Steven Chabinsky, senior vice president and chief risk officer at security startup Crowdstrike, has called on companies to reassess their cybersecurity strategies and involve all departments in their mitigation and continuous monitoring efforts, Nextgov reported Monday.
Chabinsky, formerly the top cyber official at the FBI, described vulnerabilities in items as cars and medical devices that are ripe for exploitation by tech-savvy adversaries at a Thursday conference, Frank Konkel writes.
He urged chief information officers and technology leaders to teach all employees about security rules and why they matter, a practice he said should complement a top-down change in mindset that the threat can and should be dealt by IT alone.
“The biggest value for employees is to let them have an education on why controls are necessary so they don’t purposely subvert them,” Chabinsky was quoted as saying in his keynote speech at the Akamai-sponsored event.
“These rules are in place for a reason… (and) if employees are your first line of defense, you are in trouble and it’s not because of employees, it’s the capabilities,” he added.