Do we pay enough attention to the integrity of data?
The industry rightly focuses on securing information, and preventing unauthorised access. But ensuring that data has is legitimate, originates where they say they do and have not been manipulated sit further down most CISOs’ priority lists.
This, though, is changing. As we have seen already with software, the supply chain poses real risks to business operations, not least where software components are shared or reused. Software of unknown provenance — or SOAP — is an acknowledged problem. Should we think about data in the same way?
Jon Geater thinks we should. The keynote speaker at this year’s CRESTCon Europe, Jon is co-founder at RKVST and co-chair if the IETF’s supply chain integrity, transparency and trust working group.
Here, he discusses both software and data integrity, how supply chain attacks have changed the information security world, trust models, including zero trust, and how cybersecurity should be a service to the business. Interview by Stephen Pritchard.
Image by Gerd Altmann from Pixabay