Similar Posts
Beyond the Headlines: The Many Forms of Modern-Day Cyber Disruption
ByKayne
Cybersecurity failures were definitely in the news in 2024, but the year’s most serious issue — the outage at security vendor CrowdStrike, which affected millions of Windows systems around the world — wasn’t the result of a intentional attack, notes Kayne McGladrey, Field CISO at Hyperproof and senior member of the Institute of Electrical and Electronics Engineers (IEEE). It was caused by a flaw in an update of the CrowdStrike software. Yet it cost a wide range of companies, including airlines, public transit, healthcare and financial services, an estimated $5.4 billion.
IEEE Cybersecurity Expert Discusses New Scams and Ways to Thwart Them
ByKayne
Another way to thwart cyberattacks is to increase the number of cybersecurity experts, McGladrey says. According to the 2017 cybercrime report from the Herjavec Group, cybersecurity firms estimate such crimes are going to cost about $6 trillion annually by 2021. Companies are experiencing shortages in qualified applicants for cybersecurity jobs. The U.S. Department of Commerce estimates there are now about 350,000 unfilled positions, and that number is only going to increase. McGladrey says.
Moving Compliance From Paperwork To Automation
ByKayne
Understanding the risk to your business requires human intuition. But that doesn’t mean there aren’t a lot of things along the path to understanding risk that can’t be improved with automation. At Black Hat, David Spark spoke to Kayne McGladrey, field CISO, Hyperproof, about how having a security-focused company culture can help CISOs link their known risks to their controls in order to put their budget where it will have the most impact. This can allow organizations to operate within the reality that business risk and cyber risk are not separate things. With changing state regulations and rapidly advancing technology, staying on top of your risk in a simple and understandable way is more imperative than ever.
Navigating the Rocky Road of Data-Driven Insights
ByKayne
It’s no longer enough to have a Security Information and Even Management (SIEM) system or layer in commercial threat data, deploy a deception system, or prioritize assets–there’s simply no one-size-fits-all security solution. “This is still more art than science,” says Kayne McGladrey (@kaynemcgladrey), a director of security and information technology. “An effective solution needs to incorporate elements of all of those products or solutions to create meaningful and actionable intelligence.”
10 ways to get more from your security budget
ByKayne
For years, security budgets seemed to go only one direction: up. As recently as February of this year, some 62% of organizations said they planned to increase their cybersecurity spending for 2020, according research by analyst firm ESG.
But that was then.
Like their C-suite peers, CISOs today are being asked to do more with less – and probably will be for some time, as the world continues in these uncertain economic times.
ICS security challenges and how to overcome them
ByKayne
One of the biggest security challenges, however, might be IT/OT convergence — the merging of information technology with operational technology. IT teams are no strangers to infosec, but their OT counterparts working among industrial control systems (ICSes) have generally never worked in internet-connected networks. Yet, as the benefits of IoT and industrial IoT (IIoT) become apparent, more ICSes and OT environments are becoming connected — bringing multiple benefits but also creating multiple security threats. Compounding the risk is that IT teams don’t know how to handle threats in such environments, leaving many IT and OT teams unsure exactly where the security responsibility lies.
Here, Institute of Electrical and Electronics Engineers Inc. (IEEE) member Kayne McGladrey outlines the challenges of ICS security and explains how OT environments can counter such threats while still reaping the benefits of IoT.