Feeds

Cisco suggests new economic metric: Gross Domestic P0wnage

Count the cost of cybercrime to understand if government tech investments deliver

Protecting against web application threats using SSL

Cisco has hosted the launch of a new “Cyber Readiness Index” and endorsed its author's belief that nations need to measure the impact of online crime if they are to understand the true impact of technology on their economies and societies.

The author of the Index is Melissa Hathaway, a former security advisor to President Barack Obama's and George W Bush's administrations. Now head of an eponymous consultancy firm, Hathaway is also a senior security advisor to Cisco.

The Index notes the many upsides that flow from technology, asserting that “governments and businesses that embrace the Internet and ICTs recognize it will enhance their long-term competitiveness and societal wellbeing, and potentially contribute up to eight percent of gross domestic product”. But the document says it can find only occasional assessment or quantification of negative economic impacts brought on by technology, citing data on the cost in money and jobs of intellectual property theft.

The study also considered publicly available data on adoption of technology and “network readiness”, before a five-point assessment of whether a nation is “Cyber Ready” was constructed. Those five points are:

  1. Articulation and publication of a National Cyber Security Strategy
  2. Does the country have an operational Computer Emergency Response Team (CERT) or Computer Security Incident Response Team (CSIRT)?
  3. Has the country demonstrated commitment to protect against cyber crime?
  4. Does the country have an information sharing mechanism?
  5. Is the country investing in cyber security basic and applied research and funding cyber security initiatives broadly?

Full results are available in this PDF, but here's the top 20 nations from the league table of the most “Cyber-Ready” nations:

  1. South Korea
  2. Sweden
  3. Iceland
  4. Denmark
  5. Finland
  6. Norway
  7. Netherlands
  8. United Kingdom
  9. Luxembourg
  10. Hong Kong
  11. Australia
  12. Japan
  13. Switzerland
  14. Macau
  15. Singapore
  16. New Zealand
  17. United States
  18. France
  19. Germany
  20. Canada

Hathaway, and Cisco chief security officer Jon Stewart both suggested the study should be a a wake-up call to governments, for the usual reason that the internet is a snake pit but also because without an attempt to count the negatives that come with wide technology adoption their policies aren't well-directed or designed.

Hathaway's rationale for such studies are as follows:

“Measuring the declining gains may force governments to align their digital agenda and economic vision with their cyber security strategy and invest in the derivative value of both. Bringing transparency to the economic losses may spark national and global interest in addressing the economic erosion. Cyber security initiatives, therefore, can enable and preserve the promise of the ICT dividend and help countries realize the full potential of the Internet economy.”

It's a rare day on which a Reg hack somewhere in the world is not offered a study on just how bad things are online and the terrible consequences that await if businesses, governments and you, dear readers, don't offer more time, attention and currency to security. This study has plenty of that thinking behind it, along with some contestable and contentious assertions like the idea counterfeiting and piracy cost jobs.

The study's proposed remedy is more and more serious policy responses to the dangers of the internet, along with more and better implementations of the ideas and institutions listed in the five points above.

Interestingly, before the event started Cisco said it would not entertain questions related to recent Snowden-related revelations.

Our question about pone response to Snowden-instigated action, the IETF's recently-announced plan to harden the internet and bake encryption into HTTP 2.0, saw Hathaway respond that “things happening in international venues are quite emotional.”

“When we enabled encryption for e-commerce we made it easy for criminals to hide their money,” she said. “We need to think about what we enable on the other side of the coin and third or fourth order effects.” ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.