Similar Posts
Protecting schools in hybrid and remote learning environments
ByKayneThere are three best practices that security professionals supporting schools can follow to help make the school year uneventful in their district: defending user identities, patching endpoints, and running quarterly tabletop exercises.
Thinkers360 Predictions Series – 2020 Predictions for Cloud Computing
ByKayneCloud computing will continue to grow despite the frequency of breaches due to a lack of administrative controls and unintentional configuration errors. When an administrator had access to an on-premises server, they could only administer that server; a “cloud administrator” can administer all the assets in a given cloud instance, including backing up and exfiltrating entire servers. This is like the unintentional configuration errors that have plagued so many Amazon S3 buckets in 2019, where organizations have stored PII in S3 in a default configuration, and then those data have been accessed by security researchers.
Security leaders top 10 takeaways for 2024
ByKayneAt issue is whether the incident led to significant risk to the organization and its shareholders. If so, it’s defined as material and must be reported within four days of this determination being made (not its initial discovery). “Materiality extends beyond quantitative losses, such as direct financial impacts, to include qualitative aspects, like reputational damage and operational disruptions,” he says. McGladrey says the SEC’s materiality guidance underscores the importance of investor protection in relation to cybersecurity events and, if in doubt, the safest path is reporting. “If a disclosure is uncertain, erring on the side of transparency safeguards shareholders,” he tells CSO.
We Talk to Global Cybersecurity Influencer and Expert Kayne McGladrey!
ByKayneWe thought it would be a great idea to get Kayne’s take on some key issues facing the world from a cybersecurity perspective, and also learn more about his journey. We get lots of questions from readers about how to break into the cybersecurity industry, how to get their foot in the door, and all manner of other questions relating to getting started. This is why we think it’s so important to share the experiences of those in the industry.
A key ingredient for success in cybersecurity is a passion for all things tech and security. Needless to say, we were also impressed to learn that Kayne has over fifty smart devices and a handful of robots! Let’s take a look at what Kayne had to say:
Four Critical Cybersecurity Predictions for 2018
ByKayneOne fact will hold true in 2018, no matter what organizations do: cybercriminals will continue to reinvest their profits into building sustainable but illegal businesses. The underlying economics of cybercrime continue to give massive financial incentives to the attackers. Organizations should retaliate by adopting a “keeping up with the Joneses” mentality so that they’re always slightly more secure than organizations in the same market or vertical.
AI models inch closer to hacking on their own
ByKayneThe big picture: AI model operators don’t have a good way of reigning in these malicious use cases, Kayne McGladrey, a senior member of the Institute of Electrical and Electronics Engineers (IEEE), told Axios. Allowing LLMs to digest and train on CVE data can help defenders synthesize the wave of threat alerts coming their way each day. Operators have only two real choices in this type of situation: allow the models to train on security vulnerability data or completely block them from accessing vulnerability lists, he added. “It’s going to be a feature of the landscape because it is a dual-use technology at the end of the day,” McGladrey said.