Blog

The pandemic’s continuing effects on corporate budgets will result in a net reduction in cybersecurity budgets in 2021.

Unfortunately the sessions were not recorded due to privacy concerns.

“Have a KPI about value that came out of your threat intelligence feed. Did it actually cause you to do something differently? Were your analysts able to act on this, or was it just another thing that they had to go look at? Because when you think of time as being our chief enemy, if it’s sucking time and not producing value, why do you keep it? It’s a data feed, ultimately. At the end of the day, you have to contextualize it in terms of your organization. Threat actors tend to vary in terms of behavior in their TTPs. And consequently, you need to really tailor your threat intelligence. And if you’re not getting that tailored information, drop it.”

IT and security response to the coronavirus pandemic was heroic. Although many organizations had some degree of remote-work capabilities pre-COVID-19, the past year brought this work to new levels.

Enterprise security has had to quickly evolve alongside the shift to remote work and cloud adoption. For example, companies successfully ramped up VPN infrastructure, shifted to online models of collaboration software, and re-examined security policies in light of a highly distributed workforce.

“On a related note, #ZeroTrust isn’t a sticker on your router or a #cybersecurity product that you buy. It’s a shift in architectural patterns that have to be supported by policies.”

Telehealth, often referred to as virtual doctor appointments, has been utilized in remote regions that do not have local medical resources for several decades. But when COVID-19 began impacting many countries across the globe, telehealth became the go-to method for checking in with your doctor about possible COVID-19 symptoms or other healthcare check-ups.

Hey Guys, Today I have an interview with Kayne McGladrey, he is a vCISO / Spokesperson / Global Cybersecurity Thought Leader / Strategy and GRC Practice Lead who I follow on twitter  and find extremely interesting J He is a national cybersecurity expert, helping clients develop proactive programs to manage cyber-risk. He is the cybersecurity…

“If an attacker can steal the user’s cookies, that attacker can impersonate that end user,” says Kayne McGladrey, a senior member and impact creator of the Institute of Electrical and Electronics Engineers. “In an XSS exploit, if I can steal your cookies, I can become you or impersonate you. I can change your password. I can change your backup email account. I can take over that entire account.”

An ‘acceptable trade-off’ if bankruptcy is the only other option

Kayne McGladrey (@kaynemcgladrey), Cybersecurity Strategist at Ascent Solutions, said delaying or cancelling security projects is “an acceptable trade-off” only if bankruptcy is the alternative.

“Due to the pandemic, this is the choice that some organizations face today,” he continued. “Other organizations should first prioritize their security projects to mitigate those risks with the highest potential impact to the business. Organizations should then have a difficult conversation about residual risks with their cyber insurance providers, and plan to implement monitoring of those risks not transferred to insurance or mitigated through implementation of technical controls.”

“Where cloud analytics shine is in detecting a repeated series of risky actions by an individual user account [that signal] a business email compromise followed by a ransomware attack,” he said. “Cloud analytics allow organizations to detect and prevent these and other attacks not only at scale but also faster than traditional investigative techniques.”

“Your incident response plan will be examined during discovery, period, point blank. Keep that in mind. It’s your policy and your plan that are going to be examined by our discovery, and make sure that you can actually do what that policy says and make sure you can do what the procedures say.”