Welcome to Cyber Security Today. It’s Friday, December 30th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
As the clock wound down on 2022 I looked back on the podcasts of the last 12 months. One that struck me the most was a July interview I did with Eric Cole. Currently, he’s the head of an American consulting firm called Secure Anchor. He’s also held senior security posts at Lockheed Martin, McAfee and has been a member of a presidential cybersecurity advisory commission.
A couple of things he said stood out in that interview:
One is that for certain organizations IT can set up a distributed database system so only 15 per cent of its data are in a single database. That greatly reduces the odds of a hacker getting all of an organization’s jewels from one file. It may not work for a bank or a hospital, but it’s an option worth thinking about for reducing risk.
The second is his recommendation that infosec leaders get to know the business side of their organization better. Set aside an hour or two at night to read business books, he said. That will help you better communicate with management.
And last is understanding the four things the CEO needs to hear from you: What could happen, what is the risk of it happening in terms of a percentage or a number on a scale, what will the cost be and what will it cost to fix.
It’s not easy to be an infosec leader, but that advice might help you better deal with executives.
For more, see this transcript of the interview.
That’s it for this episode. But before I end this year’s production I want to thank two people: Jim Love, IT World Canada’s chief information officer, for filling in several times while I was on vacation, and recording engineer Don Naylor, who somehow puts up with my flubs to make the show sound smooth.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.