What exactly is cybersecurity whistleblowing? That is a question that all organizations should be asking, but the answer is not a simple one. According to the Merriam-Webster dictionary, a whistleblower is defined as an 'employee who brings wrongdoing by an employer or by other employees to the attention of a government or law enforcement agency.' While whistleblowing is familiar in situations such as unsanitary working conditions, hazards, and payroll fraud - cyber is a fairly new territory. Now is the time to understand what this actually encompasses in order to take appropriate steps to combat security threats and close gaps before regulatory involvement.
Managing cybersecurity concerns and the possibility of whistleblowing needs to be included in cyber readiness initiatives, but also embedded in company culture. Having the enterprise take a teamwork approach to cybersecurity will increase awareness, provide a clear reporting mechanism to voice concerns, and control uninformed whistleblower claims. But what does this look like and where should CISOs and legal begin? While there is not a “one-size-fits-all” solution, there are fundamental steps to take that will make it easier to spot imminent security threats, manage cyber resources, and streamline internal investigations.
New digital threats are constantly surfacing. Organizations have to balance these threats against budget constraints, resources, regulations, and data indicating attack probabilities. A ...
A federal judge has dismissed part of Eli Lilly’s lawsuit alleging Empower Pharmacy misled customers about its compounded versions of the obesity drug tirzepatide. But … Sign up to read this articl...