Similar Posts
Member Spotlight: Kayne McGladrey, Director Of Security And IT, Pensar Development
ByKayne
Until we change how we talk and think about cybersecurity, I fear it’s like the Alcoholics Anonymous definition of insanity: doing the same thing and expecting a different result.
Passwords, Multi-Factor Authentication and Cybersecurity
ByKayne
Device location and user behavior can shed a lot more light on a login attempt, yet not all MFA solutions currently incorporate them, says McGladrey. If organizations switched to better access management systems, the cost to successfully infiltrate accounts would rise exponentially, barring “all but the best-funded nation-state actors and APTs.”
What is the last thing to do before the end of the year?
ByKayne
I hope you’ve already had a risk definition conversation- get in front of the board or in front of your CIO or in front of your CFO, whoever is going to ultimately pay the bill. And then for anything where you know you can’t afford it because you’ve seen a reduction in your budget as a consequence of the pandemic- have that conversation early with your cyber insurance broker.
Data loss prevention vendors tackle gen AI data risks
ByKayne
“Employees across industries are finding new and innovative ways to perform their tasks at work faster,” says Kayne McGladrey, IEEE senior member and field CISO at Hyperproof. “However, this can lead to the sharing of confidential or regulated information unintentionally. For instance, if a physician sends personal health information to an AI tool to assist in drafting an insurance letter, they may be in violation of HIPAA regulations.” The problem is that many public AI platforms are continually trained based on their interactions with users. This means that if a user uploads company secrets to the AI, the AI will then know those secrets — and will spill them to the next person who asks about them. It’s not just public AIs that have this problem. An internal large language model that ingested sensitive company data might then provide that data to employees who shouldn’t be allowed to see it.
Podcast: The Truth Behind Automating Compliance Controls
ByKayne
In this episode of the EM360 Podcast, Analyst Richard Stiennon speaks to Kayne McGladrey, Field CISO at Hyperproof to explore: Automating compliance controls vs SOAR automation, Helping CISOs, and if one master set of controls cover multiple frameworks
How AI poses a threat to election security
ByKayne
“We can anticipate a significant increase in disinformation and phishing attacks as the United States prepares for early or mail-in voting in the 2024 elections. The majority of these attacks will likely come from cybercriminals spreading disinformation about how and where to vote. This year’s phishing campaigns may be more sophisticated and widespread, as non-native English or Spanish speakers will be able to leverage large language models to produce realistic messaging,” says Kayne McGladrey, IEEE Senior Member.