"Cybersecurity is a major concern at companies of all sizes and has a measureable impact on many facets of operations, and certainly profitability. Yet the scale of that impact is often obscured or lost in translation. Unless directors can cut through the technical jargon in what are often massive amounts of information they receive, the size of the risk and the steps to mitigate it may not be clear. Instead, Hathaway says, the risks need to be translated into a language most directors know well: dollars and cents."

In our current state of cybersecurity, breach, crime, disruption, and destruction are growing in unacceptable ways. Key indicators suggest that we are not making enough progress and in fact, are possibly going backwards. This paper proposed four actions to start taking right now.

Melissa Hathaway gave an overview of the latest developments in cybersecurity from a US and then global perspective—and discussed what is at stake for companies and nations at a Centre for International Governance Innovation Policy Forum.

This chapter informs NATO cyber defense policy and presents operators and decision-makers with genuine tools and expert advice for computer network defense, incident detection, and incident response.

The cyber security of vital infrastructure and services has become a major concern for countries worldwide. The members of NATO are no exception, and they share a responsibility to help the global community to strengthen its cyber defenses against malicious cyber activity. This book presents 10 papers and 21 specific findings from the NATO Advanced Research Workshop (ARW) "Best Practices in Computer Network Defense (CND): Incident Detection and Response", held in Geneva, Switzerland, in September 2013.

The Cyber Readiness Index (CRI) examines thirty-five countries that have embraced ICT and the Internet and compares their maturity and commitment to protecting those investments using an initial objective assessment of where countries stand in cyber security in five areas.

"The G20 has an opportunity to articulate a vision for shaping the Internet economy for the next five to 10 years. The power of the leadership of this body, combined with its ability to assemble and speak to a simple, positive narrative for cybersecurity anchored in our collective economic well-being (and GDP growth), could be a watershed event. The GDP erosion that all nations are suffering places cybersecurity within the legitimate processes and 'architecture' of international economic governance. By changing the conversation to being about the economy and growth, this approach would enable the G20 to de-escalate the militarization and balkanization of the Internet."

"Policy makers, legislators, and businessmen should assess the gap between the current defense posture and our needed front line defense in the face of an increasingly sophisticated range of actors. This paper describes a series of case studies that highlight the lack of attention being paid to this serious problem and the subsequent policy and technology solutions that are being brought to bear to close the gap."

In this chapter, Melissa Hathaway and Alexander Klimburg introduce three conceptual tools to help focus the strategic context and debate. These are termed the "three dimensions," the "five mandates," and the "five dilemmas" of national cyber security. Each dimension, mandate and dilemma will play a varying role in each nation's attempt to formulate and execute a national cyber security strategy according to their specific conditions.

Implementing complementary government and private sector cyber protection policies remains a challenge. In a recent International Relations and Security Network/Center for Security Studies–sponsored presentation, Explorations in Cyber International Relations Senior Advisor Melissa Hathaway identified five major reasons why governments and their partners are still having trouble developing effective cyber security strategies.