Similar Posts
‘It Comes Back To You’: Evaluating Third-Party Cyber Risk Management
ByKayne
Expanding on this, national cyber security expert and the Director of Information Security Services at Integral Partners, Kayne McGladrey, told the Cyber Security Hub that, “If you’re breached by a third party, nobody cares that it’s the third party’s fault. It comes back to you.”
He continued: “It’s your fault for not having adequate controls. And the single easiest third-party control is around onboarding and off-boarding third-party accounts.”
Even if you’re rotating passwords, monitoring privileged access, auditing, etc., McGladrey said you must know, empirically, who’s accessing your network.
Certifications A Part Of ‘Vicious Circle’ In Cyber Security Space?
ByKayne
“This (factors into) the broader economic outlook,” McGladrey told the Cyber Security Hub. “If the economy is thriving and people are considering asking for a raise, they may pursue a new certification. If they do not receive the raise, they may mentally justify the time spent by putting the certification on their resume and searching for new openings.”
6 tips for consolidating your IT security tool set
ByKayne
All controls and tools should be linked to a reduction in the probability or likelihood of a risk that’s above the organization’s tolerance level, says Kayne McGladrey, CISO at risk management provider Hyperproof and a senior member of IEEE. If there’s no longer a need for a product, it should go.
Cyberattacks and How to Defend Against Them with Kayne McGladrey
ByKayne
“In this episode, we’re talking with Kayne McGladrey about cybersecurity, cyberterrorism and how to defend against these attacks at the personal, corporate, and national levels. I’ve been working on research for my next book and I knew that I had to talk to him to see what we could do to defend against this new and pernicious form of war.”
Cyberattacks Make World Economic Forum Top 10 Global Risks For The Next Decade
ByKayne
Keeping an organization secure is every employee’s job. Instead of the obligatory employee training, Director of Security & IT for Pensar Development Kayne McGladrey recommends continuous engagement with the end-user community. “Provide opportunities and instrumentation to demonstrate policy violations rather than lecture at people.” Examples include leaving a USB data stick in a break room or using phishing tools to falsify emails from known employees that seem suspicious. “This helps educate and creates healthy suspicion,” said McGladrey.
New Year, New Standards: Preparing for SEC Cybersecurity Disclosures in 2025 and Beyond
ByKayne
Presented at the CIO & CISO Atlanta Summit
New Year, New Standards: Preparing for SEC Cybersecurity Disclosures in 2025 and Beyond
The SEC’s new cybersecurity disclosure requirements have set a new benchmark for transparency and accountability, compelling public companies to enhance their cybersecurity practices and reporting.
In this session, you’ll learn how to align your organizations with these evolving requirements and take proactive steps to stay ahead of regulatory expectations.
In this session, we’ll join Kayne McGladrey, Field CISO at Hyperproof, to discuss:
An overview of the 2024 SEC cybersecurity requirements
Best practices for cybersecurity disclosures
How to prepare for the 2025 disclosure season