On The Hook Eps 9 w/ Kayne McGladrey – CISO Mansion of Madness

Cybersecurity failures were definitely in the news in 2024, but the year’s most serious issue — the outage at security vendor CrowdStrike, which affected millions of Windows systems around the world — wasn’t the result of a intentional attack, notes Kayne McGladrey, Field CISO at Hyperproof and senior member of the Institute of Electrical and Electronics Engineers (IEEE). It was caused by a flaw in an update of the CrowdStrike software. Yet it cost a wide range of companies, including airlines, public transit, healthcare and financial services, an estimated $5.4 billion.

“If an organization learns that there is a vulnerability being actively exploited — or that a proof of concept for a vulnerability has been developed and is in the wild — they can accelerate patching the affected, vulnerable assets to reduce the likelihood of a successful attack.”

“Hybrid cloud solutions can help organizations deploy cybersecurity solutions faster, without deploying additional infrastructure or spending staff hours on software and platform updates,” said Kayne McGladrey (@kaynemcgladrey), director of security and IT at Pensar Development. “This will help organizations to deploy innovative solutions rapidly such as deception technologies, which can reduce the ‘dwell time’ associated with breaches.”

Featured Presentation: “Best practices for cyber security training programs” by Kayne McGladrey, CISSP Employees dread the meeting invitation that reads ‘Annual mandatory cyber security training in the break room at 1 PM Wednesday’. In this presentation, we’ll discuss best practices for creating a reality-based training program that encourages employee participation and builds organizational muscle memory for responding to active threats.

Besides working nights, I learned in my fifteen-minute conversation that Rosa volunteers at an elementary school. She’d met no one who worked in cyber security, and the kids she worked with hadn’t considered it as a career option. They wanted to be rappers, they wanted to be marine biologists; they didn’t know there was a high-paying position called “security operations center analyst.”

In this session, a panel of experts will reflect on the various ways in which hackers have targeted the pandemic over the past 12 months, lifting a lid on the methods employed and outlining how businesses and users can best protect themselves from ongoing COVID-related attacks, scams and fraudulent activity.