Who should keep the internet safe?

The Internet is constantly being manipulated by various forces for social, political, ideological, economic and military interests. Governments are striving to regulate its use, corporations are trying to build impermeable commerce platforms, defence forces are building cybermilitary capabilities, criminals are continuing to deploy malware and hacktivists are promoting their ideological campaigns. On multiple fronts, the Internet is faced with new risks that have a profound impact on corporations and online commerce.

Recently, we have seen numerous instances of major organizations being compromised. In one case, hackers spied on a large consumer product firm for nearly a decade through covertly installed spyware. Top company executives were targeted and their passwords stolen, allowing the hackers to access confidential business plans, reports, e-mails and other documents.

Such cyberattacks not only demonstrate a lack of technological preparedness, but also inexperience in managing the reaction of their customers and clients. Corporations need to commit to investment and collaboration that will ensure that their customers are safe and protected from cyber risks. Consumers need a safe and trusting marketplace and the corporate world has a responsibility to provide one.

Securing an organization online is, without doubt, complicated. Priorities can change quickly due to new emerging threats or increases in vulnerabilities often introduced by businesses seeking short-term financial gains. This rapid adoption of new technologies, driven by the rise in online commerce, has often come at the expense of businesses being prepared for cyberthreats.

A recent survey of chief executive officers showed that cyber risks are ranked as one of the lowest business risks, while government agencies such as the FBI rank these at the highest levels, only one level below nuclear threats. It would be interesting to understand why businesses do not share this assessment of the dangers posed.

Corporations need to ask themselves if they are paying enough attention to cybersecurity. Even if their industries haven’t been the focus of prior Internet attacks, ignoring the problem could lead to corporate failure. CEOs should make cybersecurity a boardroom issue, and cooperate with consumers, civil society, governments and among their businesses on sharing cyber risk information.

Author: Lucius Lobo is Vice-President and Global Head, Security Services, Tech Mahindra, India. He is a member of the World Economic Forum’s Global Agenda Council on Internet Security

Pictured: The website of the U.S. Central Intelligence Agency (CIA) is unresponsive and unavailable after reports that the website had been attacked by internet hackers in Washington June 15, 2011. The Lulz Security group of hackers said in a Tweet that it had launched an attack on the public website of the U.S. Central Intelligence Agency. The site, www.cia.gov, was unavailable for a few minutes on Wednesday evening, immediately after the group announced the attack via Twitter. “We are looking into these reports,” a CIA spokeswoman said. REUTERS/Jim Bourg