Keynote slides from TagNW Summit 2019
My keynote slides from the TagNW Summit 2019, presented on November 8, 2019 in Bellingham, WA.
Similar Posts
Interview on Cheddar TV
ByKayneSkip to 1:10:00 for my live interview on Cheddar about Generation AI
Zero trust from edge to cloud: not one-and-done
ByKayne“The only meaningful consideration of zero trust adoption is when the board and CEO are willing to trust and partner with the CISO to effectively mitigate business risks. A recent Gartner study found that a CISO who can effectively tie business outcomes to a material reduction in business risk through practical implementation of zero trust controls will make security an asset for their organization that enables them to compete more effectively.” — Kayne McGladrey, field CISO, Hyperproof
3 Tips to Reduce Cybersecurity Gaps
ByKayne“Organizations should focus first on protecting heartbeat user identities with strong identity governance, multifactor authentication and privileged command escalation roles,” says Kayne McGladrey (@kaynemcgladrey), director of information security services at Integral Partners.“Nonheartbeat users, such as service accounts and shared accounts, require protection levels that include vaulting and automatic password rotation, on a defined schedule.”
Using AI Isn’t As Easy As It Seems
ByKayne“Realistically, the use of AI in cybersecurity will help to reduce the punishing cognitive load on tier one analysts in the security operation center,” said IEEE Senior Member Kayne McGladrey. “Rather than having to comb through a needlestack looking for a needle, AI promises to automate much of the correlation across vast amounts of data that humans struggle with.”
Yahoo porn hacking breach shows need for better security: 5 ways to protect your company
ByKayneSecurity expert Kayne McGladrey, who serves as director of security and IT at Pensar Development and is a member of the Institute of Electrical and Electronics Engineers, said companies need to add extra steps to everything.
“The company could choose to add friction, whether it’s multi-factor authentication or an email link just to put a little additional scrutiny and raise the bar so it is materially more difficult for threat actors who have obtained someone’s credentials to be able to reuse those,” he said.
“The benefit of this strategy is that it applies universally. All of the automated attacks these days around credential stuffing and credential spraying do what the Yahoo hacker had done on a much larger scale. They get compromised credentials and test them across a whole bunch of websites using a distributed botnet.”
IoT, Cloud, or Mobile: All Ripe for Exploit and Need Security’s Attention
ByKayne“IoT security remains one of the most challenging security vulnerabilities to businesses and consumers,” says Kayne McGladrey (@kaynemcgladrey), Director of Information Security Services at Integral Partners. “The Mirai and Reaper botnets are results of threat actors leveraging poor security controls on IoT devices, building attack infrastructure out of those devices, and using that stolen infrastructure to attack organizations. Organizations purchasing IoT/IIoT devices should treat them the same as any other endpoint device connecting to the corporate network.”