Moving Compliance From Paperwork To Automation

Venture capitalists will accelerate feature development via mergers and acquisitions. In recent years, VCs have funded point solution vendors for technologies like SOAR and UEBA. These are features, not stand-alone technologies, and it’s often cheaper for market leaders to buy rather than build new features. CISOs should be aware of this market reality, as buying early-stage cybersecurity from a startup carries the risk of unintentionally having a business relationship with a much larger vendor within two years, and consequently needing to either buy the larger technology solution or rip and replace after the acquisition closes.

Kayne and Tom are joined by special guest Michael Chaoui, the Founder of Atlas One Security. Michael pulls the covers back on some of the challenges of companies going through the ATO process. We also discuss recent legislation and draft memos intended to modernize the FedRAMP process, all while enjoying one of Michael’s favorite stout beers.

Integrating AI and cloud technology is reshaping auditing processes, requiring GRC and cybersecurity professionals to adapt to new tools that centralize risk and compliance activities. This shift improves efficiency and accuracy in audits, allowing for real-time monitoring and streamlined workflows. Companies increasingly use AI-driven solutions to automate routine tasks, such as data analysis and cybersecurity anomaly detection, freeing up professionals to focus on more complex issues. Globally, auditors are expected to implement AI tools for tasks like sampling, risk identification, and data analysis. While this may increase audit efficiencies, audit clients are likely to ask for cost concessions.

This was the 7th series of WebForum which was in line with this year’s International CyberSecurity Awareness Month theme “See you in cyber – #becybersmart” held on 28th October 2022.

“If an attacker can steal the user’s cookies, that attacker can impersonate that end user,” says Kayne McGladrey, a senior member and impact creator of the Institute of Electrical and Electronics Engineers. “In an XSS exploit, if I can steal your cookies, I can become you or impersonate you. I can change your password. I can change your backup email account. I can take over that entire account.”