BreachExchange mailing list archives
How much do hackers cost businesses? Stanford conference seeks to find out
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Fri, 8 Nov 2013 21:48:21 -0700
http://www.mercurynews.com/business/ci_24458043/how-much-do-hackers-cost-businesses-stanford-conference Governments and businesses spend $1 trillion a year for global cybersecurity, but unlike wartime casualties or oil spills, there's no clear idea what the total losses are because few will admit they've been compromised. Cybersecurity leaders from more than 40 countries are gathering at Stanford University this week to consider tackling that information gap by creating a single, trusted entity that would keep track of how much hackers steal. Chinese Minister Cai Mingzhao acknowledged there are issues of trust to overcome -- with some U.S. cybersecurity firms pointing to attacks coming from the Chinese military. But he said countries must work together. "In cyberspace, all countries face the same problems and ultimately share the same fate," he said. Mingzhao also urged counterparts to establish new international rules for behavior in cyberspace, a move State Department cyberissues coordinator Christopher Painter said isn't necessary. I don't think we need a new global instrument for all these different issues," he said, noting the adopting worldwide rules would take 5 to 10 years "and you end up with something that's not as strong as what we have now." Painter, who spoke after Mingzhao, said a U.S.-China joint cybersecurity working group announced by Secretary of State John Kerry in April has already met once and is moving forward on cooperating against third party threats. It's crucial work, said Stanford University economics professor John Shoven, who directs the Stanford Institute for Economic Policy Research. He warned of the "tremendous disruption the lack of trust in the security of the Web would do to the economy." "We can't let that happen," said Shoven. Sergio Benedetto, president of the Institute of Electrical and Electronics Engineers Communications Society, noted that the Internet can be mysteries for non-experts. "For many diplomats and politicians, the world of cyberspace is still like a roomful of scattered puzzles," he said. Thus, he said, scientists need to be a part of important global discussions. One key initiative many agreed on was to create the first worldwide, high level benchmarks for cybersecurity, in hopes of getting better assessments of the frequency and damages of cybersecurity compromises. The Cyberspace Cooperation Summit was the fourth annual gathering sponsored in part by the EastWest Institute, a global security nonprofit organization. Institute chief technology officer Erin Nealy Cox presented a plan to aggregate losses and begin to identify the true costs of cybercrime. "Our recommendations offer the means to break through the logjam that prevents effective data collection, analysis and reporting, and such global information and intelligence sharing is critical to bolstering security efforts around the world," Nealy Cox said.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: # OWASP http://www.appsecusa.org # Builders, Breakers and Defenders # Time Square, NYC 20-21 Nov o()xxxx[{::::::::::::::::::::::::::::::::::::::::> Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security offers security intelligence, risk management services and customized security solutions. The YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Current thread:
- How much do hackers cost businesses? Stanford conference seeks to find out Audrey McNeil (Nov 12)