Keynote speech at The 24th Colloquium for Information Systems Security Education

ByKayne

Unfortunately the sessions were not recorded due to privacy concerns.

Similar Posts

  • What are the pros and cons of shadow IT?

    ByKayne

    As workers develop and deploy technology without any reviews or security assessments, they often increase the organization’s exposure to various risks, said Kayne McGladrey, a senior member of the IEEE and field CISO at Hyperproof, a compliance management software company, based in Seattle.

    Employees should be aware that the IT department conducts thorough research to ensure the organization’s technology is safe and compliant with company policies. The technology itself could be vulnerable to cyberattacks, as unauthorized tech rarely goes through the same level of scrutiny that technology selected and onboarded by IT does, he said.

    The practice of shadow IT could open the organization to critical weaknesses. Hackers are known to look for such vulnerabilities, further upping the cybersecurity risk, McGladrey said. IT teams might face challenges in managing unfamiliar technologies not approved by the organization. As the unauthorized technology falls outside of IT’s knowledge and control, the IT team might have less visibility into and a diminished ability to monitor its use, he said.

  • InfoSec Pros On the Road: Brenda Bernal, VP, Product Security and Compliance at Digicert

    ByKayne

    In this episode of InfoSec Pros On the Road at RSA 2024, I had the pleasure of interviewing Brenda Bernal, VP of Product Security and Compliance at Digicert. It was a great opportunity to finally meet Brenda in person after numerous Zoom calls. We discussed various topics, starting with the advancements in AI governance and the key risks organizations should focus on, including data privacy, security, and third-party risk management.

    Brenda shared her insights on integrating AI into existing control frameworks and the importance of sustainability and adaptability in AI governance. She emphasized the need for transparency in AI implementations and how it parallels the evolution of ESG reporting.

    We also explored the benefits of automation in GRC processes, drawing from Brenda’s experience as an external auditor and her current work with platforms like Hyperproof. The discussion highlighted the significant time savings and improved risk management that automation brings to compliance efforts.

  • Emerging cyber threats in 2023 from AI to quantum to data poisoning

    ByKayne

    Kayne McGladrey, field CISO at Hyperproof, has seen the evidence. He worked with one organization whose executives received a contract for review and signature. “Nearly everything looked right,” McGladrey says. The only noticeable mistake was a minor error in the company’s name, which the chief counsel caught. But Gen AI isn’t just boosting the hackers’ speed and sophistication, it’s also expanding their reach, McGladrey says. Hackers can now use gen AI to create phishing campaigns with believable text in nearly any language, including those that have seen fewer attack attempts to date because the language is hard to learn or rarely spoken by non-native speakers.

  • How AI poses a threat to election security

    ByKayne

    “We can anticipate a significant increase in disinformation and phishing attacks as the United States prepares for early or mail-in voting in the 2024 elections. The majority of these attacks will likely come from cybercriminals spreading disinformation about how and where to vote. This year’s phishing campaigns may be more sophisticated and widespread, as non-native English or Spanish speakers will be able to leverage large language models to produce realistic messaging,” says Kayne McGladrey, IEEE Senior Member.

  • Parents and teachers can help kids prepare for future lifelong careers in cybersecurity

    ByKayne

    These chats are a public conversation on how individuals and organizations can increase inclusion and encourage diversity in cybersecurity. Cybersecurity jobs now affect the public safety of every developed nation. Our questions started with a quick look back before we focused our discussion on the future.