Similar Posts
6 tips for better collaboration between security and cloud teams
ByKayne
Kayne McGladrey, CISSP and cybersecurity strategist at Ascent Solutions, advocates tight management over account privileges. It gives a granular view into your cloud team user accounts and privileges. It’s important that both teams understand and accept the need for controlling access up front.
Three Key Predictions for 2023: The Year of Risk
ByKayne
As we approach 2023, it’s natural to look back on the biggest security events that took place this year and anticipate their effect next year. The previous two years have shown that our world is full of complexity and uncertainty, despite all the advances in data collection, compliance operations automation, and SaaS technology. Risk modelers and analytics experts know we can’t predict or control the world with any degree of certainty, but it’s important to brace ourselves for the upcoming threats and new opportunities the coming year will present. Here are three key risk management predictions we have for 2023 that will shape the risk management industry.
Drafting Compliance Episode 18: 3PAO Accreditation Loss with CISO Joe Evangelisto
ByKayne
Kayne and Tom talk with Joe Evangelisto from Tango Analytics about the interesting and stressful scenario where his 3PAO lost its accreditation. Of course Kayne tackles yet another beer that elicited a memorable response.
‘It Comes Back To You’: Evaluating Third-Party Cyber Risk Management
ByKayne
Expanding on this, national cyber security expert and the Director of Information Security Services at Integral Partners, Kayne McGladrey, told the Cyber Security Hub that, “If you’re breached by a third party, nobody cares that it’s the third party’s fault. It comes back to you.”
He continued: “It’s your fault for not having adequate controls. And the single easiest third-party control is around onboarding and off-boarding third-party accounts.”
Even if you’re rotating passwords, monitoring privileged access, auditing, etc., McGladrey said you must know, empirically, who’s accessing your network.
DHS-led agency works to visualize, share cyber-risk information
ByKayne
Sharing information about threats can help boost overall cybersecurity by alerting others to those risks, as well as providing successful ways to counteract them, said Kayne McGladrey, national cybersecurity expert, director of security and information technology for Pensar Development, and member of the Institute of Electrical and Electronics Engineers.
“They could actually see a reduction in those threats that are commodity threats — threats that are crimes of opportunity [vs. targeted attacks],” he said.
Remote Work and Cybersecurity: 3 Experts Describe the Tech They Wish Everyone Could Use
ByKayne
“As part of the great resignation of 2021, we’ve seen an increasingly fragmented view of intellectual property on the part of departing employees. Businesses can reduce the substantial risk associated with data exfiltration of trade secrets, regulated data and other sensitive data by deploying and monitoring DLP across the enterprise, including remote endpoints.” — IEEE Senior Member Kayne McGladrey