Interview on diversity and security

“For some organizations, regulatory and legal risks associated with storing data will be at the top of the [risk] rankings,” says Kayne McGladrey (@kaynemcgladrey), IEEE member. “For others, the reputational damages associated with a data breach will claim the top spot.”

Kayne McGladrey, field CISO at Hyperproof, has seen the evidence. He worked with one organization whose executives received a contract for review and signature. “Nearly everything looked right,” McGladrey says. The only noticeable mistake was a minor error in the company’s name, which the chief counsel caught. But Gen AI isn’t just boosting the hackers’ speed and sophistication, it’s also expanding their reach, McGladrey says. Hackers can now use gen AI to create phishing campaigns with believable text in nearly any language, including those that have seen fewer attack attempts to date because the language is hard to learn or rarely spoken by non-native speakers.

Besides working nights, I learned in my fifteen-minute conversation that Rosa volunteers at an elementary school. She’d met no one who worked in cyber security, and the kids she worked with hadn’t considered it as a career option. They wanted to be rappers, they wanted to be marine biologists; they didn’t know there was a high-paying position called “security operations center analyst.”

Learn AI vendor risk management from my interview at BlackHat 2025. CISO guidance on AI standards, governance, and compliance strategies.

Ever apply for a cybersecurity job and then either in the listing or partway through the interview you realize, “Yikes, this job is not for me.”

McGladrey advocated for “persistent engagement” with employees on cybersecurity risks as well as testing. Testing can include fake phishing attacks to see what “your users are susceptible to,” he said. The IRS has warned that phishing attacks are a top HR threat.