International legal issues regarding IT security are challenging. We have yet to define a country’s sovereign territory over the internet. When is a foreign nation held responsible for hostile activities on another nations networks? When is it legalfor governments to retaliate over the internet? what are the rules of engagement?
If push comes to shove, in the past we advance our tanks, helicopters and massive war machines. In doing so the Earth itself quakes. Most of the sane world knows they cannot win a conventional war against the U.S. Therefore, we may find ourselves involved in an international war right at our own desk.
Our enemies are looking for vulnerabilities. I suggest that the internet itself is on a target list. Our enemies may think that by disrupting information technology in the US long enough, our economy will faulter. Combining this with power grid failures, biological attacks, and spuratic terrorist acts we could be in for a ride.
More importantly, does your company do anything interesting enough to attract a foreign enemy? The most innocent information could be weaponized. For example, formidable cloned armies or terrorist themselves may be farmed rather than recruited if some companies research data on attribute enhancement cloning was compromised.
does company have an Information Assurance plan? Can it validated the credibility of its information? What if a terrorist attacked over computers financial institutions changing the amounts of cash in 20 million accounts?