Radio interview on KXL-FM (Portland)
Live radio interview today at 1 PM Pacific on KXL-FM (Portland) discussing robotics, AI, and why cyber security matters in the classroom.
[01:23] What are the most pressing Cyber threats to businesses?
[03:30] Why is diversity, and hiring more women, so important for Cybersecurity?
[07:54] Why do cybercriminals go after our data?
[24:11] With cybercriminals spoofing GPS signals, how concerned should we be about them redirecting self-driving cars?
[25:21] What’s next in Cybersecurity and Cybercrime?
“Out of all the CISO’s and security leaders I’ve spoken with over the last three months, the main theme of 2023 is going to be ‘the year of risk,’ and a lot of that risk we’re talking about at this level is regulatory,” said Kayne McGladrey, Field CISO at Hyperproof.
As the regulatory burden increases, organizations and CISOs are having to take ownership of cyber risk, but it needs to be seen through the lens of business risk, according to Kayne McGladrey, field CISO with Hyperproof. Cyber risk is no longer simply a technology risk. “The problem is, organizationally, companies have separated those two and have their business risk register and their cyber risk register, but that’s not the way the world works anymore,” says McGladrey.
He believes the Securities and Exchange Commission (SEC), the Federal Trade Commission, FTC and other regulators in the US are trying to promote collaboration among business leaders because cyber risks are functionally business risks. McGladrey thinks most CISOs understand this, but that doesn’t necessarily extend to the other leaders in the business. “Can we just please have one risk conversation with people and plan that out appropriately,” he says.
Understanding the risk to your business requires human intuition. But that doesn’t mean there aren’t a lot of things along the path to understanding risk that can’t be improved with automation. At Black Hat, David Spark spoke to Kayne McGladrey, field CISO, Hyperproof, about how having a security-focused company culture can help CISOs link their known risks to their controls in order to put their budget where it will have the most impact. This can allow organizations to operate within the reality that business risk and cyber risk are not separate things. With changing state regulations and rapidly advancing technology, staying on top of your risk in a simple and understandable way is more imperative than ever.
Experts say that smart toys are particularly vulnerable to cyber attacks. Kayne McGladrey, a member of the Institute of Electrical and Electronics Engineers, said their desire to keep toy prices low means manufacturers have little incentive to add reasonable security mechanisms.
Migration is a transformative process, which means it needs the full backing of the C-suite. Kayne McGladrey, Director of Information Security Services for Integral Partners, LLC, says it is vital to offer “an effective presentation to the board about the benefits and challenges associated with
the migration, and it has to have a narrative. You have to find stories of success and failure inside
of your industry in order to present the full picture to the board.”
“There are many lessons that the enterprise will learn through piloting—whether it’s identified
security risks, user communication risks, or education risks—all of which provide future guidance,” says Kayne McGladrey, Director of Information Security Services for Integral Partners LLC. “By the time you get to the harder transition elements, including full infrastructure rollout, you’ve already sorted through the main issues, thanks to your pilot-based learning journey.”