Video: Managing the Risks of the Internet of Things
Similar Posts
Episode 17: Personnel Security
Kayne and Tom talk about personnel security, background checks, what FedRAMP requires for onboarding and terminating employees as well as a host of tips and tricks for meeting this control family. Of course, they try a new beer and maybe, just maybe, agree on the score.
Savvy vehicles are defenseless against cyberattacks
“because vehicle manufacturers are working with several different hardware and software companies, it has emerged that no one is technically responsible for the vehicles’ central computer systems of many smart cars”
Is Basic Cyber Hygiene Enough in the Age of AI?
“These threats are not merely theoretical, although, at the moment, they are still relatively limited in their application,” McGladrey said. “It is reasonable to expect that threat actors will continue to find innovative new uses of generative AI, extending beyond business email compromise, deepfakes, and the generation of attack code.”
What are the biggest ethical considerations of security technology?
Algorithmic bias is one of the primary risks associated with emerging physical surveillance technologies. While the risks of facial recognition software are well known and documented, efforts are being taken to adapt computer vision to new and novel use cases. For example, one of the more deeply flawed failures was an attempt to detect aggressive behaviour or body language, which was unfeasible as there was not enough training data available. Other physical security systems will face a similar challenge of not discriminating against individuals based on protected factors due to a lack of training data, or more likely, a lack of gender or racially unbiased training data. Companies considering purchasing advanced or emerging physical security systems should enquire about the training data used in the development of those systems to not be subject to civil penalties resulting from discrimination caused by using said systems.
7 hot cybersecurity trends (and 4 going cold)
While we hope these points have brought into focus some of the evolving challenges in IT security, we also want to point out that certain best practices will continue to underpin how smart security pros approach problems, no matter what the flavor of the month is. “Enterprises are going back to the basics: patching, inventory management, password policies compliant with recent NIST directives,” says Kayne McGladrey, IEEE Member and Director of Security and Information Technology at Pensar Development. “Enterprises are recognizing that it’s impossible to defend what can’t be seen and that the easiest wins are to keep systems up to date and to protect against credential stuffing attacks.”
Ask questions about Internet-connected toys
Experts say that smart toys are particularly vulnerable to cyber attacks. Kayne McGladrey, a member of the Institute of Electrical and Electronics Engineers, said their desire to keep toy prices low means manufacturers have little incentive to add reasonable security mechanisms.