document assists in assigning dollar amounts to the possible cyber risks and is further designed to place cyber attack mitigation on the C-level function. 

The report is endorsed by Melissa Hathaway, former Acting Senior Director for Cyberspace for the National Security Council.  The CFO guide is a direct response to the Cyberspace Policy Review released last May.   That report stated, "Between 2008 and 2009, American business losses due to cyberattacks grew to more than $1 trillion in intellectual property."  Copies of the documents from the Fed review can be found on the White House website.  (

Just another opportunity to educate your management staff on the possible financial repercussions of cyber attacks.   

Happy Easter!

Mari Nichols -  Handler on Duty

2 comment(s)
Diary Archives