Findings from the 2020 Netwrix Cyber Threats Report reveal cybersecurity risks related to insiders are now more common than external threat actors. Since organizations went remote, four of the top six types of cybersecurity incidents they experienced were caused by internal users.
Meet Ian Thornton-Trump. He is the Chief Information Security Officer at Cyjax, and an ITIL certified IT professional with 25 years of experience in IT security and information technology. As CISO Cyjax, Ian has deep experience with the threats facing small, medium and enterprise businesses. His research and experience have made him a sought-after cybersecurity consultant specializing in cyber threat intelligence programs for small, medium and enterprise organizations. In his spare time, he teaches cybersecurity and IT business courses for CompTIA as part of their global faculty and is the lead architect for Cyber Titan, Canada's efforts to encourage the next generation of cyber professionals.
Generally, the chief information security officer (CISO) is thought of as the top executive responsible for information security within organizations. However, in today’s remote work environment, the need to expand security beyond one department or the responsibilities of CISOs is more important than ever. Due to the pandemic, the physical barriers of the office have been removed and the threat surface has exponentially expanded leaving more endpoints to be attacked. In this scenario, each employee’s home office has become a new potential risk, which is why building a strong security culture within organizations should be a priority.
With 2021 a few months away, what will the landscape of cybersecurity look like for enterprises? Here's a list of seven predictions that will affect enterprises and cybersecurity leaders.
Eighty percent of companies say that an increased cybersecurity risk caused by human factors has posed a challenge during the COVID-19 pandemic, particularly in times of heightened stress. This is according to Cyberchology: The Human Element, a new report that explores the role employees and their personality play in keeping organisations safe from cyber threats. Including that:
A CEO will last 8.4 years in the position, while a CFO clocks in at 6.2 years in average length of tenure. But a look around the boardroom will tell you that longevity isn’t in the cards for overworked, overwhelmed CISOs, with most only spending an average of two years in the role before calling it quits. This trend is no coincidence - CISOs are at the top of the list for burnt out, especially this year, as organizations accelerated digital transformation nearly overnight and employees continue to work remotely.
The British Interactive Media Association (BIMA) recently revealed that tech workers are five times more likely to suffer from a mental health problem than the wider population.
Nominet’s latest CISO Stress Report has also revealed that almost nine in ten (88%) chief information security officers (CISOs) consider themselves under moderate to high stress levels. The same report revealed that CISOs lose on average $35 000 a year in unpaid overtime, while increased stress levels have resulted in a 26-month tenure on average.
Companies need to tangibly improve employee well-being, particularly when it comes to their security professionals. Here are three measures security leaders can incorporate into their organization now, before employees hit a breaking point.
To ensure the deployment of enterprise-class registrars and additional best practices, organizations need to establish what we can call a “Domain Security Council.” Through such a council, CISOs collaborate with corporate C-suite members to identify, implement and continuously monitor/improve upon domain security policies and procedures.
Digital Guardian announced Tim Bandos will become Chief Information Security Officer (CISO). Bandos will bring more than 15 years of experience to the position including his five years as VP of Cybersecurity at Digital Guardian. Prior to joining Digital Guardian, Bandos was Director of Cybersecurity for Dupont where he was responsible for overseeing internal controls, incident response and threat intelligence.
