Download this Paper Open PDF in Browser

Sustainable Cybersecurity: Applying Lessons from the Green Movement to Managing Cyber Attacks

42 Pages Posted: 14 Sep 2013 Last revised: 5 Mar 2015

Scott Shackelford

Indiana University - Kelley School of Business - Department of Business Law; Harvard Kennedy School Belfer Center for Science & International Affairs; Center for Applied Cybersecurity Research; Stanford Center for Internet and Society; Stanford Law School

Timothy L. Fort

George Washington University - Department of Strategic Management & Public Policy

Date Written: October 11, 2014

Abstract

The multifaceted cyber threat is increasingly impacting the bottom lines of firms and is spilling over into larger issues of geopolitical importance including international security. Firms, in particular managers and boards of directors, are at the epicenter of this storm, but so far surveys have revealed that few businesses are taking the necessary steps to safeguard their private data and enhance cybersecurity. As Howard A. Schmidt, the former U.S. Cybersecurity Coordinator, stated: “[W]hile there is a cost to doing more to improve cybersecurity, there is a bigger cost if we do not and that cost is measured not only in dollars, but in national security and public safety.” This Article argues that organizations should treat cybersecurity as a matter of corporate social responsibility to safeguard their customers and the public, such as by securing critical national infrastructure. It is in corporations own, long-term self-interest (as well as that of national security) to take such a wider view of private-sector risk management practices so as to encompass less traditional factors akin to what companies have done with respect to sustainable development.

Keywords: corporate social responsibility, cybersecurity, cyber attack, sustainability, environmental law and policy

Suggested Citation

Shackelford, Scott and Fort, Timothy L., Sustainable Cybersecurity: Applying Lessons from the Green Movement to Managing Cyber Attacks (October 11, 2014). University of Illinois Law Review, Vol. 2016, 2016. Available at SSRN: https://ssrn.com/abstract=2324620 or http://dx.doi.org/10.2139/ssrn.2324620

Scott J. Shackelford (Contact Author)

Indiana University - Kelley School of Business - Department of Business Law ( email )

Bloomington, IN 47405
United States

Harvard Kennedy School Belfer Center for Science & International Affairs ( email )

79 JFK Street
Cambridge, MA 02138
United States

Center for Applied Cybersecurity Research ( email )

Wylie Hall 105
100 South Woodlawn
Bloomington, IN 47405
United States

Stanford Center for Internet and Society ( email )

Palo Alto, CA
United States

Stanford Law School ( email )

Stanford, CA 94305
United States

Timothy L. Fort

George Washington University - Department of Strategic Management & Public Policy ( email )

Washington, DC 20052
United States

Paper statistics

Downloads
232
Rank
110,283
Abstract Views
1,594