In an article published by The Wall Street Journal's Risk & Compliance Journal, Samar Ali participated in a Q&A regarding what companies should do to protect against cyberthreats. Samar says that the government's role in cybersecurity is a bit controversial because the global digital environment is primarily owned by the private sector. She suggested that companies should have three plans when dealing with cyberattacks – a "before" plan, a "during" plan and an "after" plan. Every person in the company should be trained regarding how to manage cybersecurity, especially on the "before" plan because each employee plays a role in that process. She also suggested that companies should have both a chief cybersecurity officer and a chief information security officer.
The full article, "When the Government Can't Protect Your Firm from a Cyberattack," was published on January 4, 2017, in The Wall Street Journal's Risk & Compliance Journal and is available online.