

Christopher Burgess
star Advisor
IDG Contributor Network
Want to Join?
Opinions expressed by ICN authors are their own.
Christopher Burgess is a writer, speaker and commentator on security issues. He is a former senior security advisor to Cisco, and has also been a CEO/COO with various startups in the data and security spaces. He served 30+ years within the CIA which awarded him the Distinguished Career Intelligence Medal upon his retirement. Cisco gave him a stetson and a bottle of single-barrel Jack upon his retirement. Christopher co-authored the book, “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century”. He also founded the non-profit, Senior Online Safety.


Transparency and policy shapes Cloudflare’s Kiwi Farms decisions
Cloudflare's blocking of hate-based forum Kiwi Farms is the latest in a string of controversial actions and inactions around bad behaving customers. Agree or disagree, the company has stuck to its policy throughout.

Social media's role in spreading U.S. election disinformation in the spotlight
Before Twitter's former CISO sounded the alarm bell, the U.S. government defined steps to counter misinformation and disinformation at the state, local and federal levels.

FTC files lawsuit against Kochava for harvesting and selling geolocation data
The lawsuit claims the data broker is putting people at risk of "stigma, stalking, discrimination, job loss, and even physical violence” through the sale of geolocation data.

Sorting zero-trust hype from reality
Zero trust is not a product, but a security methodology based on defense-in-depth and least-privileged access concepts.

Why SBOMs alone aren’t enough for software supply chain security
Organizations must be willing to ask software vendors hard risk-based questions and be prepared for that to lengthen the purchase process.

U.S. Federal Court breach reveals IT and security maturation issues
An investigation into the 2020 breach results in 18 recommendations for the Administrative Office of the U.S. Courts to change its IT and security policies and practices.

China, Huawei, and the eavesdropping threat
In the world of intelligence, “capability present” changes the conversation from if to when. Huawei is an espionage threat not because of what it has done but because of what it can do.

Data privacy: Collect what you need, protect what you collect
Data over-collection is a security and compliance risk, and that's why CISOs need a say in decisions about what data to collect.

How a sex worker became a defense contractor employee -- and an insider threat
An accomplished research scientist manipulated a defense contractor CEO into hiring a prostitute for a technical role. Here's how this insider threat could have been avoided.

NSO Group’s Pegasus crashes as Apple initiates Dignity and Justice Fund
The failed sale of NSO Group to L3Harris raises concerns about who will own its surveillance technology, while Apple takes steps to hold surveillance firms accountable.

U.S. and UK warn local governments, businesses of China's influence operations
China uses personal, business and political relationships to gather information and influence actions. U.S. and UK government agencies urge caution.

How you handle independent contractors may determine your insider threat risk
Outside experts can be willing or accidental security threats. Reduce that risk by changing how you onboard, train and offboard them.

Russia-China cybercriminal collaboration could “destabilize” international order
Russian cybercrime groups are courting their Chinese counterparts potentially could scale up the capabilities of both.

MITRE's Inside-R Protect goes deep into the behavior side of insider threats
The new Inside-R program looks to collect historical insider threat data to more deeply analyze behaviors that signal risk.

Location data poses risks to individuals, organizations
App-based location data has been used against individuals, and that presents real risks for those people and organizations.

Congressional hearings focus on AI, machine learning challenges in cybersecurity
Talent shortages and ensuring that AI and machine learning systems are trustworthy are among the biggest concerns explained to the U.S. Congress.

Latest Cyberspace Solarium Commission 2.0 Report focuses on cyber workforce
The June 2022 report offers recommendations to the private sector, U.S. Congress, and the federal government to build up the nation's cybersecurity talent pool.

OPM's $63 million breach settlement offer: Is it enough?
The nature and scope of the data stolen in the U.S. Office of Personnel Management presents a life-long risk to victims, who might get as little as $700 if the court accepts the settlement.

HiQ v LinkedIn court ruling will have a material effect on privacy
A U.S. appeals court has ruled that hiQ's scraping of public LinkedIn data is not a violation of the U.S. Computer Fraud and Abuse Act.