Similar Posts
Finding a long-term solution to curb Cybercrimes in the digital sphere
ByKayneThis was the 7th series of WebForum which was in line with this year’s International CyberSecurity Awareness Month theme “See you in cyber – #becybersmart” held on 28th October 2022.
What’s a Red Flag When Applying for a Cybersecurity Job?
ByKayneEver apply for a cybersecurity job and then either in the listing or partway through the interview you realize, “Yikes, this job is not for me.”
65 predictions about edtech, equity, and learning in 2022
ByKayneOver the past year and a half, school administrators, teachers, and IT support staff and students themselves have been working in a complex threat environment. The pandemic and major increase in cyberattacks has resulted in closures for both in-person and online schools. While this will only continue into 2022, it will be importance for security and IT professionals that support schools to align their policies, procedures, and technical controls to a cybersecurity framework that fits the needs of their organization, such as the recently announced K-12 resources announced jointly by the FBI and CISA. Using a formal framework can help schools effectively identify and mitigate gaps in school security postures without substantial budget increases. Schools should also consider a quarterly exercise to re-audit their password stores, as the number of compromised passwords will only continue to increase in the year ahead. A password that was secure three months ago may have appeared in a data breach (especially since students and adults tend to use the same passwords for multiple accounts) and may no longer be a secure option. Although it’s hard to predict what’s to come for educational institutions moving forward and future of remote and hybrid learning is going to be uncertain, education professionals should expect to see threat actors continue to target schools that have not taken a proactive approach to cybersecurity and deployed the appropriate defenses.
What Are the Implications of Meltdown and Spectre for IoT?
ByKayne“Patching is a reactive strategy, and there are a couple of challenges that have led us to the current situation. One of those challenges is that the market has rewarded companies that develop and produce products rapidly, and the market has shown a willingness to accept post-release patching as an acceptable trade-off. As a result, developers and architects are rewarded by their employers for producing code and architecture very quickly with less thought given to cybersecurity.
“The other significant challenge is that the cybersecurity community is generally homogenous. We have a diversity problem when just 11% of women work in cybersecurity. This lack of diversity in backgrounds and life experiences has influenced the analytic methodologies that are used to evaluate potential security issues with products. This lack of diversity of thought has led to the unfortunate set of expectations that breaches are inevitable, and this situation will continue until the cybersecurity industry does a better job of including diverse voices and opinions in the global conversation about security.”
AI, automation emerge as critical tools for cybersecurity
ByKayne“The effectiveness of AI solutions this year can be measured via the time-to-discovery metric, which measures how long it takes an organization to detect a breach,” says Kayne McGladrey (@kaynemcgladrey), CISO, Pensar Development. “Reducing time to discovery can be achieved through AI’s tenacity, which doesn’t need holidays, coffee breaks, or sleep, which is unlike Tier 1 security operations center analysts who also get bored reading endless log files and alerts.”
Healthcare’s Biggest Cybersecurity Blind Spots and Misconceptions
ByKayne“There’s not a one-size-fits-all approach to securing healthcare,” McGladrey said. “All organizations are doing the best they can, working hard against insurmountable odds. It’s important to respect and understand not where they are relative to the standard, but how they’ve improved over time.”