Christopher Burgess

Want to Join?
Opinions expressed by ICN authors are their own.

Christopher Burgess is a writer, speaker and commentator on security issues. He is a former senior security advisor to Cisco, and has also been a CEO/COO with various startups in the data and security spaces. He served 30+ years within the CIA which awarded him the Distinguished Career Intelligence Medal upon his retirement. Cisco gave him a stetson and a bottle of single-barrel Jack upon his retirement. Christopher co-authored the book, “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century”. He also founded the non-profit, Senior Online Safety.

How posting personal and business photos can be a security risk

How posting personal and business photos can be a security risk

Image geotags, metadata, and location information can allow competitors, cybercriminals, and even nation-state threat actors to gain knowledge they can use against organizations.

Transparency and policy shapes Cloudflare’s Kiwi Farms decisions

Transparency and policy shapes Cloudflare’s Kiwi Farms decisions

Cloudflare's blocking of hate-based forum Kiwi Farms is the latest in a string of controversial actions and inactions around bad behaving customers. Agree or disagree, the company has stuck to its policy throughout.

Social media's role in spreading U.S. election disinformation in the spotlight

Social media's role in spreading U.S. election disinformation in the spotlight

Before Twitter's former CISO sounded the alarm bell, the U.S. government defined steps to counter misinformation and disinformation at the state, local and federal levels.

FTC files lawsuit against Kochava for harvesting and selling geolocation data

FTC files lawsuit against Kochava for harvesting and selling geolocation data

The lawsuit claims the data broker is putting people at risk of "stigma, stalking, discrimination, job loss, and even physical violence” through the sale of geolocation data.

Sorting zero-trust hype from reality

Sorting zero-trust hype from reality

Zero trust is not a product, but a security methodology based on defense-in-depth and least-privileged access concepts.

Why SBOMs alone aren’t enough for software supply chain security

Why SBOMs alone aren’t enough for software supply chain security

Organizations must be willing to ask software vendors hard risk-based questions and be prepared for that to lengthen the purchase process.

U.S. Federal Court breach reveals IT and security maturation issues

U.S. Federal Court breach reveals IT and security maturation issues

An investigation into the 2020 breach results in 18 recommendations for the Administrative Office of the U.S. Courts to change its IT and security policies and practices.

China, Huawei, and the eavesdropping threat

China, Huawei, and the eavesdropping threat

In the world of intelligence, “capability present” changes the conversation from if to when. Huawei is an espionage threat not because of what it has done but because of what it can do.

Data privacy: Collect what you need, protect what you collect

Data privacy: Collect what you need, protect what you collect

Data over-collection is a security and compliance risk, and that's why CISOs need a say in decisions about what data to collect.

How a sex worker became a defense contractor employee -- and an insider threat

How a sex worker became a defense contractor employee -- and an insider threat

An accomplished research scientist manipulated a defense contractor CEO into hiring a prostitute for a technical role. Here's how this insider threat could have been avoided.

NSO Group’s Pegasus crashes as Apple initiates Dignity and Justice Fund

NSO Group’s Pegasus crashes as Apple initiates Dignity and Justice Fund

The failed sale of NSO Group to L3Harris raises concerns about who will own its surveillance technology, while Apple takes steps to hold surveillance firms accountable.

U.S. and UK warn local governments, businesses of China's influence operations

U.S. and UK warn local governments, businesses of China's influence operations

China uses personal, business and political relationships to gather information and influence actions. U.S. and UK government agencies urge caution.

How you handle independent contractors may determine your insider threat risk

How you handle independent contractors may determine your insider threat risk

Outside experts can be willing or accidental security threats. Reduce that risk by changing how you onboard, train and offboard them.

Russia-China cybercriminal collaboration could “destabilize” international order

Russia-China cybercriminal collaboration could “destabilize” international order

Russian cybercrime groups are courting their Chinese counterparts potentially could scale up the capabilities of both.

MITRE's Inside-R Protect goes deep into the behavior side of insider threats

MITRE's Inside-R Protect goes deep into the behavior side of insider threats

The new Inside-R program looks to collect historical insider threat data to more deeply analyze behaviors that signal risk.

Location data poses risks to individuals, organizations

Location data poses risks to individuals, organizations

App-based location data has been used against individuals, and that presents real risks for those people and organizations.

Congressional hearings focus on AI, machine learning challenges in cybersecurity

Congressional hearings focus on AI, machine learning challenges in cybersecurity

Talent shortages and ensuring that AI and machine learning systems are trustworthy are among the biggest concerns explained to the U.S. Congress.

Latest Cyberspace Solarium Commission 2.0 Report focuses on cyber workforce

Latest Cyberspace Solarium Commission 2.0 Report focuses on cyber workforce

The June 2022 report offers recommendations to the private sector, U.S. Congress, and the federal government to build up the nation's cybersecurity talent pool.

OPM's $63 million breach settlement offer: Is it enough?

OPM's $63 million breach settlement offer: Is it enough?

The nature and scope of the data stolen in the U.S. Office of Personnel Management presents a life-long risk to victims, who might get as little as $700 if the court accepts the settlement.

HiQ v LinkedIn court ruling will have a material effect on privacy

HiQ v LinkedIn court ruling will have a material effect on privacy

A U.S. appeals court has ruled that hiQ's scraping of public LinkedIn data is not a violation of the U.S. Computer Fraud and Abuse Act.

Load More