Home / Making The Business Case For Cyber Security

Opening Remarks & Keynote: Making The Business Case For Cyber Security

Customers are sure that nearly all of the cyber-security measures they budget for are necessary. But how do they convince senior management? Solution providers know well that their customer organizations have suffered some significant losses from cyber attacks. But those same customers—IT leaders and business managers--need help arguing that they are doing a good job of preventing things that could have been much worse. To prevent or mitigate attacks, integrators must help IT leaders and senior management understand the proper role of cyber security.  The typical ammunition seems to consist of technical explanations senior management doesn't understand and some frightening scenarios they don't completely believe. They key is to produce arguments that the financial people will find convincing. Many customers are in a delicate position of claiming credit for things that didn't happen. This talk will outline the answers and address those issues. The key is to look at cyber security in terms of quantitative financial risk. This can make cyber-security decisions easy to defend, even when things go wrong.

Scott Borg, Director and Chief Economist, U.S. Cyber Consequences Unit