Cyber warfare — A new normal?


The age of Cyber war is upon us — and you better get ready for it.

If you don’t believe it, here’s a list of sources covering just a few of the events in the past year.

Attacks on South Korea
Involving attacks on business and government websites in March 2011 the latest attacks occurred in the past twenty-four hours when dozens of South Korean websites came under attack. See the following for more information:

Business Week


Stuxnet attacks: 2010
If you somehow missed Stuxnet, check out the following:


Turkish press

New York Times

Google attacks: 2010
If you also missed the attacks on Google and dozens of other commercial and government agencies, check out the following:


Is this more “sky-is-falling” language


Or is there more to this than semantecs?

New York Times Topic feature articles

What does it mean for you?

1. The Stuxnet attacks are the dangerous demonstration of cyber warfare — to date

2. More events are likely to occur in the future

3. You better get ready

What else does it mean?

For the most at risk
For 2-in-10 organizations that decided to significantly reduce spending on staffing and tools for information security during 2009 and 2010 in response to slowdowns in receipts, it means ramping-up spending for information security to just catch-up to peers. Budgets for information security staffing and tools among these organizations are going to have to triple or quadruple to simply catch-up.

For most of us
For 7-in-10 of us, it means re-thinking the priorities for business risks for a new normal involving government sponsored cyber attacks, NGO attacks, culture-warfare attacks, political and economic attacks, rogue and criminal gang attacks, and how we’re going to detect, defend against, respond to, implement contingency and recovery procedures, and add additional layers of defense than are currently being managed. It also means having simple yet accurate management displays to prioritize responses. Current budgets for information security are going to have to double to achieve parity with the best-in-class organizations.

For the best-in-class
For the 1-in-10 already operating at best-in-class levels, it means re-thinking and re-evaluating current strategy, risk controls, and responses. And, it also means slight increases and reallocations to deal with the new threats.

How do you know where you are, and what you’ll have to do?

Find out where you are — today
The Assessments@ITPolicyCompliance deliver a confidential and quick two-minute way to assess the posture of your organization against your industry and peers.

Benchmarked against more than 4,000 other organizations, these quick two-minute assessments cover organizational structure and strategy, the use of frameworks and standards, management of policy, management of procedural controls, management of information controls, management of technical controls, vulnerability and threat management, risk management and reporting, and financial implications.

Who should be interested: CIOs, CISO, CAOs, CROs, and principal managers of IT and audit

Time to value: minutes

Visit: to find out more

Additional resources

How the Masters of IT Deliver More Value and Less Risk

What Color Is Your Information Risk – Today?


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: