Cybersecurity Insights with Contrast CISO David Lindner | 01/31/25

Insight No. 1: You should be staging cyberattacks

Cyberattacks are becoming more frequent and sophisticated, posing a significant threat to businesses of all sizes. Crisis simulations — one of which is now included in the latest MITRE ATT&CK Evaluations test focusing on cloud security — play a crucial role in preparing for and responding to these attacks by allowing organizations to test their security controls and incident response plans in a safe and controlled environment. It is important to stay informed about the latest threats and vulnerabilities and to regularly update your security practices to mitigate your risk.

Insight No. 2: Do NOT go back to the ‘Dept. of No!’

This article — “Security Needs to Start Saying 'No' Again” — is a bunch of hogwash! In today's interconnected world, "no" is a dirty word. We need to build bridges, not walls. Security teams should be laser-focused on finding solutions that enable the business, not shutting them down. If a security concern pops up, get creative! Find a workaround, mitigate the risk and keep things moving. Strong relationships and a business-first mindset are the keys to success, not some outdated, gatekeeping mentality.

Insight No. 3: DeepSeek is DeeplyDisconcerting

DeepSeek AI's storage of user data in China and apparently baked-in AI censorship raise red flags for security and privacy. Storing user data in China opens it up to potential government surveillance and weaker data protection. Furthermore, censoring AI responses can be used to spread propaganda and misinformation, manipulating public opinion and even impacting national security. This combo of vulnerable data and controlled information is a serious threat.