The list of information security threats that CIOs and CISOs must guard against keeps getting longer.
"For any business to function, their lights need to be on, and their IT systems need to be functioning," says Dave White, head of sales engineering at BAE Systems Applied Intelligence. "So you have to say that anything that would disrupt the activity or the operability of an organization, as far as their IT is concerned, is their number one priority."
But when it comes to prioritizing threats, security executives face an uphill battle. "One of the biggest challenges that CIOs have is not just keeping the lights on, but what's being stolen from us, or what could be stolen from us that we don't know about?" he says.
In an interview with Information Security Media Group at Infosecurity Europe, White also discusses:
- The difficulty of not just fighting unknown threats, but eradicating known vulnerabilities;
- The risk posed by social engineering;
- Strategies for keeping pace with emerging types of attacks and techniques.
White is head of sales engineering and enablement at BAE Systems Applied Intelligence and has been a cloud security and risk professional for more than 15 years. He previously held senior management positions at MessageLabs and Symantec.