Full article at
https://www.sourcesecurity.com/amp/insights/biggest-ethical-considerations-security-technology-co-227-ga-co-723-ga-co-2566-ga-co-4559-ga-co-11462-ga-co-1582238342-ga-co-1584600779-ga-co-1668670477-ga-co-1670411369-ga-off.1712204052.html
To get a sober assessment, we invited Pensar CISO and IEEE member Kayne McGladrey, CISSP into the studio to talk about the variety of risks that remote working introduces. There are some new risks that companies need to account for: from remote access bottlenecks to prying eyes in insecure home offices to insecure home workstations.
IEEE Senior Member, Kayne McGladrey said that “AI-generated phishing removes all the traditional warning signs that training programs teach people to look for.” Typical training tells people to watch for bad grammar, weird formatting or implausible scenarios. “However, AI can now create emails that are grammatically perfect, properly formatted and believable. It can even personalize attacks using information scraped from social media or data breaches.”
An assessment of digital literacy isn’t a one-time event in an organization, according to McGladrey. “This is a continuous cycle for businesses to assess how employees use the tools provided, how they process information, how they’re creating content, and their critical thinking skills,” McGladrey said. And don’t make this a class that’s going to drag people down and eat most of their day, he added. “This continuous assessment process should be buttressed by brief just-in-time learning opportunities. No one wants to sit down for a four-hour digital literacy class for things they do know if they can instead get a five-minute tutorial on a new topic or technique they can apply to their current work.”
“If the end user logs on from Seattle, where their mobile phone and laptop is, a connection from New York would be unusual,” McGladrey explained. “It is also possible to note the typing style and speed of a user and use that biometric signature to determine if the user is legitimate. These data [points] make it more difficult for a threat actor to operate silently in the environment.”
I’ll be on the air live, discussing cyber security with Chris Sommer of KRLD-AM in Dallas, TX today at 1 PM ET.
McGladrey finds an increased need in cybersecurity as the pandemic has forced an increase in online resources. “Cybersecurity is a way of protecting our friends, family, and communities from financial losses and the loss of their privacy,” McGladrey said.