Another week brought another vulnerability to light, this time stemming from a hardware provider. Computer manufacturer Lenovo shipped laptops preinstalled with adware Superfish. It was revealed that Superfish relies on a single certificate that had already been decrypted, exposing users to man in the middle attacks on otherwise secure HTTPS connections through browsers such as Internet Explorer, Chrome, and Safari. Metro Tasmania CIO Rodney Byfield shared an article from Mashable providing clear remediation steps for this vulnerability.
We’ve seen CEOs placed in the hot seat in the wake of breaches, as in the case of Target, and rising cyber crime costs are a big reason why. Former CIO and current HP cyber security strategist Tim Grieveson shared a Ponemon Institute report that found the cost of cyber crime has escalated 96% in the past five years. The time to detect an attack has also increased, with insider threat incidents averaging the longest time before detection. We’re not surprised, as cloud services open up new vectors of attack for rogue insiders.
On the other hand, with cloud use organizations can leverage unique security capabilities to manage risk. Adobe CIO Gerri Flickinger shared an article explaining that many security reservations against moving to the cloud are just remnants of an outdated mindset. By turning weaknesses into strengths, the security capabilities available for data in the cloud can exceed those for data stored on premise.
While an increase in breaches has brought negative attention to IT, we firmly believe there’s never been a better time to be a CIO. Creative Artists Agency CIO Michael Keithley agrees, citing a Forbes article on the trends in IT that have caused the CIOs value to an organization to skyrocket. Reason number one? “IT is not a commodity.” CIOs like Keithley stand out by keeping their organizations agile and collaborative.
There’s a shared trait among the top CIOS: a proactive attitude towards meeting users’ needs. It’s no longer viable to provide users with a specific set of tools and reject any alternatives. As Robert Schmidt of the California Department of Food and Agriculture shows, today’s CIO must take a hands-on approach to understanding how employees work. In particular, Schmidt points out the importance of “going to the field,” a technique that IT at Western Union has also adopted within their WISE program. The willingness to seek input from employees goes along way in establishing IT as a business partner.
CASB Magic Quadrant 2019 is here – McAfee a Leader for third consecutive year
CASB RFP Template: 200+ Common Questions Enterprises Are Asking
9 Cloud Computing Security Risks Every Company Faces
Office 365 Security Concerns: Download Definitive Guide to Office 365 eBook
51 AWS Security Best Practices