Christopher Burgess

Want to Join?
Opinions expressed by ICN authors are their own.

Christopher Burgess (@burgessct) is an author/writer, speaker, advisor, consultant and advocate for effective security strategies, be they for your company, home or family.

He founded and led Prevendra, a security, privacy and intelligence consultancy and content provider. Prior to Prevendra, he served as the Chief Security Officer, President Public Sector and Chief Operating Officer (2011 to 2013) of a small start-up within the big data analytic space, Atigeo. And he also served for a number of years as the Senior Security Advisor to the Chief Security Officer of Cisco, where he focused on intellectual property strategies. Additionally, also while at Cisco, Christopher led the following teams within the Corporate Security Programs Office: Global Threat Analysis providing geopolitical, economic and security analysis to Cisco strategists; Global Investigative Support providing forensic support to the enterprise’s investigatory groups; Global Government Security Office implementation; the US Government Security Office (NISPOM/DCID); and the eLitigation & eDiscovery support (EDRM) efforts within Cisco.

In addition, he has substantial international public sector experience, having served 30+ years within the Central Intelligence Agency. He lived and worked in South Asia, Southeast Asia, the Middle East, Central Europe and Latin America where he acquired a deep understanding of the people, cultures, and business practices of these respective areas. During this career he served in various positions, including that of Chief of Station. As Chief of Station, he was the personal representative for the Director of the Central Intelligence Agency, and concurrently for the National Intelligence Director within his geographic area of responsibility. He served as an executive member on numerous regional federal collaborative entities: Joint Terrorism Task Forces, U.S. Attorney Terrorism Task Forces and Regional Counterintelligence Working Groups. Upon his retirement, the CIA awarded him the Career Distinguished Intelligence Medal, the highest level of career recognition.

Christopher authored the ebook, Senior Online Safety (Prevendra, March 2014, Spanish version September 2014), and co-authored the book, Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century (Syngress, March 2008) and contributed to Bringing the Social Media Revolution to Healthcare (Mayo Clinic, October 2012), with a chapter on privacy.

Christopher contributes on a regular basis to the The Huffington Post beginning with the seminal piece, “A Common Sense Approach to Social Media,” as well as on occasion to the Spanish language edition, El Huffington Post. He is a compensated contributor to various enties.

In addition, Christopher's early CSO magazine contributions are highlighted by three pieces, “Social Elements of Security Policy and Messaging,” the study “Nation States’ Espionage and Counterespionage, Overview of the 2007 Global Economic Espionage Landscape,” and Inadvertent Disclosure: Know the Risks."

Christopher is an invited speaker to a plethora of events and venues, to include AARP’s Scam Jam, Carnegie Mellon University’s CyLab, Mayo/Ragan Social Media Healthcare Summit, Seattle Interactive/Gnomedex; Taia Global’s Suits & Spooks, Washington Technology Industry Association, Cisco Live!; the Interpol Intellectual Property Crime Conference; and numerous times at the NATO Information Assurance Conference. He has appeared on the BBC, CNBC, i24, China TV, Fox Business, Bloomberg and AARP’s Inside E-street.

The opinions expressed in this blog are those of Christopher Burgess and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

GAO report faults CIOs, OMB for slow adoption of cybersecurity recommendations

GAO report faults CIOs, OMB for slow adoption of cybersecurity recommendations

The US agency highlight four areas where cybersecurity gaps in federal agencies threaten national security. Cites OMB for not helping CIOs get available funds.

CISA: China successfully targeted US oil and natural gas infrastructure

CISA: China successfully targeted US oil and natural gas infrastructure

CISA alert details past network compromises and exposes a lack of preparedness among ICS companies.

US and UK issue rare joint guidance in response to Russian GRU brute force campaign

US and UK issue rare joint guidance in response to Russian GRU brute force campaign

CISOs should leverage this guidance to help get the resources they need to make these and other cyberattacks too costly for nation-state threat actors and criminals.

IT asset disposal is a security risk CISOs need to take seriously

IT asset disposal is a security risk CISOs need to take seriously

Sensitive company and personal data often leaves organizations on disposed devices. An auditable chain of custody that shows data destruction is essential for any ITAD program.

