Similar Posts
Managing Risk and Compliance Through a Recession
ByKayne
It’s no surprise that security and compliance professionals are concerned about the effects a potential recession may have on their budgets. Cyber incidents and business interruptions have been the two worldwide corporate risk concerns for two years running, according to Allianz, and the World Economic Forum recently found that cybersecurity is the fifth top risk worldwide in 2023. Yet, over 66,000 tech jobs were cut in the first two months of 2023 due to recessionary factors, and over half of organizations struggle with identifying where the critical risks are in order to figure out what remediations to prioritize. The risk of paying fines and penalties is increasing as the FTC, SEC, NYDFS, and other regulatory agencies are leaning into enforcement rather than sanctions.
Let’s examine an end-to-end process that organizations can use annually to evaluate which controls are effectively reducing risks, and which controls could be removed or replaced to create budgetary efficiencies
Post Pandemic, Technologists Pose Secure Certification for Immunity
ByKayne
“Businesses and organizations would need to … educate their workforce on how to validate that a certificate was correct,” he says. “And there would need to be a substantial educational investment to combat the inevitable phishing campaigns that’d spring up, such as fake websites to collect personally identifiable information and fake security alerts associated with these digital certificates.”
ICS security challenges and how to overcome them
ByKayne
One of the biggest security challenges, however, might be IT/OT convergence — the merging of information technology with operational technology. IT teams are no strangers to infosec, but their OT counterparts working among industrial control systems (ICSes) have generally never worked in internet-connected networks. Yet, as the benefits of IoT and industrial IoT (IIoT) become apparent, more ICSes and OT environments are becoming connected — bringing multiple benefits but also creating multiple security threats. Compounding the risk is that IT teams don’t know how to handle threats in such environments, leaving many IT and OT teams unsure exactly where the security responsibility lies.
Here, Institute of Electrical and Electronics Engineers Inc. (IEEE) member Kayne McGladrey outlines the challenges of ICS security and explains how OT environments can counter such threats while still reaping the benefits of IoT.
Healthcare’s Biggest Cybersecurity Blind Spots and Misconceptions
ByKayne
“There’s not a one-size-fits-all approach to securing healthcare,” McGladrey said. “All organizations are doing the best they can, working hard against insurmountable odds. It’s important to respect and understand not where they are relative to the standard, but how they’ve improved over time.”
The Impact of Remote Work on Enterprise Security
ByKayne
IT and security response to the coronavirus pandemic was heroic. Although many organizations had some degree of remote-work capabilities pre-COVID-19, the past year brought this work to new levels.
Enterprise security has had to quickly evolve alongside the shift to remote work and cloud adoption. For example, companies successfully ramped up VPN infrastructure, shifted to online models of collaboration software, and re-examined security policies in light of a highly distributed workforce.
Keynote speech at The 24th Colloquium for Information Systems Security Education
ByKayne
Unfortunately the sessions were not recorded due to privacy concerns.