How are you addressing potential data vulnerabilities in end-of-life IT equipment requiring disposal/recycling? Do you work with a third-party service/partner organization?

Risk Management Data Protection & Encryption

1.5k views2 Comments

Sort by:

Director of Systems Operations in Healthcare and Biotech4 months ago

We leverage a certified third party to ensure the equipment is properly transported and disposed, including certification of each item. Would highly recommend finding a certified partner you trust to handle it properly.

Director of Information Security in Finance (non-banking)4 months ago

As all data is required to be encrypted at rest, deleting the key is sufficient.

Content you might like

I'm looking to go for the Certified CISO certification & training as I'm an aspiring CISO. Any recommendations and additional certifications that I should be doing along with that? I already have CISSP.

AI deepfakes have cost the industry over $200M this year. As CISOs, can we scale detection fast enough, or is regulatory pressure the only way to drive adoption?

Should public companies be required to have at least one board member with cyber experience?

Yes69%

No21%

It depends on the size/industry9%

I’m not sure…

View Results

What sorts of failsafe processes/controls, etc, do you rely on to make sure terminated or suspended employees’ access credentials are revoked immediately? Does your org generally rely on direct communications from HR or do you have an HRM or similar system to automate this?

Do you currently have dedicated employees for offensive security (red teaming, pentesting, etc)?

Yes, one dedicated employee5%

Yes, multiple dedicated employees64%

No, but offensive security is covered by one or more employees as part of their role14%

No — we don’t handle offensive security internally14%

Other/don’t know5%