With an array of quality resources widely available, the pragmatic ICC guide stands out as the first of its kind to be issued by an international business organization, responding directly to the need for material tailored to help business management frame cyber security discussions with information technology professionals – and vice versa – to put a collaborative and ongoing management approach in place.
ICC Secretary General John Danilovich said: “The digital economy is playing an increasingly important role in opening up new markets and opportunities for global business. But in today’s global economy many businesses adopt modern information and communications technologies without fully realizing the new types of risks to be managed as a result. ICC’s guide offers a way to recognize these risks and map out a process to deal with them.”
Noting that absolute security is an elusive goal, the free-to-download ICC Cyber security guide for business demonstrates how improving an organization’s cyber security is possible through a risk management process. This clear guide has been prepared for management and information technology teams to use in their dialogue together – featuring a security self-assessment questionnaire and a set of five principles to reduce risk associated with cyber security incidents. The principles are supported by a checklist of six essential steps every company should take to set managers on a course towards information security excellence.
The cyber security risk management concepts outlined in the guide will help companies overcome fears and improve risk awareness to rise to the information security challenge of this fast changing environment.
Produced by the ICC Commission on the Digital Economy, the ICC Cyber security guide for business is informed by global cyber security guidelines and national strategies offering businesses a framework to consider the question of security online.
“So many documents and guidelines exist that it can be difficult to know what to start reading and what kinds of documents are appropriate to your organization,” said Gerard Hartsink, Chair of the ICC Task Force on Cyber Security. “The range of material available is considerable but the cyber security risk management concepts outlined in the guide will help companies overcome fears and improve risk awareness to rise to the information security challenge of this fast changing environment. The guide should be shared with business partners in the supply chain of goods and services and with the public sector to enhance resilience as broadly as possible.”
ICC has also launched an online appendix of resources to complement the guide serving as a living resource to provide more specific advice as these materials are developed – from standards of practice to technical standards and more.
Catalogued on the cms.iccwbo.org/cybersecurity the portal includes a listing of pertinent global frameworks, resources and contacts and will evolve and be enhanced over time with more local frameworks and translations.
For more information, visit the Task Force on Cyber Security web page.
The ICC Cyber security guide for business will be launched during the Global Conference on Cyberspace 2015 on 16 April. Follow ICC at the event on Twitter via @iccwbo #GCCS2015.