Similar Posts
The Cyber Security Recruiter talks to Kayne McGladrey, field CISO at Hyperproof
ByKayne
In the latest episode of The Cyber Security Recruiter podcast, I had an in-depth conversation with Thomas Richard about my 25-year journey in cybersecurity. From my unlikely beginnings in theater arts to my current role as the field CISO at Hyperproof, this conversation covers a wide array of subjects. We delve into the importance of implementing effective security controls and critique the industry’s heavy reliance on certifications. Thomas and I agree that while certifications can serve as useful benchmarks, their increasing prominence risks creating an exclusionary environment that could perpetuate a perceived “skills gap.” The episode covers not just technical matters but also broader philosophies and strategies that are essential for building a resilient cybersecurity posture
How CISOs Follow The Money
ByKayne
Kayne posits, “If you want to see what your new product features are going to be in the next 12 to 18 months, see where the VCs are spending their dollars. If we’ve seen something consistently in the past, in the past 10 years we’ve seen $30 billion of investment inside of cyber security.”
McGladrey is a gadfly for cyber security leaders to forecast budgets based on the newest in new technology. Whether the CISO in question is a bleeding edge, leading edge, fast follower or back-with-the-pack type executive is up to them. Any which way you slice it, you should be able to see where you are spending money in the future based on where venture capitalists are putting their money now.
Thinkers360 Predictions Series – 2020 Predictions for Cybersecurity
ByKayne
Venture capitalists will accelerate feature development via mergers and acquisitions. In recent years, VCs have funded point solution vendors for technologies like SOAR and UEBA. These are features, not stand-alone technologies, and it’s often cheaper for market leaders to buy rather than build new features. CISOs should be aware of this market reality, as buying early-stage cybersecurity from a startup carries the risk of unintentionally having a business relationship with a much larger vendor within two years, and consequently needing to either buy the larger technology solution or rip and replace after the acquisition closes.
The FTC updated the Safeguards Rule. Here’s how to avoid notification events.
ByKayne
The primary emphasis of the new revision is that a ‘notification event’ now triggers the reporting process, described as any unauthorized acquisition of unencrypted customer information. This is a change from the earlier draft of the Rule, which used the term ‘security event’ to describe unauthorized system access or information misuse. This change may result in some confusion, unfortunately, described below.
Keynote slides from TagNW Summit 2019
ByKayne
Cyber attacks are bad and getting worse, and you’d like to turn things around before it’s too late. In this session, you’ll learn how the three most common attacks target people, how to deter and deny threat actors attacking your applications, and how to defend yourself and your community.
Post Pandemic, Technologists Pose Secure Certification for Immunity
ByKayne
“Businesses and organizations would need to … educate their workforce on how to validate that a certificate was correct,” he says. “And there would need to be a substantial educational investment to combat the inevitable phishing campaigns that’d spring up, such as fake websites to collect personally identifiable information and fake security alerts associated with these digital certificates.”