Do we pay enough attention to the integrity of data?
The industry rightly focuses on securing information, and preventing unauthorised access. But ensuring that data has is legitimate, originates where they say they do and have not been manipulated sit further down most CISOs’ priority lists.
This, though, is changing. As we have seen already with software, the supply chain poses real risks to business operations, not least where software components are shared or reused. Software of unknown provenance — or SOAP — is an acknowledged problem. Should we think about data in the same way?
Here, he discusses both software and data integrity, how supply chain attacks have changed the information security world, trust models, including zero trust, and how cybersecurity should be a service to the business. Interview by Stephen Pritchard.