At a previous job we had a Beaglebone mysteriously show up in our DC. We noticed it buried behind some network cables and immediately unplugged it. (Not) Coincidentally, we had gone through a merger a few months prior, and the new corporate IT team had come out (from clear across the country) right after the acquisition to get a feel for how our IT infrastructure was setup. The day after we unplugged the Beaglebone we got a pissed off call from one of the corporate IT guys, turns out he had installed it there to gather some network metrics/statistics or something like that when he had come out a few months prior and didn't tell any of of our network admins or sysadmins, but somehow it was our fault for not magically knowing what the suspicious SBC in our DC was.
That's when you call CISO in, so they can tell: "No. By our corporate policy, any device not approved by the local IT department is not allowed on our network"
That's one of the biggest roles of the CISO, and that's why their rank is so high despite often having much fewer direct reports than other CxO's - so they can stop crazy stuff from happening, even if it comes from high-ranking people.
I think the comment may be implying it isn't clear if they were successful in whatever malicious activity they were trying to do or what that activity was.
Like were they snooping for something they could whistle-blow, or where they trying to gain access to financial accounts? What was the extent of damage possible by the setup? Are there ways to mitigate such damage now knowing a pi with such loaded software may be in wider distribution and might be installed somewhere on your network?
