Similar Posts
Market Report: Decreasing Risk Through Enterprise Compliance
ByKayne
Compliance is often viewed as a reaction for organizations. The auditing of compliance becomes the event that is anticipated with resources and preparation aligned to culminate in the audit itself. A famous approach used in product development is that launch is a process, not an event. The spirit of that message is important for security leaders to consider in building a sustainable business case for compliance. Compliance should be viewed as a continuous, organizational process.
The New CISO Journey Includes Tried & True Old Steps
ByKayne
“It remains a very complicated role because you have to ultimately be able to speak, to three separate audiences: the business folks- who are interested in cost controls and also cost savings and cost improvements, and material effect of the business. The technology folks: who want to know that you’re doing the cyber right. And legal folks: who want to know that they’re adequately shielding the business from legal and regulatory risk.”
CYBER SECURITY FOR SMALL BUSINESSES AND CONSULTANTS
ByKayne
Do you feel like you are overwhelmed trying to run your business while defending against the latest cyber threats? Join Kayne McGladrey, speaker, author and Director of Information Security Services for Integral Partners (http://www.ipllc.co) for our upcoming presentation on taking a proactive, risk-oriented approach to cyber security for individual consultants and small businesses.
Kayne will discuss:
– Why you should manage risks based on user identity instead of chasing the latest threats
– How individual consultants can protect themselves
– A vendor-neutral reference architecture for cyber security at small businesses
We will have time for Q&A at the end of the presentation.
The Phishing Phenomenon: How To Keep Your Head Above Water
ByKayne
Phishing is the lowest cost way for a threat actor to gain access to an organization’s network and assets, according to Kayne McGladrey, an IEEE member and director of Security and IT at Pensar Development. “While it might be fashionable to worry about the latest zero-day, or shadowy nation-state threat actors developing crippling remote exploits, the fact is that it’s cheaper to ask users for their passwords.”
The fact that nearly a billion people had their personal information exposed in November 2018 “has further helped threat actors to develop more compelling and targeted phishing content,’’ McGladrey adds.
Why end-to-end encryption matters
ByKayne
In this Help Net Security video, Kayne McGladrey, IEEE Senior Member and Field CISO at Hyperproof, discusses end-to-end encryption (E2EE). E2EE ensures that only two parties – a sender and a receiver – can access data, and helps to protect consumers and businesses from prying eyes and attackers.
A 10-point plan to vet SaaS provider security
ByKayne
“The SaaS vendor should be upfront about data sovereignty and optional localization,” McGladrey adds. “While this is particularly important for multinational organizations selecting SaaS solutions, those organizations bound to a single geography would likely want to avoid awkward situations, such as [personal information] for Americans being intentionally processed and stored in a foreign data center.”