The Ultimate Cyber Conversation with the CyberHub Engage Podcast
Also available on Apple Podcasts and Google Play.
Similar Posts
Episode 55 — How Informed is the Board of Directors on Cybersecurity Risks?
ByKayneWith the global cost of cybercrime expected to reach $10.5 trillion by 2025, cybersecurity has become a board-level imperative. According to the Diligent Institute survey ‘What Directors Think,’ board members ranked cybersecurity as the most challenging issue to oversee. Even though boards say cybersecurity is a priority, they have a long way to go to help their organizations become resilient to cyberattacks. Kayne McGladrey, Field CISO at Hyperproof and a senior IEEE member sheds light on this important aspect of cybersecurity governance. The driving question being: How informed is the Board of Directors to provide effective oversight of cybersecurity governance?
Where Should Hospitals Direct Their Cybersecurity Focus?
ByKayne“If an organization learns that there is a vulnerability being actively exploited — or that a proof of concept for a vulnerability has been developed and is in the wild — they can accelerate patching the affected, vulnerable assets to reduce the likelihood of a successful attack.”
3 Tips to Reduce Cybersecurity Gaps
ByKayne“Organizations should focus first on protecting heartbeat user identities with strong identity governance, multifactor authentication and privileged command escalation roles,” says Kayne McGladrey (@kaynemcgladrey), director of information security services at Integral Partners.“Nonheartbeat users, such as service accounts and shared accounts, require protection levels that include vaulting and automatic password rotation, on a defined schedule.”
Cybersecurity in Financial Disclosures: 11 Topics Your Section 1C of 10-K Filings Should Address
ByKayneDespite this guidance mandating only four disclosures (identifying and managing risks, disclosing material breaches, board oversight, and management’s role), over 40% of the 2,100+ 10-K filings I’ve reviewed between January 1 and March 11, 2024 disclosed eleven distinct topics.
Companies are disclosing more information than required in their 10-K filings for various reasons. One is that they lack a broad consensus how much detail to disclose in Section 1C. The recent civil litigation of SEC vs. Tim Brown and SolarWinds (case 1:23-cv-09518 in the Southern District of New York) significantly influences the disclosure requirements.
Understanding CMMC It’s a Process, Not a Project
ByKayne“ If a manufacturing strategy can be exfiltrated from even one part of the supply chain it gives enemies an inside look at how equipment works. If they leverage that knowledge, warfighter lives are at risk. ”
Kayne McGladreyInsider Threats: A Big Fear for Small Businesses
ByKayneThis goes hand in hand with the increasing number of vendors, solutions and buzzword technologies. There’s a fear that an SMB will buy the solution that solves a problem defined by a venture capitalist and not address a genuine threat to their business.