Blog

“The modern business has far more potential cybersecurity events to investigate than can be reasonably reviewed by people, and machine learning has the benefit of quickly focusing people’s attention on the signal, not the noise, so that organizations can rapidly respond to potential incidents before threat actors can establish persistence in an environment.” — Kayne McGladrey (@kaynemcgladrey), cybersecurity strategist at Ascent Solutions

“While the use of telehealth has surged during the COVID-19 pandemic, the data security and privacy concerns for both patients and healthcare providers have also increased, says cybersecurity strategist Kayne McGladrey”

“Tying data security to user identities is the easiest, lowest-effort way to modernize security for small to medium businesses,” says Kayne McGladrey (@kaynemcgladrey), cybersecurity strategist at Ascent Solutions (@meetascent). “Establishing data security based on user identity means that data remains secure regardless of storage location or medium.”

“If an organization learns that there is a vulnerability being actively exploited — or that a proof of concept for a vulnerability has been developed and is in the wild — they can accelerate patching the affected, vulnerable assets to reduce the likelihood of a successful attack.”

“The absolute best thing is getting up every day and knowing that you’re making a difference, and knowing that your actions are going to help people.”

Kayne McGladrey, CISSP and cybersecurity strategist at Ascent Solutions, advocates tight management over account privileges. It gives a granular view into your cloud team user accounts and privileges. It’s important that both teams understand and accept the need for controlling access up front.

“There’s not a one-size-fits-all approach to securing healthcare,” McGladrey said. “All organizations are doing the best they can, working hard against insurmountable odds. It’s important to respect and understand not where they are relative to the standard, but how they’ve improved over time.”

“McGladrey told us there is a grain of truth to the claim made in the Facebook post. He says on certain office landline phones, like corporate PBX systems, pressing a variation of those digits allows a call transfer to happen. But this does not affect cell phones or residential landlines.”

We talk about ‘data breaches’ because of regulatory and statutory definitions that focus on the disclosure of data. An organization’s security strategy should work with the end in mind, and focus heavily on denying threat actors access to those data with the highest regulatory, statutory, or contractual risks.

In this session, a panel of experts will reflect on the various ways in which hackers have targeted the pandemic over the past 12 months, lifting a lid on the methods employed and outlining how businesses and users can best protect themselves from ongoing COVID-related attacks, scams and fraudulent activity.

Incident responses and recovery plans should be updated biannually. Kayne McGladrey, CISSP and cybersecurity strategist for Ascent Solutions said, “Effective incident response plans must cover preparation, detection and analysis, containment, eradication and recovery, and post-incident activity.”

You have a remarkable economic incentive for threat actors to do their job. Unlike a fire, threat actors innovate. There’s not some new way we’re going to have a fire. I guarantee you by the end of the week, we’re going to have a dozen new ways for threat actors to do their jobs.