IT security guide: Understanding cyber-risks means knowing what questions to ask
A good place for senior executives to start in trying to understand their companies' financial exposure to cyberthreats is by getting an overall assessment — not just from IT, but also from business units and corporate operations such as the human resources, legal and public relations departments.
The 40-page guide was put together by a task force of risk management executives from more than two-dozen organizations, including Carnegie Mellon University, IBM, insurers American International Group (AIG) and State Farm Insurance, defense contractor Lockheed Martin and consulting firms Booz Allen Hamilton and KPMG.
Urs