Vertical Markets

CISO on Covid-19 IP

by Mark Rowe

The Covid-19 lockdown has also seen a ‘full spectrum of cyber warfare out there’, a webinar as part of the Infosecurity Europe show heard yesterday. The annual infosec event at London Olympia is only running online talks and is due to return to Olympia in June 2021.

The panel was of Ian Thornton Trump, CISO at the threat intelligence and incident response company Cyjax; Graham Ingram, CISO at Oxford University; and Steven Webb, a founder of Westlands Advisory, a consultancy. Ian Thornton Trump touched on that spectrum; from call centres pretending to be doing ‘track and trace’ of the virus, to phishing emails claiming that you are eligible for government aid; ‘a completely chaotic mess’. Every cyber actor, he added, is focused on their missions, whether it’s theft of intellectual property (IP), fraud or disinformation.

Graham Ingram, as CISO at Oxford which has 100 researchers at work on clinical trials for a vaccine – which the pharma firm AstraZeneca is hoping to make hundreds of millions of doses of, including 100m for the UK – also spoke on work to protect such IP. More generally he spoke of the changing role of the CISO, which in his case has meant working with three non-security departments: public affairs, in case of inquiries about the vaccine clinical trials; finance (to counter fraud through IT means) and data management; given that organisations are becoming ‘data driven’ that makes it necessary to understand your ‘data repositories’ if you are to hope to have security controls according to risk.

Graham raised the idea of ‘a digital MoT’. Depending on your sector, your framework – ‘almost too many of them’ – could be the international standard for information security management, ISO 27001; the UK Government-backed Cyber Essentials scheme; for handlers of payment card data, the international PCI-DSS (as an aside, its fourth edition is due in mid-2021); and for medical science, NHS Digital (which looks after cyber) has a ‘tool-kit’. Whichever, Graham predicted an expectation on your organisation to show it’s competent with data.

More in the July 2020 print edition of Professional Security magazine. Photo by Mark Rowe; Radcliffe Camera, Oxford, winter morning.

Related News

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing