Counting The Costs Of Cybercrime

Have we been underestimating the financial costs of cybercrime? Maybe so says a new guidebook from the American National Standards Institute (ANSI) and The Internet Security Alliance (ISA.) And it may well be maybe so and then some.The joint ANSI and ISA guide, aimed at CFOs, takes hard look at the breadth of cycbercrime's financial impact throughout a business.

That spread is wider than just the initial response to a data breach.

The guide recommends including the full array of departments (and, depending on the nature of your business, outside vendors, specialized professional services, etc.) and measuring those against the risks of being tagged by the cycbercrooks.

Have you, for instance, given thought to what a data breach would do to your business insurance premiums? How much would legal fees be if your business is victimized? How much extra will you be paying to manage the public face of the crime -- public and press relations, communications with affected customers and so on?

The point of the guide is to provide you with the tools needed to calculate your risk, the costs accompanying those risks and the proper business response to mitigating them.

It's sobering reading and, coming with the imprimatur of ANSI, invites careful reading and reflection.

"The Financial Impact of Cyber Risk: 50 Questions Every CFO Should Ask" can be downloaded for free here (registration required.)