Video: Managing the Risks of the Internet of Things
Similar Posts
Interview with Kayne McGladrey – vCISO / Spokesperson / Global Cybersecurity Thought Leader / Strategy and GRC Practice Lead
ByKayneHey Guys, Today I have an interview with Kayne McGladrey, he is a vCISO / Spokesperson / Global Cybersecurity Thought Leader / Strategy and GRC Practice Lead who I follow on twitter and find extremely interesting J He is a national cybersecurity expert, helping clients develop proactive programs to manage cyber-risk. He is the cybersecurity…
Telehealth’s emergence and the keys to security in 2021
ByKayneTelehealth was an unexpected technology bright spot in 2020, as the Office for Civil Rights (OCR) relaxed enforcement of certain aspects of HIPAA, helping to reduce COVID exposure via virtual rounding and virtual visits.
Unfortunately, bad actors have shown a lack of morality in their pursuit of illegal profits and have continued to attack medical organizations. Ransomware attacks, for example, can cripple a hospital’s abilities to provide high-quality patient care by denying access to key computer systems, which would force medical professionals to have to treat patients based on memory and paper-based records.
The following three high-level recommendations provide a basis for defense in depth for healthcare organizations in 2021.
Are we building cyber vulnerability into EV charging infrastructure?
ByKayne“Right now, there’s a bit of a Wild West mentality out there,” said Kayne McGladrey, field chief information security officer at security software company Hyperproof and a senior member of the Institute of Electrical and Electronics Engineers. “Companies are incentivized for being first to market, not necessarily most secure to market. Because security costs money and because it requires time and resources, naturally that becomes a lower priority.”
AI in cybersecurity: what works and what doesn’t
ByKayneKayne McGladrey, IEEE member, gave this advice: “Evaluate an AI-based security solution by standing up in a lab, alongside a replica of your environment. Then contract a reputable external red team to repeatedly attempt to breach the environment.”
The Ethics Of The IoT: Are Engineers Failing To Speak Up?
ByKayneThe overwhelming majority of IoT devices on the market are hot garbage that do not follow security best practices. Allowing consumers to use passwords that have appeared in breaches before makes it easy for threat actors to gain persistence on devices. Devices with no update mechanism means IoT devices become a perpetual threat once the first vulnerability is found. Most people have no way of knowing that their IoT sensor needs an update, so it’s unrealistic to shift the responsibility of software updates to consumers.
InfoSec Pros On the Road: Brenda Bernal, VP, Product Security and Compliance at Digicert
ByKayneIn this episode of InfoSec Pros On the Road at RSA 2024, I had the pleasure of interviewing Brenda Bernal, VP of Product Security and Compliance at Digicert. It was a great opportunity to finally meet Brenda in person after numerous Zoom calls. We discussed various topics, starting with the advancements in AI governance and the key risks organizations should focus on, including data privacy, security, and third-party risk management.
Brenda shared her insights on integrating AI into existing control frameworks and the importance of sustainability and adaptability in AI governance. She emphasized the need for transparency in AI implementations and how it parallels the evolution of ESG reporting.
We also explored the benefits of automation in GRC processes, drawing from Brenda’s experience as an external auditor and her current work with platforms like Hyperproof. The discussion highlighted the significant time savings and improved risk management that automation brings to compliance efforts.