CERN Risk Management: Balancing Security and Science
🔒 CERN manages cybersecurity across a globally distributed research community by prioritizing risk adaptation over one-size-fits-all controls. CISO Stefan Lüders frames security as a sociological challenge—measures must be explained and adapted so academic freedom and research workflows remain viable while defending against threats from script kiddies to ransomware and espionage. With roughly 200,000 devices and extensive BYOD, CERN relies on defense-in-depth, network monitoring, segmentation for legacy and IoT systems, and mandated protections such as MFA. Governance is being formalized through audits and standards while preserving operational flexibility.
