Executive Liability for Computer Crime and How to Prevent It

A new Federal regulation aimed at tackling white‐collar crime has sobering implications for CEOs, information systems managers, and other senior management. Simply stated, the regulation holds the CEO and senior management responsible for crime involving their organization. Officials remain responsible even when the organization and its members are honest, and the crime clearly was perpetrated by intruders. Organizations are exposed to liability of up to $290 million and possible corporate probation for financial crime. To prevent this liability, organizations need to prove a “good faith” effort at preventing and deterring criminal conduct on their networks through an “effective” security program However, the most prevalent computer security system – the password – is considered by computer security experts to be largely ineffective. Organizations relying on computer passwords alone for security will carry heightened liability – and their managements carry heightened risk.