COVID-19 , Fraud Management & Cybercrime , Leadership & Executive Communication

CISOs' Pandemic Challenge: More Disruption, Less Budget

EY's Kris Lovejoy on Ransomware, Privacy and the Opportunity to Streamline
Kris Lovejoy, cybersecurity leader, EY Global Consulting

The ongoing COVID-19 pandemic has driven unprecedented adoption of cloud services, digital transformation campaigns and a rush to support remote workers. But it's come at a cost, says Kris Lovejoy, EY Global Consulting's cybersecurity leader.

See Also: OnDemand | A Master Class on IT Security: Roger Grimes Teaches Ransomware Mitigation

Before the pandemic began, "what we as cyber folks were not particular good at was convincing business leaders to incorporate security into new digital initiatives," Lovejoy says. "As a result, lots of technology gets rolled out without a seatbelt, if you will."

In many cases, the pandemic has only intensified the problem. Indeed, following the outbreak, "for existential reasons, about 50% of the world introduced new technologies to enable them to communicate with customers in different ways as well as to allow for work from home, and of those, about 60% rolled out the new technology with no security," Lovejoy says. "The impact is we have a lot of security-related events, ransomware in particular," as well as a surge in disruptive events, "and then we're also seeing is budgets being cut back."

In this video interview with Information Security Media Group, Lovejoy discusses:

  • Undercounting the impact of ransomware: Many attacks are not "reportable" events and thus not being publicly disclosed by victims;
  • Top privacy challenges, from regulatory, business and consumer perspectives;
  • The unique opportunity afforded by COVID-19 "to really streamline the controls infrastructure."

A cybersecurity, risk, compliance and governance expert, Lovejoy leads EY Global Consulting Cybersecurity services. She regularly keynotes at RSA, InfoSec and Security World conferences. Prior to joining EY, she was CEO of AI-driven network security company BluVector - until it was acquired last year by Comcast - and head of the business unit at defense contractor Northrop Grumman, from which the firm was spun out. Previously, Lovejoy served as president of Acuity Solutions, general manager of IBM's security services division, and CISO of IBM.

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.