Christopher Burgess
CSOonline
Woodinville, WA, United States
Contact Christopher
Discover and connect with journalists and influencers around the world, save time on email research, monitor the news, and more.
| Recent: |
|
| Past: |
|
Past articles by Christopher:
If governments are banning TikTok, why is it still on your corporate devices?
When lawmakers and higher education take steps to prevent official users from accessing the popular video-sharing app on their devices, corporations should sit up and take notice. → Read More
GAO warns government agencies: focus on IoT and OT within critical infrastructure
Several key US departments are falling woefully short on cybersecurity measures for infrastructure connected to the internet of things and operational technologies, the GAO said in a scathing report. → Read More
Report highlights serious cybersecurity issues with US defense contractors
The CyberSheath report found that US defense contractors are “woefully unprepared” and often don’t meet even the most basic security requirements that would keep military secrets safe. → Read More
GAO report: government departments need dedicated leaders to oversee privacy goals
A US Government Accountability Office report is calling for a host of changes to improve privacy within various federal agencies and departments. How those changes get implemented will depend largely on the establishment of new privacy leaders. → Read More
Guilty verdict in the Uber breach case makes personal liability real for CISOs
The conviction of Uber's former CSO could change the roles of top security leaders and raises the level of personal risk in the wake of a breach. → Read More
US government indicts Iranian nationals for ransomware and other cybercrimes
The Department of Justice and FBI claim three Iranian citizens conducted a global cybercrime operation while separately the US Treasury sanctions Iran. → Read More
How posting personal and business photos can be a security risk
Image geotags, metadata, and location information can allow competitors, cybercriminals, and even nation-state threat actors to gain knowledge they can use against organizations. → Read More
FTC files lawsuit against Kochava for harvesting and selling geolocation data
The lawsuit claims the data broker is putting people at risk of "stigma, stalking, discrimination, job loss, and even physical violence” through the sale of geolocation data. → Read More
Sorting zero-trust hype from reality
Zero trust is not a product, but a security methodology based on defense-in-depth and least-privileged access concepts. → Read More
Why SBOMs alone aren’t enough for software supply chain security
Organizations must be willing to ask software vendors hard risk-based questions and be prepared for that to lengthen the purchase process. → Read More
China, Huawei, and the eavesdropping threat
In the world of intelligence, “capability present” changes the conversation from if to when. Huawei is an espionage threat not because of what it has done but because of what it can do. → Read More
Data privacy: Collect what you need, protect what you collect
Data over-collection is a security and compliance risk, and that's why CISOs need a say in decisions about what data to collect. → Read More
How you handle independent contractors may determine your insider threat risk
Outside experts can be willing or accidental security threats. Reduce that risk by changing how you onboard, train and offboard them. → Read More
Latest Cyberspace Solarium Commission 2.0 Report focuses on cyber workforce
The June 2022 report offers recommendations to the private sector, U.S. Congress, and the federal government to build up the nation's cybersecurity talent pool. → Read More
OPM's $63 million breach settlement offer: Is it enough?
The nature and scope of the data stolen in the U.S. Office of Personnel Management presents a life-long risk to victims, who might get as little as $700 if the court accepts the settlement. → Read More
JHL Biotech's theft of Genentech data holds lessons for infosec
Genentech employees stole the company's data on behalf of JHL Biotech for years. What could they have done to spot the theft sooner? → Read More
MITRE and partners build insider threat knowledge base
MITRE Engenuity and major business partners have developed an knowledge base of malicious insiders' tactics, techniques and procedures. → Read More
Clearview AI commercialization of facial recognition raises concerns, risks
Facial recognition as a service has caught the attention of regulators and litigators. CISOs at companies considering the technology need strong privacy protections in place. → Read More
3 biggest cyber risks from the Ukraine-Russia conflict
The threat of cyberattacks crossing Ukrainian and Russian borders is real, and these are the most likely risks that businesses need to consider. → Read More
CISOs, beware of spyware tools for illicit competitive intelligence
Two recent court cases expose the capabilities of publicly available spyware and how businesses and governments use them for malicious purposes. → Read More