Corporate risk, intelligence and governance in the time of cyber threat

Abstract

Cyber security is an issue of foremost interest for policy makers in the world’s governments, corporations, NGOs, academic institutions, and other associations, however remedy for the myriad cyber threats and vulnerabilities continues to elude technologists and policy makers alike. In this paper, we consider the concept of cyber risk intelligence, a general concept of understanding the varied phenomena that impact an organization’s capacity to secure its digital communications and resources from eavesdropping, theft or attack. We also consider the deeper economics of information held and transmitted in digital form and how those economics may alter thinking on modeling of risk. Finally, we offer guidance of how organizations and entire sectors of business activity may want to alter their thinking on cyber security issues beyond a technological framing to an informational one aligned with business activities.