Events , Governance & Risk Management , Infosecurity Europe Conference

Third-Party Oversight Is Needed to Stop Systemic Risk

Legal Expert Jonathan Armstrong on Breaches, Security Governance Issues
Jonathan Armstrong, partner, Punter Southall Law

The British Post Office scandal that wrongfully convicted hundreds of sub-postmasters over a computer system error exposes critical weaknesses in cybersecurity and corporate governance. One lesson we can learn: Third-party vendors should be supervised rigorously to prevent data breaches and ensure transparency across all organizational levels, according to Jonathan Armstrong, partner, Punter Southall Law.

See Also: NHS Ransomware Attack: Healthcare Industry Infrastructures Are Critical

But a major challenge, Armstrong said, is the board's ability to supervise technical concerns, which is why board members need to develop expertise in effectively overseeing IT risks.

"CISOs have to educate their existing board on systemic risks. Many boards need to alter the composition to have a more diverse board in every sense of the word - not just ethnicity and gender, which are important, but diversity of skills as well," he said.

Armstrong said organizations should adopt parallel strategies for immediate incident response and long-term litigation planning. "You have to do it all in real time," he said. "We need to be thinking strategically in the middle of an incident, not just afterward."

In this video interview with Information Security Media Group at Infosecurity Europe 2024, Armstrong discussed:

  • The importance of third-party oversight;
  • The need for enhancing transparency at all levels;
  • Engaging the Gen Z workforce in security practices.

Armstrong is a lawyer specializing in compliance and technology. He is regarded as one of the foremost cybersecurity experts and is active in advising clients on GDPR compliance and AI risks and opportunities.

About the Author

Anna Delaney

Anna Delaney

Director, Productions, ISMG

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.