We are coming to a point in many large firms where true “innovation” in the cyber security space does not consist in deploying the latest tools, but in going back to the governance drawing board.
In earlier articles, we have examined the challenges of the CIO around Information Security, the importance of the CISO reporting line, and the fundamental role the Board of Directors has to play to drive security transformation.
Here, we revisit and develop further some of these aspects in line with new reflexions and some feedback we received.
The theft of the email addresses and other account details of 500 million Yahoo users is a golden opportunity for cyber-criminals working with bad-bots.
Those who use Yahoo to provide their principal email account should have been concerned by news of the leak. Many others, with an old Yahoo account that they do not use much, may not have been that bothered. Is such complacency justified? That depends, to gauge the risk you need to understand the cyber-crime opportunity represented by 500 million accounts.
Workload mobility and the need to maintain SLAs will be a defining feature of Unbounded IT and it is in the sphere of Cyber and Information security where I think the business will first force IT to reevaluate some its most deeply held dogmas and static thinking.