Kevin Coleman is a senior fellow at the Technolytics Institute and former chief strategist at Netscape. (File) ()
Many chief information security officers (CISOs) have expressed increased concern over the cyber risks to our systems and electronic devices. Given the current situation, many planners are not looking longer than a five-year horizon (long term). Most of the cybersecurity community is obsessed with the here and now, and for good reason. Last year cybersecurity was ranked as one of the top five global risks for 2012 by the World Economic Forum. The continuous reporting on incidents of successful cyber attacks and the unrelenting assaults that are taking place on our electronic way of life have combined to justify increased focus on the next generation of security products.
New research development initiatives and fresh startups that focus on cybersecurity are everywhere. Many companies are merging with well-established tech companies and a smaller number are announcing plans for an initial public offering. So is this the next technology gold rush? It certainly looks that way. In a discussion with a CISO of a critical infrastructure provider, he said while it is far from a blank-check mindset, the executive committee and the boards of directors in many cases are actively engaged when it comes to the subject of enterprise cyber security. In fact, one CIO was recently admonished by board members and other corporate executives about the length of time to fill the CISO spot. That CIO is not alone. An executive recruiter was brought in after a major U.S. corporation spent six months looking for a CISO for their global environment. The threats certainly did not sit still while they attempted to recruit a resource that is in short supply.
Few people would dispute that the cyber threat environment is complex, highly dynamic and growing in terms of risk to business, government and individuals. Growing investment in cybersecurity startups reinforces the demand for cybersecurity products and services that is being driven by the risks. All of this and Capitol Hill is still discussing the highly controversial cybersecurity legislation that was introduced last year! Is this appropriate given the current threat and pace with which the risks are evolving?