Tag Archives: cybercrime

Cyber Readiness Index


Keeping the costs in the value equation
[From Cyber Readiness Index 1.0, Melissa Hathaway.]

Consulting firm, Hathaway Global Strategies, has developed a “Cyber Readiness Index,” or CRI, based on economic growth.  The objective of the index is to measure maturity and commitment to protecting the investment in cyber infrastructure of each of the 35 countries included.  Specifically, the index looks at these five areas:

  1. national strategy
  2. incident response
  3. ‘e-Crime’ law enforcement
  4. information sharing
  5. R&D

The index combines measures of both economic prosperity and exposure to cyber risk.  For example,  cybercrime, resiliency issues, identity theft, intellectual property theft, and other cyber factors are highlighted to illustrate diminished country GDP.

Some conclusions that the study draws include:

  • Increase in prosperity that Internet technology and connectivity have brought over the past 30 years may not outweigh “the unreliability and riskiness caused by new threats”
  • Costs of malicious cyber activity and risk must be included in a nation’s evaluation of its prosperity so that security investment can be measured

I like the approach of this index.  As I suggested in my post on “Force Protection“, businesses and countries that depend on the Internet will have to redirect a real amount of its operating capacity to analyze risk and provide information security, just as the military did with personnel and physical assets in the late 70’s/early 80’s, if it is to continue to move forward.


Tipping Point

“Cybercrime is no longer an annoyance or another cost of doing business. We are approaching a tipping point where the economic losses generated by cybercrime are threatening to overwhelm the economic benefits created by information technology. Clearly, we need new thinking and approaches to reducing the damage that cybercrime inflicts on the well-being of the world.”

John N. Stewart, Senior Vice President and Chief
Security Officer at Cisco in Cisco 2013 Annual Security Report.