Radio Interview – KRLD-AM
Tune in to KRLD-AM Dalls at 1 PM Eastern for a live interview about the intersection of cyber security, healthcare, and the Internet of Things.
Confidential computing also is an emerging technology meant to protect data in use, said McGladrey of the IEEE.
“Confidential computing can allow the processing of data from multiple parties without sharing the input data with those other parties,” he said. “For example, if an organization wants to perform processing on a large set of healthcare data collected from multiple third-party organizations, properly configured confidential computing potentially permits those third parties to provide their data for processing in aggregate. In this scenario, not even the cloud provider can see the cleartext data provided by the third parties, or the results.”
Join host James Azar and me as we talk about workforce development, diversity, the Internet of Things, and the role of government in technology.
The team at Aurora IT interviewed me for a feature-length podcast on cybersecurity. Listen to hear about third-party attacker tactics, managing cyber risk, multi-factor authentication, and why a lack of diversity is a threat to public safety.
Companies with mature GRC programs have an advantage over their competitors. However, something has been missing in the GRC world: the ability to truly understand an organization’s GRC maturity and the steps it would take to build the business case for change. That’s where the GRC Maturity Model comes in.
Hyperproof’s GRC Maturity model is a practical roadmap for organizations to improve their GRC maturity business processes to enter new markets and successfully navigate our rapidly changing regulatory and legal space. By providing a vendor-agnostic roadmap for how companies can improve key business operations, we can help even the playing field for everyone in GRC.
This extensive, peer-reviewed model written by Kayne McGladrey includes:
An overview and definition of Governance, Risk, and Compliance (GRC)
A summary of the four maturity levels defined in the model: Traditional, Initial, Advanced, and Optimal
An overview of the most common business practices associated with governance, risk, and compliance
A simplified maturity chart listing the attributes associated with each maturity level
A list of observable behaviors or characteristics associated with the maturity level to help you assess where your organization falls
A set of high-level recommendations for how to move from a lower level to a higher level
Expanding on this, national cyber security expert and the Director of Information Security Services at Integral Partners, Kayne McGladrey, told the Cyber Security Hub that, “If you’re breached by a third party, nobody cares that it’s the third party’s fault. It comes back to you.”
He continued: “It’s your fault for not having adequate controls. And the single easiest third-party control is around onboarding and off-boarding third-party accounts.”
Even if you’re rotating passwords, monitoring privileged access, auditing, etc., McGladrey said you must know, empirically, who’s accessing your network.
We chatted with Kayne about education systems security, funding for cyber tools and services, and what the future of education might look like to fill more cyber roles.