Given the deluge of news about hacks and attacks, cybersecurity’s focus on outside threats is understandable, but woe be to the CISO who doesn’t address inside risks early and often.
China and other nation-state bad actors are probing the defenses of critical infrastructure worldwide and legacy or outdated systems are prime targets. The time to mitigate that risk is now.
For CISOs facing a myriad of challenges in an ever-expanding threat environment, making the hiring process more realistic would bring some welcome relief.
CISOs who focus only on detection technology — and don’t engage with the human side of the security equation — are missing a key ingredient for insider risk management.
There’s usually a strict protocol for granting access to systems or data to a new employee or contractor. But there are perils in not keeping tabs on that access as that person moves around or leaves.
China is targeting dissidents and others abroad to help in campaigns to steal government and corporate data. There is no organization, large or small, that is immune from the threat.
The rush to embrace generative AI highlights how privacy can suffer when it’s not a key consideration of security policies and implementations.
Restricting foreign involvement in government-funded research, Canada has made a start toward protecting intellectual property from malign nation-states, but there’s more to be done.