Similar Posts

SEC Cyber Risk Disclosures: What Companies Need to Know

ByKayne

In this video interview with Information Security Media Group at the Cybersecurity Implications of AI Summit, McGladrey also discussed:

  • Why companies should use tools and software to collect and automatically gather evidence of compliance;

  • The consequences of false cyber risk disclosures;

  • The impact that SEC requirements have on private companies and supply chains.

A back-to-school plan for reaching the next generation of cybersecurity professionals

ByKayne

To further diversify, our field needs better to present the career options and benefits to young people. Most new people in cybersecurity quickly learn that this is a collaborative, team-oriented job. Not everyone needs to write code; there are project managers, analysts, trainers, consultants, and marketing professionals. Our jobs pay a middle-class salary and are generally recession-proof.

Emerging cyber threats in 2023 from AI to quantum to data poisoning

ByKayne

Kayne McGladrey, field CISO at Hyperproof, has seen the evidence. He worked with one organization whose executives received a contract for review and signature. “Nearly everything looked right,” McGladrey says. The only noticeable mistake was a minor error in the company’s name, which the chief counsel caught. But Gen AI isn’t just boosting the hackers’ speed and sophistication, it’s also expanding their reach, McGladrey says. Hackers can now use gen AI to create phishing campaigns with believable text in nearly any language, including those that have seen fewer attack attempts to date because the language is hard to learn or rarely spoken by non-native speakers.

What Are the Implications of Meltdown and Spectre for IoT?

ByKayne

“Patching is a reactive strategy, and there are a couple of challenges that have led us to the current situation. One of those challenges is that the market has rewarded companies that develop and produce products rapidly, and the market has shown a willingness to accept post-release patching as an acceptable trade-off. As a result, developers and architects are rewarded by their employers for producing code and architecture very quickly with less thought given to cybersecurity.

“The other significant challenge is that the cybersecurity community is generally homogenous. We have a diversity problem when just 11% of women work in cybersecurity. This lack of diversity in backgrounds and life experiences has influenced the analytic methodologies that are used to evaluate potential security issues with products. This lack of diversity of thought has led to the unfortunate set of expectations that breaches are inevitable, and this situation will continue until the cybersecurity industry does a better job of including diverse voices and opinions in the global conversation about security.”