It All Changed in One Day: How 9/11 Transformed Cyber Security Responsibility

Cyber Security Awareness Month may be officially over, but not at Norman. We’ve extended our weekly thought leadership video series into November, since the experts we’ve interviewed have so much more to share. I hope you continue to find the commentary from these experts valuable.

Joe Weiss, managing partner of Applied Control Solutions, joins me again today in the sixth episode of the series. “It All Changed in One Day,” recounts the dramatic shift that occurred in boardrooms after 9/11. Whereas directors had previously considered cyber security a business issue, after 9/11, it evolved into a national security issue that most boards expected the federal government to handle.

 
To illustrate his point, Weiss noted that on September 10, 2001, he led a breakout session on cyber security with attendees ranging from utility companies to a dog food manufacturer. However, the next day, critical infrastructure security “went from being a business issue to a national security issue.”

Weiss urges board members to take matters back into their own hands. Today, only traditional, high-profile or expensive IT projects find their way into boardroom discussions. Even though a control system upgrade may only cost $10 million, a price that may seem insignificant compared to a $200 million ERP implementation, the cost of a security breach is inestimable.

Norman agrees that critical infrastructure security deserves board-level attention. I hope you’ll watch Weiss’ full discussion in this most recent edition, and check back next week for an in-depth look at another cybersecurity issue.