Similar Posts
Panel: How Hackers Used and Abused the Pandemic to Profit
ByKayne
In this session, a panel of experts will reflect on the various ways in which hackers have targeted the pandemic over the past 12 months, lifting a lid on the methods employed and outlining how businesses and users can best protect themselves from ongoing COVID-related attacks, scams and fraudulent activity.
What are the pros and cons of shadow IT?
ByKayne
As workers develop and deploy technology without any reviews or security assessments, they often increase the organization’s exposure to various risks, said Kayne McGladrey, a senior member of the IEEE and field CISO at Hyperproof, a compliance management software company, based in Seattle.
Employees should be aware that the IT department conducts thorough research to ensure the organization’s technology is safe and compliant with company policies. The technology itself could be vulnerable to cyberattacks, as unauthorized tech rarely goes through the same level of scrutiny that technology selected and onboarded by IT does, he said.
The practice of shadow IT could open the organization to critical weaknesses. Hackers are known to look for such vulnerabilities, further upping the cybersecurity risk, McGladrey said. IT teams might face challenges in managing unfamiliar technologies not approved by the organization. As the unauthorized technology falls outside of IT’s knowledge and control, the IT team might have less visibility into and a diminished ability to monitor its use, he said.
Thinkers360 Predictions Series – 2020 Predictions for Cloud Computing
ByKayne
Cloud computing will continue to grow despite the frequency of breaches due to a lack of administrative controls and unintentional configuration errors. When an administrator had access to an on-premises server, they could only administer that server; a “cloud administrator” can administer all the assets in a given cloud instance, including backing up and exfiltrating entire servers. This is like the unintentional configuration errors that have plagued so many Amazon S3 buckets in 2019, where organizations have stored PII in S3 in a default configuration, and then those data have been accessed by security researchers.
Podcast: The Truth Behind Automating Compliance Controls
ByKayne
In this episode of the EM360 Podcast, Analyst Richard Stiennon speaks to Kayne McGladrey, Field CISO at Hyperproof to explore: Automating compliance controls vs SOAR automation, Helping CISOs, and if one master set of controls cover multiple frameworks
Critical Infrastructure Requires Modernization
ByKayne
“The monetization and weaponization of digital threats was comparably new when the critical infrastructure components that manage our modern world were being designed for reliability a decade or two ago,” said IEEE Senior Member Kayne McGladrey. McGladrey says that it’s time consuming to patch security flaws in many of these older components, some of which were designed to run uninterrupted for decades.
The Security Podcast In Silicon Valley
ByKayne
Join us in this episode of the Security Podcast in Silicon Valley, where host Jon McLachlan sits down with Kayne McGladrey, Field CISO at Hyperproof. shares his unique journey from theater to cybersecurity, offering insights into risk management, regulatory compliance, and the evolving landscape of cyber threats. Discover how his background in improv and theater has shaped his approach to cybersecurity, the importance of SEC 10-K disclosures, and practical advice for startups and security professionals. Don’t miss this engaging and informative conversation!