Report

Raising the Bar for Cybersecurity

February 14, 2013

Extracting value from the computers or networks of unsuspecting companies and government agencies has become a big business. No company or agency can ignore network security; it is the source of systemic risk that threatens long-term health and profitability. Companies must secure their networks if they are to exercise fiduciary responsibility and due diligence. Cybersecurity is part of the larger corporate strategy for managing risk and compliance. Cybersecurity risk management is becoming a board-level responsibility. This paper identifies how those responsibilities can be met.

In the past few years, a new approach to cybersecurity has emerged, based on the analysis of data on successful attacks. In this approach, continuous diagnostics and mitigation replace the reactive network security methods used in the past. The approach combines continuous monitoring of network health with relatively straightforward mitigation strategies. The strategies used in this approach reduce the opportunities for attack and force attackers to develop more sophisticated (and expensive) techniques or to give up on the target. In combination, continuous monitoring and mitigation strategies provide the basis for better cybersecurity.

Downloads
Download PDF file of "Raising the Bar for Cybersecurity"
Written By
Media Queries
Contact H. Andrew Schwartz
Chief Communications Officer
Tel: 202.775.3242

Contact Emma Colbran
Communications Associate and Program Coordinator
Tel: 202.775.3211
Related
Counterterrorism and Homeland Security, Cybersecurity, Cybersecurity and Governance, Cybersecurity and Technology, Defense and Security, Geopolitics and International Security, Technology Policy Program

Most Recent From James Andrew Lewis

View all content by this expert