Similar Posts
Bridging the Gap: Communicating Cyber Risks as Business Imperatives (speaking event)
ByKayne
As CISOs make plans to secure operating budgets for the new financial year, they face the age-old challenge of convincing stakeholders, who often see cybersecurity and privacy as a cost center, to invest in this area. It’s time to change the narrative. Discover how to drive more productive conversations about cybersecurity as a strategic growth enabler. Take home actionable ideas for proactively managing controls and risks, increasing efficiency and reducing costs.
Learning Objectives:
Apply techniques and strategies needed to shift the perception of cybersecurity and privacy from cost centers to strategic growth enablers within the organization.
Employ methods for applying proactive control management and risk mitigation methods to enhance an organization’s cybersecurity posture and minimize potential threats.
Identify opportunities for efficiency gains and cost reductions in cybersecurity initiatives, in order to make impactful budgetary decisions for the coming year.
Cybersecurity experts talk about the digital world
ByKayne
“Administrative passwords — they’re sort of interesting,” McGladrey says. “If you can get an application’s password, that’s what got us to the Panama Papers a few years ago, where the third-party attacker was able to compromise the WordPress password, which, because of poor password storage technologies, happened to be the same as their database password.
“All of a sudden we got — three terabytes or something like that; it was something absurd — of ex-filtrated client data. The prime minister of Iceland got in a little bit of trouble about that, as well as people like Jackie Chan, all because the organization didn’t have a good mentality around rotating the passwords that were associated with apps. That problem transitions. It’s not a technology problem. It’s a cultural problem. And it transitions, regardless of environment.”
Drafting Compliance S1, E2: The FedRAMP Authorization Boundary
ByKayne
Hosts Kayne and Tom talk about how to create the Authorization Boundary, a cornerstone of the System Security Plan (SSP) as part of FedRAMP certification. Includes beer tasting notes for Black Butte Porter.
Cyber Threat Prevention: How to Keep Your Services Organization From Being Hacked
ByKayne
Consulting firms can suffer irreparable damage to their reputation if they lose client data due to a cybersecurity incident. This article examines the current threat landscape and provides strategic guidance to prevent professional services firms from becoming the next breach statistic.
Exploring the Advantages of Deploying DPUs in the Data Center
ByKayne
“Moving network and security functions to a DPU allows server CPUs to be more efficient at running core applications and operating systems without sacrificing security controls,” said Kayne McGladrey (@kaynemcgladrey), Security Architect at Ascent Solutions LLC. “DPUs should also expedite the application of Zero Trust principles by allowing finer-grained micro-segmentation of applications and networks so that there is limited or no unearned trust.”
FedRAMP Rev. 5: How Cloud Service Providers Can Prepare
ByKayne
This article covers high-level information that cloud service providers (CSPs) need to know to prepare for their transition to FedRAMP Rev. 5, as documented in the “FedRAMP Baselines Rev. 5 Transition Guide.”