Christopher Burgess
star Advisor
IDG Contributor Network
Want to Join?
Opinions expressed by ICN authors are their own.
Christopher Burgess (@burgessct) is an author/writer, speaker, advisor, consultant and advocate for effective security strategies, be they for your company, home or family.
He founded and led Prevendra, a security, privacy and intelligence consultancy and content provider. Prior to Prevendra, he served as the Chief Security Officer, President Public Sector and Chief Operating Officer (2011 to 2013) of a small start-up within the big data analytic space, Atigeo. And he also served for a number of years as the Senior Security Advisor to the Chief Security Officer of Cisco, where he focused on intellectual property strategies. Additionally, also while at Cisco, Christopher led the following teams within the Corporate Security Programs Office: Global Threat Analysis providing geopolitical, economic and security analysis to Cisco strategists; Global Investigative Support providing forensic support to the enterprise’s investigatory groups; Global Government Security Office implementation; the US Government Security Office (NISPOM/DCID); and the eLitigation & eDiscovery support (EDRM) efforts within Cisco.
In addition, he has substantial international public sector experience, having served 30+ years within the Central Intelligence Agency. He lived and worked in South Asia, Southeast Asia, the Middle East, Central Europe and Latin America where he acquired a deep understanding of the people, cultures, and business practices of these respective areas. During this career he served in various positions, including that of Chief of Station. As Chief of Station, he was the personal representative for the Director of the Central Intelligence Agency, and concurrently for the National Intelligence Director within his geographic area of responsibility. He served as an executive member on numerous regional federal collaborative entities: Joint Terrorism Task Forces, U.S. Attorney Terrorism Task Forces and Regional Counterintelligence Working Groups. Upon his retirement, the CIA awarded him the Career Distinguished Intelligence Medal, the highest level of career recognition.
Christopher authored the ebook, Senior Online Safety (Prevendra, March 2014, Spanish version September 2014), and co-authored the book, Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century (Syngress, March 2008) and contributed to Bringing the Social Media Revolution to Healthcare (Mayo Clinic, October 2012), with a chapter on privacy.
Christopher contributes on a regular basis to the The Huffington Post beginning with the seminal piece, “A Common Sense Approach to Social Media,” as well as on occasion to the Spanish language edition, El Huffington Post. He is a compensated contributor to various enties.
In addition, Christopher's early CSO magazine contributions are highlighted by three pieces, “Social Elements of Security Policy and Messaging,” the study “Nation States’ Espionage and Counterespionage, Overview of the 2007 Global Economic Espionage Landscape,” and Inadvertent Disclosure: Know the Risks."
Christopher is an invited speaker to a plethora of events and venues, to include AARP’s Scam Jam, Carnegie Mellon University’s CyLab, Mayo/Ragan Social Media Healthcare Summit, Seattle Interactive/Gnomedex; Taia Global’s Suits & Spooks, Washington Technology Industry Association, Cisco Live!; the Interpol Intellectual Property Crime Conference; and numerous times at the NATO Information Assurance Conference. He has appeared on the BBC, CNBC, i24, China TV, Fox Business, Bloomberg and AARP’s Inside E-street.
The opinions expressed in this blog are those of Christopher Burgess and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.
Facebook outage a prime example of insider threat by machine
A buggy automated audit tool and human error took Facebook offline for six hours. Key lesson for CISOs: Look for single points of failure and hedge your bets.
How disinformation creates insider threats
Employees who believe disinformation are more susceptible to social engineering and phishing campaigns, and attackers know it.
White House international ransomware initiative outlines hopes and challenges
More than 30 nations discussed tactics for collaborating in the fight against ransomware, but it competes with a Russian-led UN initiative.
Twitch breach highlights dangers of choosing ease of access over security
Attackers essentially broke into the Twitch house and cleaned out everything. Following least-privilege access principles and encrypted datasets will help others avoid that scenario.
Device identity: The overlooked insider threat
Device/machine identity, especially in association with robotic process automation, can be a conduit for intentional and unintentional insider breaches.
Breach reporting required for health apps and devices, FTC says
A new policy statement makes it clear that the US Federal Trade Commission will hold healthcare app and device makers accountable for reporting data breaches.
Yes, the FBI held back REvil ransomware keys
The ransomware keys might have been acquired by an ally, which would invoke the third-party doctrine where the decision to release was not the FBI's alone.
3 cyber mercenaries: An insider threat case study
Three US nationals, working as cyber mercenaries on behalf of the United Arab Emirates, have accepted a deferred plea agreement for exploiting U.S. entities using U.S.-controlled technologies.
Russia is fully capable of shutting down cybercrime
With internet blocks and high-profile arrests, Russia shows it can crack down on cybercrime when properly motivated. New analysis suggests the Biden administration’s sanctions may be providing some motivation.
Lack of C3PAO assessors jeopardizes DoD CMMC certification goal
Only 100 approved assessors are available to certify that 300,000 US DoD providers are in compliance with the Cybersecurity Maturity Model Certification by the 2023 deadline.
Proofpoint lawsuits underscore risk of employee offboarding
Nearly every employee leaving a company takes data or intellectual property, but few companies adequately screen and monitor for it. Recent court cases underscore the risk.
China theft of US agriculture sector trade secrets prompts government guidance
China and other countries have used insiders to steal intellectual property from agricultural research. The government has responded with guidance for identifying insider threats.
CISA’s Joint Cyber Defense Collaborative: Why it just might work
New CISA director Jen Easterly is tasked with implementing the JCDC, which promises to make US critical infrastructure more resilient to cyberattacks. Her history makes her the right person for the job.
BlackBerry faces bad PR by failing to go public with BadAlloc vulnerability
Although the company informed its OEM customers of the vulnerability, users of IoT devices running its QNX OS were potentially kept in the dark.
Data sovereignty laws place new burdens on CISOs
More than 100 countries now require data on their citizens be stored or processed within their boundaries, presenting new data protection challenges.
Recent shadow IT related incidents present lessons to CISOs
Employee use of unauthorized applications and services have resulted in high-profile data losses and exposure. CISOs need to understand why shadow IT exists before they can address it.
CISOs: Do you know what's in your company’s products?
CISOs need to take a more direct role in the operations side of the business to help build security in by design.
GAO report faults CIOs, OMB for slow adoption of cybersecurity recommendations
The US agency highlight four areas where cybersecurity gaps in federal agencies threaten national security. Cites OMB for not helping CIOs get available funds.
CISA: China successfully targeted US oil and natural gas infrastructure
CISA alert details past network compromises and exposes a lack of preparedness among ICS companies.
-
White Paper
-
White Paper
-
Video/Webcast
Sponsored -
Case Study
Sponsored -
White Paper
