Michele Braun Director, Institute for Managing Risk Manhattanville School of Business What can a company do to take advantage of the computer and Internet technology that helps it flourish while staying protected from cybercrime and cybersecurity threats? We used to say “you only have to open a newspaper …” to find a frequent news topic.   Today, you don’t even need to open up the newspaper (either physically or digitally) to find yet another report about a cyber breach, a cyber fraud, hacking, ransomware, phishing, or spear fishing.   Today, these news reports are routine and “above the fold,” the subject of Congressional hearings, company announcements attorney general investigations.   It’s almost a cliché, unfortunately, to tell a business that the question is not “if but when” it will endure a cyberattack. The Wall Street Journal quotes Cathy Bessant, Bank of America’s Chief Operations and Technology Officer, as saying “There is only one way to be fully

We live and work in a cyber-connected world that keeps businesses in touch with customers, clients, suppliers, marketers, financial resources.   This brings new and exciting benefits.   It also brings risks—risks that we read about in news headlines.   About those cybersecurity risks:   what questions do you want to ask?   What does a business manager who is not in IT need to know? In the wake of recent breaches of consumer data, articles with good information on how to respond are readily available for individuals:   on-line from the Consumer Financial Services Bureau and state Attorneys General , in letters and messages from financial service companies, as well as from news sources such as the New York Times, Wall Street Journal, and CNN.    In the aftermath of business-focused scams, such as this year’s WannaCry and Petya ransomware attacks, and following FBI warnings of “spoofing” attacks that mimic internal executives’ instructions, it’s time to talk about the role