Similar Posts

InfoSec Pros On the Road: Brenda Bernal, VP, Product Security and Compliance at Digicert

ByKayne

In this episode of InfoSec Pros On the Road at RSA 2024, I had the pleasure of interviewing Brenda Bernal, VP of Product Security and Compliance at Digicert. It was a great opportunity to finally meet Brenda in person after numerous Zoom calls. We discussed various topics, starting with the advancements in AI governance and the key risks organizations should focus on, including data privacy, security, and third-party risk management.

Brenda shared her insights on integrating AI into existing control frameworks and the importance of sustainability and adaptability in AI governance. She emphasized the need for transparency in AI implementations and how it parallels the evolution of ESG reporting.

We also explored the benefits of automation in GRC processes, drawing from Brenda’s experience as an external auditor and her current work with platforms like Hyperproof. The discussion highlighted the significant time savings and improved risk management that automation brings to compliance efforts.

Zero trust secures agile business transformation

ByKayne

CIOs should collaborate closely with CISOs to evaluate which zero trust controls will offer the most significant mitigation of agreed-upon business risks. Once specific controls are implemented, they can be centralized and reused across the various compliance standards like SOC 2 Type 2, ISO 27001, and PCI, delivering greater flexibility. “The key lies in the deliberate selection of zero trust controls aimed at reducing specific business risks while potentially streamlining existing compliance efforts,” explains Kayne McGladrey (@kaynemcgladrey), field CISO at Hyperproof and senior IEEE member.

Article: Experts advise on how to build a successful hybrid work security strategy

ByKayne

Next, commit to solving the complexity issue. In practice, this involves consolidation and integration of tools while striking “a balance between robust protection and user convenience,” said Kayne McGladrey (@kaynemcgladrey), Field CISO at Hyperproof and Senior IEEE Member. For example, “automation and integration of security controls are crucial in achieving scalability and simplifying validation of efficient control operations.”

Kayne McGladrey Of Hyperproof On Cybersecurity Compliance in the Age of AI Threats

ByKayne

“Compliance with regulatory standards and industry-specific guidelines for product security is an indispensable part of cybersecurity. In an age where malicious AI poses a significant threat, how do organizations ensure their product security strategies are not just effective, but also fully compliant? As a part of this series, I had the pleasure of interviewing Kayne McGladrey.”