Cybersecurity Insights with Contrast CISO David Lindner | 04/11/25

Insight No. 1 — How to survive without CISA

As CISA scales back, it’s time for enterprises to wake up to a harsh reality: You can’t rely on the government to secure your infrastructure. The safety net is shrinking, and those still waiting for public-sector handholding are falling behind. Smart orgs are already shifting to private-sector threat intel, red-teaming services, and collaborative alliances that move faster and hit harder. Security is no longer a shared responsibility — it’s yours, whether you’re ready or not.

Insight No. 2 — Team up for security: HR can’t go it alone

Delegating cybersecurity training solely to HR is a recipe for disaster. While HR handles compliance, they lack the technical expertise to combat sophisticated threats like phishing and social engineering. Security training isn't a checkbox exercise; it's a critical, ongoing process requiring collaboration between Security, IT, Governance and HR departments. Without this partnership, your employees are ill-prepared, and your organization remains vulnerable.

Insight No. 3 — No, the sky is not falling: It’s just cloud FUD

A 235% spike in high-severity cloud alerts sounds terrifying — until you realize it might reflect better detection, not worse security. Don’t let vendors use alert volume as a proxy for breach success. Focus on validated threats, not inflated dashboards. Cloud FUD is the new snake oil.