Fake CISO Profiles, Executive Communication, and Developing Cybersecurity Leadership – BSW #279

Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. It’s not clear who’s behind this network of fake CISOs or what their intentions may be. But the fabricated LinkedIn identities are confusing search engine results for CISO roles at major companies, and they are being indexed as gospel by various downstream data-scraping sources.

The goals of the government’s zero trust push are familiar to chief information security officers (CISOs) steeped in the details of zero trust: - End reliance on securing perimeter defenses. Clear perimeters no longer exist for most organizations thanks to remote work, cloud computing, mobile devices and the Internet of Things. - Make sure both access for authorized parties and security aren’t tied to location. That means insiders aren’t automatically allowed and outsiders aren’t automatically excluded. Gaining access to one resource doesn’t mean other lateral resources open up without further authorization. - Other elements include strong data encryption, increased centralized visibility into who is accessing what and improved cybersecurity practices across the board.

The White House published a memo requiring agencies to comply with guidance from the Office of Management and Budget (OMB) which aims to improve software supply chain integrity and security. Signed by OMB Director Shalanda Young, the memo builds on Executive Order (EO) 14028, Improving the Nation’s Cybersecurity from May 2021, which is focused on the security and integrity of the software supply chain. The recent memo, published on September 14, requires each federal agency to comply with the NIST guidance when using third-party software on the agency’s information systems or otherwise affecting the agency’s information.

Eight Essential Components of Communication: Source <-> Message <-> Channel <-> Receiver <-> Feedback Environment — Context — Interference

Navigating the skills gap from an employer's perspective starts with investing in talent. Get advice on how to develop and hire emerging leaders from an industry analyst.

When you’re at your wit’s end with a challenging colleague and it feels like you’ve tried everything, well-meaning friends and coworkers may tell you to “just ignore it” or to “suck it up” and move on with your life. But suppressing our emotions rarely helps. In this piece, the author outlines four tactics that are tempting to try — but often backfire — when dealing with a difficult colleague. Another one to avoid: waiting to see if your difficult colleague will just leave on their own. Your dream that they’ll walk out the door may come true, but there’s no guarantee that the culture will shift or that you’ll get along with their replacement. Ultimately you’re better off trying to create a workable situation with your colleague now. And remember: even small improvements can make a big difference.