Читать книгу Beyond Cybersecurity - Kaplan James M. - Страница 11

While companies must upgrade their own capabilities, technology executives told us that individual institutions could not be left to fend for themselves and that governments, private institutions, and civil society should work together to build a resilient digital ecosystem.

There was a wide range of views about the value and feasibility of the specific actions governments could take, but a set of potential aspirations did emerge. Countries should create national cybersecurity strategies that have clear lines of accountability among public- sector agencies and provide support and assistance to the public and civil sectors. Law enforcement, prosecutorial, and judicial functions should increase their familiarity with and expertise in cybersecurity issues so that they can better combat cyber-crime. Finally, countries should prioritize cybersecurity issues in bilateral exchanges in order to create transparency into motivations, constraints, and objectives for actions in this field.

Equally critically, industry associations and voluntary groups will have to enable companies to share intelligence, disseminate best practices, align on how to address challenging issues, and eventually create shared utilities to provide important cybersecurity functions.

At the same time, financial institutions and insurance companies could support progress by creating markets for pricing the risk of cyber-attacks.

The final two chapters of the book discuss how leaders can advance the cause of digital resilience. Chapter 8 describes how companies can design and launch a cybersecurity program that will sustain progress. Chapter 9 addresses the role played by the broader set of players in the digital ecosystem – including regulators, vendors, and others – in facilitating the path to digital resilience.

● ● ●

Sustaining the pace of innovation and growth in the global economy in the face of determined cyber-attacks will require dramatic change. Companies must make the transition from managing cybersecurity as a control function to implementing the practices required to protect information assets into their business processes and their entire IT environment. In addition, regulators, technology vendors, and law enforcement must collaborate with companies to create an ecosystem that facilitates digital resilience. Changes of this scale and complexity cannot be achieved without the active engagement and participation of the most senior business leaders and policymakers.