42 Pages Posted: 14 Sep 2013 Last revised: 5 Mar 2015
Date Written: October 11, 2014
The multifaceted cyber threat is increasingly impacting the bottom lines of firms and is spilling over into larger issues of geopolitical importance including international security. Firms, in particular managers and boards of directors, are at the epicenter of this storm, but so far surveys have revealed that few businesses are taking the necessary steps to safeguard their private data and enhance cybersecurity. As Howard A. Schmidt, the former U.S. Cybersecurity Coordinator, stated: “[W]hile there is a cost to doing more to improve cybersecurity, there is a bigger cost if we do not and that cost is measured not only in dollars, but in national security and public safety.” This Article argues that organizations should treat cybersecurity as a matter of corporate social responsibility to safeguard their customers and the public, such as by securing critical national infrastructure. It is in corporations own, long-term self-interest (as well as that of national security) to take such a wider view of private-sector risk management practices so as to encompass less traditional factors akin to what companies have done with respect to sustainable development.
Keywords: corporate social responsibility, cybersecurity, cyber attack, sustainability, environmental law and policy
Suggested Citation: Suggested Citation
Shackelford, Scott and Fort, Timothy L., Sustainable Cybersecurity: Applying Lessons from the Green Movement to Managing Cyber Attacks (October 11, 2014). University of Illinois Law Review, Vol. 2016, 2016. Available at SSRN: https://ssrn.com/abstract=2324620 or http://dx.doi.org/10.2139/ssrn.2324620