Security firm COO indicted for allegedly aiding hospital's attackers: What CSOs should know

Security firm COO indicted for allegedly aiding hospital's attackers: What CSOs should know

A grand jury has indicted Securolytics COO Vikas Singla for allegedly helping attackers access Gwinnett Medical Center's phone system and printers. This breach of trust presents a dilemma for CISOs.

GAO calls out US government agencies: Get your supply chain security act together

GAO calls out US government agencies: Get your supply chain security act together

The US Government Accounting Office tells Congress that federal agencies have largely ignored its supply chain risk management guidance for nearly ten years.

Colonial Pipeline take-away for CISOs: Embrace the mandates

Colonial Pipeline take-away for CISOs: Embrace the mandates

The DarkSide attack on Colonial is yet another wake-up call for companies to harden their systems against ransomware. History suggests that might not happen despite new government guidance.

Microsoft Azure Blob leak a lesson to CISOs about cloud security responsibility

Microsoft Azure Blob leak a lesson to CISOs about cloud security responsibility

Microsoft's apparent misconfiguration of its own cloud bucket exposed third-party intellectual property. Here are the takeaways for CISOs.

CISA issues guidance on defending against software supply chain attacks

CISA issues guidance on defending against software supply chain attacks

The government makes recommendations for both organizations and software vendors to minimize the risk of software compromised by a criminal or foreign adversary.

Global trends will increase nation-state threats for the US in next 20 years

Global trends will increase nation-state threats for the US in next 20 years

US intelligence agencies predict more nation-state-sponsored cyberattacks, disinformation campaigns, cyberespionage and intellectual property theft in the coming decades.

Coca-Cola trade secret theft underscores importance of insider threat early detection

Coca-Cola trade secret theft underscores importance of insider threat early detection

A research engineer used basic exfiltration techniques to steal trade secrets from Coca-Cola, but wasn't caught until she attempted to steal similar data from another company.

China’s MSS using LinkedIn against the U.S.

China’s MSS using LinkedIn against the U.S.

The head of the U.S. National Counterintelligence and Security Center says China's MSS is using social networks, specifically LinkedIn, to target, access, and recruit U.S. sources.

Tesla insider with expired NDA spills the tech beans

Tesla insider with expired NDA spills the tech beans

A former Tesla engineer with an expired non-disclosure agreement (NDA) shared inside technical information on an obscure forum, which was quickly shared across multiple social media platforms.

Horizon Air tragedy highlights airline insider threat vulnerability

Horizon Air tragedy highlights airline insider threat vulnerability

The ease at which a Horizon Air employee was able to steal and crash a Bombardier Q400 turboprop will likely prompt airlines to develop an insider threat mitigation strategy to close this vulnerability.

How did the TimeHop data breach happen?

How did the TimeHop data breach happen?

Compromise of an employee's credentials, lack of multi-factor authentication, and weak insider threat analysis all played a factor in the recent TimeHop data breach in which 21 million user accounts were compromised.

How pervasive is the insider threat in your company?

How pervasive is the insider threat in your company?

The Dtex 2018 Threat Report finds that 100 percent of companies have blind spots when it comes to the insider threat.

Apple insider attempts to take autonomous car secrets to China

Apple insider attempts to take autonomous car secrets to China

Xiaolang Zhang, an Apple hardware engineer, harvested 40 gigs of data about the Apple Car and took a server and circuit boards prior to announcing his intent to join XMotors and return to China.

Sinovel Wind Group found guilty of IP theft, fined $1.5 million

Sinovel Wind Group found guilty of IP theft, fined $1.5 million

While American Superconductor's data logs and stores were helpful in convicting Sinovel Wind Group of IP theft, a data loss prevention strategy could have identified the thieves' activities sooner.

When an insider rides Pegasus into the dark web

When an insider rides Pegasus into the dark web

An NSO Group employee, who'd worked there for only about 90 days, copied the company's Pegasus software and offered it for sale on the dark web for $50 million.

Reality Winner pleads guilty to revealing NSA secrets

Reality Winner pleads guilty to revealing NSA secrets

Reality Winner, who was charged with giving a classified NSA report to the Intercept, pled guilty to sharing National Defense information.

Load More