How are you managing access for remote or third-party developers who have access to your code, servers, and potential databases? What frameworks do you have in place to safeguard against third-party data breaches or insider data theft?

Security Strategy & RoadmapResilience
1.1k viewscircle icon1 Upvotecircle icon3 Comments
Sort by:
Chief Cybersecurity Strategist & CISO in Healthcare and Biotech2 years ago

I agree with using VPN/A and like Zscaler's solution. It includes MFA, tracking, VDI use, etc. Ensure that you also check with legal to ensure that you are not in breach of contract if you use developers, for example, outside your country's borders.

Lightbulb on3
ceo in Software2 years ago

I also see that it may be in the mfg context.  It also can connect the OT to the cloud securely without needing an IT/OT DMZ. 

Also, for OEMs to remote in securely to their equipment to conduct troubleshooting or run data analytics.  This can be 1-way or 2-way as well.

ceo in Software2 years ago

I'd use an SDP/ZTNA solution.  We offer that at NVIS AI, where you're able to quickly and securely provision and de-provision a contract workforce.  Feel free to connect if you're interested in learning more.

Lightbulb on1

Content you might like

When it comes to cybersecurity priorities, what’s at the top of your list for 2026?

What are your preferred tactics for building effective collaboration on cross-functional teams involved in AI governance and risk management (e.g., joint steering committees, shared KPIs, etc.)? Which roles are currently involved?

Read More Comments

Ukraine’s CERT-UA recently exposed LAMEHUG malware that uses Large Language Models to generate attack commands in real-time via legitimate AI services (Hugging Face API). What is your organization’s current readiness level for AI-powered cyber threats?

A) Fully Prepared - We have AI-specific threat detection, monitoring of AI API usage, and updated incident response procedures for AI-assisted attacks33%

B) Partially Prepared - We’re monitoring some AI services and have basic awareness, but lack comprehensive AI threat modeling and detection capabilities35%

C) Early Assessment - We’ve identified the risk and are evaluating AI security frameworks (MITRE ATLAS, CSA MAESTRO, OWASP AI guides) but haven’t implemented controls yet26%

D) Unprepared - We haven’t specifically addressed AI-powered threats in our security strategy or implemented AI-focused monitoring4%

View Results

How have you adjusted the architecture of your controls for data, identity and access to better support AI governance and security?

Read More Comments

Do you feel like you’re spending enough time on strategic planning for cybersecurity (as opposed to operational concerns)?

Yes 45%

No – I need to spend more time on cyber strategy 45%

No – I’m currently spending too much time on cyber strategy 9%

Unsure

View Results