Each year hundreds of millions of dollars are spent on technology to ward off hackers, viruses, worms, trojan horses and other "barbarians at the gate." Yet as CISO for one of the nation's leading employee benefits organizations, it's not the threat of outside intruders that keeps me awake at night. Today, many of the biggest risks are internal — employees who through mistakes, mischief or malfeasance can cause serious damage to security of our systems and to sensitive data. This includes well-intentioned employees trying to do their job but who, by not following key policies, invite significant risk.
The revelations about government surveillance made public by Edward Snowden have brought urgency and clarity to the work Jennifer Stisa Granick is doing as director of civil liberties at the Stanford Center for Internet and Society (CIS).