Corporate Cybersecurity

Chapter
Part of the SpringerBriefs in Cybersecurity book series (BRIEFSCYBER)

Abstract

This chapter looks at trends in how well prepared Chinese corporations are to defend themselves in cyberspace at home. It looks in broad terms at the question of security culture in enterprises, and at the special case of the financial services sector, especially banks. This sector was the main initial focus of government policy for informatization at the turn of the century (Austin in Cyber policy in China. Polity, Cambridge, 2014: 94). Other sectors of note in this chapter include airlines, the electricity grid and universities, though these are discussed only in brief.

Keywords

Cyber harm Business costs of cyber crime Organisational culture Financial services Bank of china Civil aviation Power grid Universities 

References

  1. Anderson R, Barton C, Böhme R, Clayton R, Van Eeten MJ, Levi M, Moore T, Savage S (2013) Measuring the cost of cybercrime. The economics of information security and privacy. Springer, Berlin, Heidelberg, pp 265–300CrossRefGoogle Scholar
  2. Armin J, Thompson B, Ariu D, Giacinto G, Roli F, Kijewski P (2015) August. 2020 cybercrime economic costs: no measure no solution. In: 10th international conference on availability, reliability and security (ares). IEEE, pp 701–710Google Scholar
  3. Austin G (2014) Cyber policy in China. Polity, CambridgeGoogle Scholar
  4. Austin G, Cappon E, McConnell B, Kostyuk N (2014) A measure of restraint in cyberspace: reducing risk to civilian nuclear assets. EastWest Institute, New York/Brussels/Moscow. https://www.eastwest.ngo/sites/default/files/ideas-files/munich2014.pdf
  5. BoC (2016) Consolidate cybersecurity barriers to enhance financial services. In Chinese. http://pic.bankofchina.com/bocappd/csr/201605/P020160521681204387049.pdf
  6. Brunekreeft G, Luhmann T, Menz T, Muller S, Recknagel P (eds) (2015) Regulatory pathways for smart grid development in China. Springer, BerlinGoogle Scholar
  7. CAICT (2017) White paper on the cybersecurity industry. In Chinese. Chinese Academy of Information and Communications Technologies. http://www.caict.ac.cn/kxyj/qwfb/bps/201709/P020170919308653198647.pdf
  8. CAS (2014) Possible major S&T breakthroughs in China over the next decade. Bull Chin Acad Sci 28(1):62–105. http://english.cas.cn/bcas/2014_1/201411/P020141121529840357394.pdf
  9. CBRC (2013) China banking regulatory commission annual report 2012. http://www.cbrc.gov.cn/chinese/files/2013/4CF24B3E79704CEA85D330A7CC18CD7D.pdf
  10. CBRC (2015) China banking regulatory commission annual report 2014. Part 1. http://www.cbrc.gov.cn/chinese/files/2015/0F19960DD41D4206A246251A7225773E.pdf
  11. CBRC (2016) China banking regulatory commission annual report 2015. http://www.cbrc.gov.cn/chinese/files/2016/6C1DEC063D6442B289B7C24F662D2E52.pdf
  12. CCTV (2016) State grid exposes data of tens of millions of clients! State power emergency response. In Chinese. South Metropolis Daily. 14 Dec 2016. http://www.xzbu.com/6/view-6614435.htm
  13. Charlton A (2013) Angry Bitcoin users blamed for China Central Bank Cyber Attack. Int Business Times. 19 Dec 2013. http://www.ibtimes.co.uk/angry-bitcoin-users-blamed-china-central-bank-cyber-attack-1429648
  14. Chen L, Liu X, Zhang T, Wang Y (2013) The research on information architecture and security protection of smart grid. Appl Mech Mat 421:541–545. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.1008.6294&rep=rep1&type=pdfCrossRefGoogle Scholar
  15. China Eastern (2017) 2016 China Eastern Airlines corporate social responsibility report. http://en.ceair.com/upload/2017/5/51132788.pdf
  16. CNN (2015) Cyber Criminals Attack Bank of China for Bitcoin Ransom. 20 May 2015. https://www.ccn.com/cyber-criminals-attack-bank-china-bitcoin-ransom/
  17. CNNIC (2017) Statistical report on internet development in China. Jan 2017. https://cnnic.com.cn/IDR/ReportDownloads/201706/P020170608523740585924.pdf
  18. Gartner (2017a) Gartner survey finds CIOs in China preparing for a digital ecosystem surge. Press Release. 22 Mar 2017. http://www.gartner.com/newsroom/id/3650317
  19. Gartner (2017b) Gartner says worldwide information security spending will grow 7 percent to reach $86.4 billion in 2017. Press Release. 16 Aug 2017. https://www.gartner.com/newsroom/id/3784965
  20. Hathaway M (2103) Cyber readiness index 1.0. Hathaway Global Strategies LLC, Great Falls, VA. http://www.belfercenter.org/sites/default/files/legacy/files/cyber-readiness-index-1point0.pdf ICAO 2017
  21. ICAO (2016) Resolutions adopted by the assembly. 39th session. Montreal. 27 Sept to 6 Oct 2016. Resolution 39–19. Addressing cyber security in civil aviation. Provisional edition. Oct 2016, pp 91–93. https://www.icao.int/Meetings/a39/Documents/Resolutions/a39_res_prov_en.pdf
  22. Li DC (2015) Online security performances and information security disclosures. J Comput Inf Syst 55(2):20–28MathSciNetGoogle Scholar
  23. Lin R, Xie Z, Wang X, Wei J (2016) Institutional pressures, legitimation of information security and organizational performance: an empirical study on China’s firms. Manage World 2:122–188Google Scholar
  24. Lou X, Fu G, Gong W, Liang Y, Chen Y (2016) Financial institutions: how far are you from the cyber security law? King & Wood Mallesons. http://www.kwm.com/en/knowledge/insights/financial-institutions-how-far-are-you-from-the-cyber-security-law-20161114
  25. McGuire M, Dowling S (2013) Cyber crime: a review of the evidence. Summary of key findings and implications. Home office research report. http://www.justiceacademy.org/iShare/Library-UK/horr75-chap1.pdf
  26. Qihoo 360 (2017a) Analysis report on security vulnerabilities of Chinese websites 2016. In Chinese. 5 Jan 2017. http://zt.360.cn/1101061855.php?dtid=1101062368&did=210133742
  27. Qihoo 360 (2017b) 2016 internet security report. In Chinese. 12 Feb 2017. 209 pp. http://zt.360.cn/1101061855.php?dtid=1101062514&did=490278985
  28. Ran F, Huang H, Ma J, Xu M (2012) Analysis of information encryption on electric communication network. In: Xiao T, Zhang L, Fei M (eds) AsiaSim 2012. Communications in computer and information science, vol 324. Springer, Berlin, Heidelberg, pp 143–150. https://link.springer.com/chapter/10.1007/978-3-642-34390-2_17CrossRefGoogle Scholar
  29. Reuters (2014) China pushing banks to drop IBM servers in hacking dispute: report. 27 May 2014. https://www.reuters.com/article/us-ibm-china/china-pushing-banks-to-drop-ibm-servers-in-hacking-dispute-report-idUSKBN0E70S620140527
  30. Reuters (2017) Security experts struggle in search for WannaCry clues—Reuters. 19 May 2017. https://www.finextra.com/newsarticle/30596/security-experts-struggle-in-search-for-wannacry-clues—reuters/transaction
  31. SGCC (2011) SGCC Held integrated information system data disaster recovery drilling. State Grid News. 21 Nov 2011. http://www.sgcc.com.cn/ywlm/mediacenter/corporatenews/12/261468.html
  32. Shen H, Li M, Li Z (2016) An analysis of power grid enterprises’ information security system under cloud environment. In: International conference on advanced electronic science and technology (AEST 2016), pp 759–764. www.download.atlantis-press.com/php/download_paper.php?id=25864509
  33. Soo Z (2016) China, Hong Kong firms face highest level of cybersecurity risk, says South China Morning Post. 29 Nov 2016. http://www.scmp.com/tech/article/2050174/china-hong-kong-firms-face-highest-level-cybersecurity-risks-says-pwc
  34. State Grid (2017) Establish a correct cyber-security concept and build a secure line of defence. In Chinese. State Grid Corporation. 2 May 2017. http://www.cec.org.cn/zdlhuiyuandongtai/dianwang/2017–05-02/167735.html
  35. Tang M, Li M, Zhang T (2016) The impacts of organizational culture on information security culture: a case study. Inf Technol Manage 17(2):179–186. http://jtp.cnki.net/bilingual/detail/html/GLSJ201602014CrossRefGoogle Scholar
  36. USITO (2017) CAAC Drafted new security measures in line with CSL. http://www.usito.org/news/caac-drafted-new-secuirty-measures-line-csl
  37. Warner R, Sloan RH (2016) Defending our data: the need for information we do not have. 29 July 2016. https://ssrn.com/abstract=2816010
  38. Wolf J, Lehr W (2017) Degrees of ignorance about the costs of data breaches: what policymakers can and can’t do about the lack of good empirical data. 31 Mar 2017. https://ssrn.com/abstract=2943867
  39. Xinhua (2016) China’s civil aviation and cyber security companies join forces to tackle the challenges of cyberspace security. In Chinese. 17 Aug 2017. http://news.xinhuanet.com/air/2016-08/17/c_129236824.htm
  40. Xinhua (2017) Strengthening the construction of the ‘Blue Team’. Improving the information security level of the power grid. In Chinese. 25 Aug 2017. http://www.cq.xinhuanet.com/2017-08/25/c_1121539075.htm
  41. Young J (2016) China’s Central Bank hires Blockchain experts to launch Cryptocurrency. Coin Telegraph, 16 Nov 2016. https://cointelegraph.com/news/chinas-central-bank-hires-blockchain-experts-to-launch-cryptocurrency
  42. Zeng Z, Yang K, Zhang Y and Zhou P (2013) Increasing employees’ awareness and enhancing motivation in e-government security behavior management. In: Fourth international conference on digital manufacturing and automation (ICDMA), pp 684–687Google Scholar
  43. Zheng S (2017) Ditch your boarding pass. South China Morning Post. 30 June 2017. http://www.scmp.com/news/china/article/2100646/china-southern-airlines-countrys-first-carrier-use-facial-recognition
  44. Ziser KK (2017) China telecom global launches SD-WAN service with versa networks. Light Reading. 15 Sept 2017. http://www.lightreading.com/carrier-sdn/sd-wan/china-telecom-global-launches-sd-wan-service-with-versa-networks/d/d-id/736388?_mc=RSS_LR_EDT

Copyright information

© The Author(s) 2018

Authors and Affiliations

  1. 1.Australian Centre for Cyber SecurityUniversity of New South WalesCanberraAustralia

Personalised recommendations