CEOs need to take an active role in IT security or their businesses could be the next company to make headlines as victim of cyber crime, according to a new report sponsored by Toronto-based C.D. Howe Institute.
Recently, both Rolls-Royce PLC and Royal Dutch Shell PLC made news after falling victim to industrial espionage in a series of hacking attacks on their computer systems. In the wake of these events, the Cyber Attack: A Risk Management Primer for CEOs and Directors has been released and warns senior government figures and corporation leaders to put cyber security as a high priority.
The report recommends CEOs and directors establish a comprehensive IT security policy, hold company-wide security audits to expose vulnerabilities and strength, frequently test security measures, and keep abreast of changes in best practices for security technology.
According to Marina Del Kay, Calif.-based Internet Corporation for Assigned Names and Numbers (ICANN), the Internet makes possible about $2.8 trillion in global e-commerce annually. William Robson, president and CEO at the C.D. Howe Institute, said “CEOs are not IT experts and they don’t have to be.” To address this, he said the report provides a quick and comprehensive reference list of things of what management needs to know.