Cybersecurity is permeating every aspect of our society and daily life and challenging economic and national security equities. Threats against governments and critical infrastructure have been escalating, forcing defensive and reactive postures and policies across the world to play catchup. In fact, most organizations (95%) have experienced more than one data breach in their lifetime, and the financial toll of these incidents is escalating. The status quo is not sustainable.

 

To solve for these challenges, both public and private sector organizations need the right information at the right time to contextually understand and put the pieces together to defend against the evolving threat landscape effectively and preemptively. Collaborative, transparent, and proactive information sharing creates resiliency and helps mitigate cyber risk.

 

For example, governments in Australia, the European Union, India, and the U.S., are considering or have recently passed policies to create cyber incident reporting regimes. As these nations move toward implementation, and others contemplate their own national cybersecurity policies around cyber reporting, IBM urges lawmakers to examine what is already working.

 

While there is no silver bullet to solve for cybersecurity, there are best practices that can help. IBM knows what works when it comes to who, what, when, and how to report incidents, breaches, and threat intelligence. The following are three policy imperatives IBM recommends for nations as they develop and implement cybersecurity reporting policies:

 

1. Harmonize definitions.
2. Incentivize resiliency and action.
3. Engage stakeholders.

 

A complex compliance regime won’t fix the problem of an increasingly complex cyber threat landscape. Governments and the private sector must rethink how we work together to address current and future security of critical infrastructure, assets, and data. This does not necessarily mean establishing new practices and policies, but rather focusing on driving a culture of security to improve overall resiliency. To read the full paper, click here.

Share this post: