Why More MBA Programs Need Cyber Security Training

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.businessbecause.com/news/making-the-headlines/3557/talktalk-hack-highlights-need-for-cyber-security-training

The theft of up to four million customers’ financial details from TalkTalk
last week highlights the growing need for business managers to hone some
cyber security skills.

The attack on TalkTalk, the latest in a long stream of high-profile
business hacks, has been labelled as a “wake up call” for business. But
despite the growing cyber threat, cyber security is yet to become a focus
for many companies and business schools.

Those leading the push for cyber security in formal business training have
told BusinessBecause that more business schools should develop specialist
courses to combat hacking.

David Upton, professor at Oxford University’s Saïd Business School, which
this year launched a UK cyber risk program for senior business managers,
said: “Cyber security should be a standard part of any business education.”

Peter Swire, professor at Georgia Institute of Technology, which has a
course on information security for business students, said there is an
“urgent need” to bridge the gap between the code-level technologists and
top management.

“We train our students to fill that gap,” added Peter, who has advised US
president Barack Obama on cyber security.

Over the past 12 months, companies from adultery site Ashley Madison to
carmaker Fiat Chrysler and Dixons Carphone, the retailer, have been rocked
by cyber attacks.

Nine out of 10 large companies in the UK alone have suffered an online
security breach, according to a survey by PwC and the UK Department for
Business, Innovation and Skills in June. What’s more, the average cost of
the most damaging breaches for big firms more than doubled over a year to
£1.4 million.

“The multiple threats of computer crime have enormous consequences, not
only financial and reputational but [they] also can harm a nation’s
security and well-being,” said Konstantina Kappou, director of the MSc
Financial Risk Management at Henley Business School.

Dr Jason Ferdinand, head of the cyber security management research group at
the UK’s Coventry Business School, which launched last year an MBA in cyber
security, said that for too long, cyber security has been seen as a
technological and legal issue.

Yet, “knowledge of cyber security is fundamentally important for successful
management and leadership”, he said.

The news of TalkTalk’s hack came as Accenture published research showing
50% of the world’s 109 biggest banks have no board members with technology
experience, despite cyber crime “becoming a hot topic”, said Marie Kratz,
director of the risk research centre at ESSEC Business School.

Financial firms have been some of the most high-profile victims:  both the
insurer Anthem and JPMorgan Chase have suffered large-scale breaches.

Experts say there is a lack of understanding among business managers about
the need and importance of cyber security. “Rapidly evolving cyber security
problems are complex in nature,” said Amjad Ali, cyber security advisor at
University of Maryland, which offers a business-related master’s program in
cyber security.

Other business schools have developed courses around cyber security,
although they remain sparse. In the US, GW School of Business runs a
specialized World Executive MBA with a cybersecurity specialization, and
Fox School of Business teaches a master in Information Technology Auditing
and Cyber Security.

Yet cyber security is relevant to all business students, said J.P Auffret,
director of the MS in Management of Secure Information Systems at George
Mason University. “There’s a shortage of skilled professionals in the
field,” he said.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!