Who Do You Trust? – BSW #230

Matt Alderman

1. Executives in tech say staff attrition is rising
   More than nine in 10 executives in technology, media and telecom are seeing higher-than-usual attrition in their ranks, according to a PwC survey. Executives in these industry sectors say salaries, career advancement opportunities and improved relationships with managers drive staff departures. The trio of factors are more impactful in tech, media and telecom than in other industries.
2. Intellectual property protection: 10 tips to keep IP safe
   Your company's intellectual property—whether that's patents, trade secrets or just employee know-how—may be more valuable than your physical assets. Here's how to establish basic policies and procedures for IP protection: 1. Know what intellectual property you've got 2. Know where your intellectual property is 3. Prioritize your intellectual property 4. Label valuable intellectual property 5. Secure your intellectual property both physically and digitally 6. Educate employees about intellectual property 7. Know your tools to protect intellectual property 8. Take a big picture view 9. Apply a counter-intelligence mindset 10. Think globally
3. Consumers Concerned About Personal Data Collection: KPMG
   Data collection is rising, with 70% of the business leaders surveyed reporting that their companies have increased collection of consumer personal data over the last year. General population respondents are worried about how organizations use their data, and many of these concerns are grounded in a fundamental lack of trust. Key Findings include: - 83% would not willingly share their data to help businesses make better products and services - 64% say companies are not doing enough to protect consumer data - 47% believe their smart devices are listening to their conversations - 40% say they don’t trust companies to use their personal data ethically - 13% don’t trust their own employer to use their personal data ethically
4. Security Think Tank: Steps to a solid data privacy practice
   How to build, or rebuild, a solid business data privacy practice in a post-Covid-19 world: 1. You need to know where data is being stored and used, because if you do not know, you cannot control it. 2. The data owner is key in identifying and controlling who or what process can access and use the data. 3. Understanding the value of data and understanding how different security techniques can protect data is key to developing a risk assessment and, ultimately, the chosen security architecture. 4. User and process access controls must be based on a strict “need to know” basis. Just because a person is a senior manager does not mean they need access to every file or data item within their company, organisation unit or department. 5. Access controls should ideally take into account a user’s or process’s origination point and possibly time of day. 2FA for users is a valuable way to enhance network security and data privacy by significantly improving access to a company’s infrastructure. 6. Sensitive and secret information must be held separately from other data and ideally in a separate physical store. Access to this type of data must also be restricted to known origination points, for example authorisation down to not just a department, but appropriately authorised users or group of users within a department. Additionally, an authorised point of origin might be required, such as known IP addresses.
5. 7 in 10 Facility Managers Consider OT Cybersecurity a Major Concern
   Honeywell research has revealed that 7 in 10 facility managers consider OT cybersecurity as a severe security concern. Nearly 33% plan to invest in OT cybersecurity products over the next 12 to 18 months. Key Findings include: - 27% of facility managers have experienced a security breach in their OT systems in 12 months. - Around 66% of respondents view managing OT cybersecurity as one of their most challenging responsibilities. - Over 56% of respondents are currently more willing to invest in safety-focused solutions (including OT cybersecurity) than they were before the onset of the pandemic.
6. Security blind spots persist as companies cross-breed security with devops
   Devops has become common in software-development organizations around the world, but many companies are still struggling with cultural issues that are dampening security practitioners’ influence in the devsecops practices crucial for next-generation cloud application development.
7. Retraining women in tech for the post-pandemic workforce
   The trend of women leaving the workforce mid-career to take on family obligations or other responsibilities is not new. However, the COVID-19 pandemic greatly exacerbated this exodus. In fact, nearly three million women left the U.S. workforce during the pandemic, as many have had to make tough choices between careers and families. The good news is that this is a solvable problem. We should explore ways to ensure that women — specifically technical women — have the necessary resources, tools, and opportunities to successfully transition back to work. Here are some recommendations to consider: 1. The rise of the 'returnship' 2. The bootcamp, reimagined 3. Attracting diversity through flexibility