It’s vital therefore
that CISOs
ask awkward
questions of those
responsible for
managing cloud
services and make
sure they have all
the training that
they need.
the country is in the top tier globally
for developing expertise in this area
• Third party risk. Digital Shadows
discovered how third parties are
exposing information that can
provide highly valuable information
to sophisticated actors with 545 SAP
configuration files publicly exposed
on misconfigured systems. This is just
one example – third parties such as
contractors and suppliers are often the
weakest link and can leak important
company secrets. Firms need to get
much better at managing this
www.intelligentciso.com
|
Issue 06
• Cloud security. In April, Digital
Shadows found 1.5 billion business
and consumer files exposed
online. Many of these were on
cloud services such as Amazon S3
buckets. The issue isn’t that cloud
services are inherently insecure,
oftentimes they are misconfigured.
It’s vital therefore that CISOs
ask awkward questions of those
responsible for managing cloud
services and make sure they have all
the training that they need
• National security. All CISOs need
to track geopolitical and national
security issues. Threat actors that
are suspected of being affiliated
with nation states are among the
most capable. They can, and they
do, steal intellectual property as
well as disrupt organisations that
are deemed to be in their national
interests. As we have seen with
EternalBlue, what starts off as a
nation state tool can quickly become
subverted and used for other ends
by other cybercriminal groups.
Keeping an eye on the national
picture can give us a clue as to what
will hit the ‘mainstream’ later on
As a CISO, you have the opportunity
you’ve longed for – to work closely with
your peers at the c-level and interact
directly with the board with the aim of
demonstrating value to the organisation
and buy-in for new initiatives. By putting
knowledge of the business and risks
first and understanding how and what
to communicate to the board, you can
transition successfully. u
75