January 2016
Article
AutomatedBuildings.com

BTL Mark: Resolve interoperability issues & increase buyer confidence
BACnet Testing Laboratories

(Click Message to Learn More)


The Business Side of Cyber Security (Continued)

The value of taking additional measures to increase the cyber security posture of your control systems, far outweighs the risk of not making them secure.

Marc PetockMarc Petock,
Vice President, Marketing
Lynxspring &
Connexx Energy

Contributing Editor

Articles
Interviews
Releases
New Products
Reviews
ABB
Editorial
Events
Sponsors
Site Search
Newsletters
Secured by Cimetrics
Archives
Past Issues
Home
Editors
eDucation
Control Solutions, Inc
Training
Links
Software
Subscribe
Securing Buildings News

Cyber security has a technology side and a business side. From a business perspective, the negative consequences that cyber incidents can cause are disruptive and potentially catastrophic. The value of taking additional measures to increase the cyber security posture of your control systems, far outweighs the risk of not making them secure.

Here are a few interesting items in the news of late related to the business side of cyber security.

Third-party vendor risk

The New York State Department of Financial Services (DFS) announced it will propose new cybersecurity regulations for financial institutions. The exact details of the regulations are being hashed but include a number of areas in which the DFS intends to act: Cyber Security Policies and Procedures, Third-Party Service Provider and Management, Multi-Factor Authentication, Appointment of Chief Information Security Officers, Application Security, Cyber Security Personnel and Intelligence, Annual Auditing, and Procedures for Noticing Cyber Security Incidents.

As noted, one of the new regulations focuses third party providers and suppliers and the requirement to implement policies and procedures to ensure the security of sensitive data or systems that are accessible to, or held by, third party providers.  New regulations could mandate firms to “perform cyber security audits” of their third-party vendors or require third-party vendors to make “representations and warranties” about the state of their information security.

Cyberattacks Could Now Affect Credit Ratings

Moody’s Investors Service announced that as cyber risks become more pervasive, it will take a higher priority within their analysis and that the credit implications associated with cyber defense, detection, prevention and response will start to take a higher priority within its credit assessments and analysis.

Target

Well even after two years since the Target cyber issue, they remain in the news. Target has to pay nearly $40 Million to settle with banks and credit unions who brought class action claims against the retailer for alleged losses the financial institutions suffered as a result of Target’s 2013 data breach. This most recent settlement comes on the heels of a $67 million settlement with Visa, and a $10 million settlement with consumers, both earlier this year.  The most recent settlement brings Target’s total costs to a staggering $290 million (and it is far from over).  This on top of lawsuits that are still pending, as well as regulatory enforcement and investigation actions by the FTC and various state attorneys general.

Insurance

Insurance companies are cracking down on insurance because of cyber security. They are beginning to evaluate and rate company cyber health and insure (or not) and charge accordingly. As such, insurance is becoming more sophisticated as the companies offering coverage begin to demand companies they insure meet specific cyber security requirements to be eligible for coverage; begin to determine premiums and policy coverage based on the implementation of those requirements or flat out choose not to offer coverage as the risk is too great due to ineffective cyber security practices and cyber security postures.

When it comes to cyber security, the business side is equally as important as the technology side. The operational, financial and reputational impacts to a business are tremendous.

Additional cyber security articles by Marc are linked here.

footer

abb
[Click Banner To Learn More]

[Home Page]  [The Automator]  [About]  [Subscribe ]  [Contact Us]

Events

Want Ads

Our Sponsors

Resources