With so many employees and contractors working remotely, security teams and CISOs grapple with the job of continuing to protect networks, systems, data, and people. One challenge: recognizing clues that something is wrong when nothing looks normal.
Calls for jail time for C-suite executives after a data breach are getting louder, but proposed legislation such as the Corporate Executive Accountability Act would not prevent data breaches. Instead, it would will simply result in organizations lawyering up, CISO Advisor Dave Lewis argues.
Humans are fundamentally wired to take risks, and their decisions are all about taking risks in order to gain some kind of a benefit. Poor decisions are because risks are not straightforward to understand, Andy Ellis, CSO of Akamai Technologies. If the information is presented differently, there would be better decision-making.
There are obvious differences between government policy and organizational policy, but when it comes to crafting information security policies, there are several elements that apply to both sides. Here are some of them.
The government shutdown isn't impacting just security professionals working for the federal government. Corporate security teams have to pay attention to what public services are available and what aren't during this time period.