GDPR has been on every Information Security professional’s mind for what feels like forever but finally the new legislation has come into play. There has been a lot of speculation about the aftermath and with complaints filed against leading tech corporations in the first week it is evident the new regulations are being taken very seriously. It is important for all organisations to be compliant, or as compliant as they can be.
Hackers are showing no sign of retreat and are beginning to use AI and machine learning to outsmart defence systems. Whilst legacy systems are still in place in many organisations and others moving whole systems and networks to the cloud – hackers can take advantage of weak points in the structure and gain access with ransomware remaining a common threat. Phishing attacks are becoming increasingly sophisticated and there are still stories published regularly about Executives falling into the trap. Not only are CISOs having to monitor the insider threat but they are also still struggling with a skills gap in the industry with limited qualified professionals in the workforce.
However, it is not all doom and gloom for CISOs – awareness is increasing at board level about the importance of investing in security which is leading to profound change and transformation within the industry and it is more important than ever for CISOs to share experiences and solutions to these growing threats.