Thursday, January 4, 2001

CIOs: "What, Me Worry?" A national poll of 1,400 CIOs reveals that 90% have confidence in their network security, despite estimates that billions of dollars are lost every year to cybercrime. The survey, conducted by RHI Consulting, has raised eyebrows among security experts who point out that it's generally in a CIO's best interest to keep quiet when security breaches occur. A recent survey conducted by the Computer Security Institute indicated that more than half of the respondents said they did not report the intrusions to law enforcement out of fear of negative publicity or that rival companies would use the information to competitive advantage. In addition, many CIOs may feel that they must live with a "buffer of acceptable risk." "Just as credit card companies accept some level of loss as a cost of doing business, so some CIOs are saying, 'if I do a really solid job of protecting my systems, then I can live with the low-level pain that some break-ins cause,'" says one expert. Meanwhile, a 1999 survey found that Fortune 1000 companies lost more than $45 billion in thefts of proprietary information that year. [*InfoWorld*, 3 Jan 2001; NewsScan Daily, 4 Jan 2001] ["NewsScan" via risks-digest Volume 21, Issue 18] 0:00 # G!