Running Away From Zombies and Better Protecting Infrastructures
Cybersecurity in a Hyperconnected World: By Kayne McGladrey, IEEE Member, and Stephen Cass, IEEE Spectrum Senior Editor
Parents and teachers can help kids prepare for future lifelong careers in cybersecurity
These chats are a public conversation on how individuals and organizations can increase inclusion and encourage diversity in cybersecurity. Cybersecurity jobs now affect the public safety of every developed nation. Our questions started with a quick look back before we focused our discussion on the future.
Two Easy Steps To Reduce And Detect Threats In A Cloud Environment
Although organizations believe the cloud to be inherently more secure, this two-step strategy will improve the security of cloud-based solutions for each organization. When combined with a larger cyber security program, these reduce the risks of a damaging breach.
Health IT Infrastructure Requirements for AI Cybersecurity
“There are too few defenders to collect, process, and analyze the overwhelming amount of available data to produce threat intelligence,” McGladrey told HITInfrastruture.com. “The promise of machine learning is to allow computers to do what they do well, in automating the collection and processing of indicators of compromise, and analyzing those data against both known and emerging threats.”
The Future is Now: Podcast
The team at Aurora IT interviewed me for a feature-length podcast on cybersecurity. Listen to hear about third-party attacker tactics, managing cyber risk, multi-factor authentication, and why a lack of diversity is a threat to public safety.
Why AI Could be Cybersecurity’s Next Big Thing
For many organizations, analysts in security operations centers spend their days sifting through hoards of log files for suspicious activity. The repetitive nature of this work makes AI an ideal replacement, says Kayne McGladrey, IEEE Member, Director of Information Security Services at Integral Partners (US): “Artificial intelligence has been shown to be good at pattern recognition and correlation over a vast number of data points, and can make connections faster than human analysts would.”
‘Cyber Security’s Not An Install Process’: Q&A With Kayne McGladrey
McGladrey, whose work focuses on identity and access management, leads a team that assists clients in multiple industries. The focus: insider and outsider threats on non-privileged or privileged credentials. McGladrey said that technology has matured so much, that overall cyber security is not about software installation.
AI’s Future in Cybersecurity
“We will continue to see artificial intelligence deployed in the security operations center (SOC). Most SOC jobs are checklist-driven, particularly for first- and second-tier analysts who review logs for indicators of compromise (IoCs),”
‘It Comes Back To You’: Evaluating Third-Party Cyber Risk Management
Expanding on this, national cyber security expert and the Director of Information Security Services at Integral Partners, Kayne McGladrey, told the Cyber Security Hub that, “If you’re breached by a third party, nobody cares that it’s the third party’s fault. It comes back to you.”
He continued: “It’s your fault for not having adequate controls. And the single easiest third-party control is around onboarding and off-boarding third-party accounts.”
Even if you’re rotating passwords, monitoring privileged access, auditing, etc., McGladrey said you must know, empirically, who’s accessing your network.
Welcoming the robo-nannies
“Things that were unthinkable 10 years ago are being accepted as commonplace. And that trend will continue.”
Why everyone should consider a career in cybersecurity
Cybersecurity roles support the public good, and help individuals, families and companies stay safe online. People working in cybersecurity are part of supportive teams with great colleagues. Teachers and parents were also cited as inspirational figures for getting involved in technology.
What Are the Implications of Meltdown and Spectre for IoT?
“Patching is a reactive strategy, and there are a couple of challenges that have led us to the current situation. One of those challenges is that the market has rewarded companies that develop and produce products rapidly, and the market has shown a willingness to accept post-release patching as an acceptable trade-off. As a result, developers and architects are rewarded by their employers for producing code and architecture very quickly with less thought given to cybersecurity.
“The other significant challenge is that the cybersecurity community is generally homogenous. We have a diversity problem when just 11% of women work in cybersecurity. This lack of diversity in backgrounds and life experiences has influenced the analytic methodologies that are used to evaluate potential security issues with products. This lack of diversity of thought has led to the unfortunate set of expectations that breaches are inevitable, and this situation will continue until the cybersecurity industry does a better job of including diverse voices and opinions in the global conversation about security.”