The job of the Chief Information Security Officer (CISO) has become challenging. As security has become a top-level concern for executive boards who are paying attention to the business impact of security, CISOs now have a seat at the table.
In the wake of massive data breaches such as those at the U.S. government’s Office of Personnel Management, health insurer Anthem and retailer Target, an enterprise’s initial reaction might be to tighten the security around networks and data. However, you may be forgetting one critical component: the insider threat.
Cybersecurity is more than just a headline associated with attacks on critical infrastructure assets, such as utility companies or our nation’s repository of its personnel records of employees with the highest security clearances.
IT security is complicated enough. The widespread adoption of BYOD mobile devices and the overall consumerization of IT promise to complicate security efforts exponentially. Are companies up to the challenge?
Not all employees are saboteurs or malicious actors, but without education, unwitting employees could cause just as much damage as a targeted data theft in the long run. Read how to prevent this in the August 2015 issue of Security. Also read how building stronger relationships with local and national law enforcement can aid in school security awareness and response, learn about the dangers of continuing to use old credit card terminals, and see the ASIS International 2015 product review.