The cyber risks to businesses and government agencies are well-known, but the risks to mission-critical operations go beyond ransomware, spyware, and denial of service attacks. On the latest Government Technology Insider podcast, we spoke with Cylance’s Chief Security and Trust Officer, Malcolm Harkins, to get his insights on how to make decisions to combat cyber risks that can bring operations to a halt, compromise citizen data and national intelligence.
Harkins suggested that CIOs, CISOs and data privacy leaders need to balance their agency’s mission, regulations and stakeholder expectations along with the needs of their customers and society as a whole. Tough choices need to be made, which is why he said he views his role as being a “choice architect.” His job, he explained, is to “ensure the right debate discussion data gets brought into the dialogue.” To make the best decisions, you need to ask the right questions, he said, and not simply look for answers that support your assumptions.
At the same time, Harkins brought up the issue of “blind spots” – that is, pre-conceived notions that color your decisions, based on your environment. “If I’m in one structure — legal is an example — I’m going to look through a legal lens. If I’m in finance, a finance lens. I’m a psychologist, a psychology lens. If I’m a security person, a, “What are the bad things that could happen to me” lens,” he described. As always, he said, “You get what you measure.”
Punctuated with specific examples from recent news events, Harkins insights covered a range of issues, from how fear of liability can impact decision making to suggestions for a code of conduct for data scientists and security professionals that would help avoid unintended bias in the creation of technology.
Listen to the complete podcast here: