A risk-based approach to security is central to complying with GDPR. Article 32 requires that the measures taken by organisations must provide a level of security appropriate to the risk.
Ojas Rege argues that CISOs and CEOs who broaden their cyber-security messages beyond the need for defence can create organisations that embrace innovation and drive performance.
Employees have to choose between leaving data unprotected, disrupting their work to use the company encryption tool, or protecting data on their own; once an employee encrypts a file on their own, the company has no control.
The app-blended lifestyle poses problems for CIOs, CISOs and those responsible for keeping an organisation safe and secure. Mike Hemes, says shadow IT is a real issue and one we can only see increasing over time.
Most (88 percent) IT decision makers in UK and German organisations believe that shadow IT makes them more vulnerable to cyber-attacks.
The onus on forward-thinking businesses shouldn't be on stamping out shadow IT, says Ed Macnair, but rather encouraging employees to adopt and get the most out of their tools of choice in a secure and productive fashion.