By Scott Shackelford, Associate Professor of Business Law & Ethics, Kelley School of Business, Indiana University
Rarely does a day seem to go by without another front page story about a ﬁrm being breached by cyber-attackers.
Even experts in the ﬁeld are far from immune from the unsustainable status quo.
For example, Jim Lewis of the Center for Strategic and International Studies has said: ‘‘We have a faith-based approach [to cybersecurity], in that we pray every night nothing bad will happen.’’
This is a difficult starting point to consider an appropriate end game. Still, it is something that ﬁrms must do since infinite investment cannot breed infinite security.
In my article, I take lessons from the burgeoning ﬁeld of cyber peace studies and apply them to private sector cyber risk mitigation strategies.
With members of the C-suite on down to mailroom clerks worrying about the next attack and looking over their shoulder after a breach occurs, who wouldn’t welcome some peace of mind?
This article is published as part of the Business and Peace Challenge, led by Indiana University and Business Fights Poverty. To find out more about the Business and Peace Challenge, and to join, click here.
Add a Comment