Category: Blog

Confidential computing also is an emerging technology meant to protect data in use, said McGladrey of the IEEE.“Confidential computing can allow the processing of data from multiple parties without sharing the input data with those other parties,” he said. “For example, if an organization wants to perform processing on a large set of healthcare data…

In this YouTube video, Scott Schober interviews Kayne McGladrey, Field CISO for Hyperproof about cybersecurity and the challenges faced by CISOs. Kayne discusses the importance of aligning cybersecurity risk with business risk and the need for CISOs to be more involved with board-level decision making. He also talks about his work at Hyperproof to automate…

It’s no surprise that security and compliance professionals are concerned about the effects a potential recession may have on their budgets. Cyber incidents and business interruptions have been the two worldwide corporate risk concerns for two years running, according to Allianz, and the World Economic Forum recently found that cybersecurity is the fifth top risk…

A hacker can say that an institution has 90 days to fix a vulnerability before publicly divulging the secret, and for the vulnerable bank or credit union, that might come off as extortion or a threat. However, it is well within the boundaries of normal security research to do that, according to Kayne McGladrey, Field…

Tune into this ISACA Episode as Hyperproof’s Field CISO, Kayne McGladrey, speaks with ISACA’s Jeff Champion on how 2023 will be the year of risk.

* Deep dive look into interpreting the different emerging US data privacy state laws and the consequences of non-compliance* Learn about the requirements of the SEC cybersecurity rules and the ramifications for public companies* Discuss the security programs that need to be implemented to comply with local and international regulations and rules.

In this episode of the EM360 Podcast, Analyst Richard Stiennon speaks to Kayne McGladrey, Field CISO at Hyperproof to explore: Automating compliance controls vs SOAR automation, Helping CISOs, and if one master set of controls cover multiple frameworks

Hosts Kayne and Tom talk about how to create the Authorization Boundary, a cornerstone of the System Security Plan (SSP) as part of FedRAMP certification. Includes beer tasting notes for Black Butte Porter.

“We’re going to be talking about regulatory compliance, specifically FedRAMP, but we’re also going to be talking about…. beer?”

Kayne McGladrey, field CISO at Hyperproof.io, explained the dangers of such an approach. “Low-cost, high-speed and generally unmonitored networking devices provide threat actors a reliable and robust infrastructure for launching attacks or running command and control infrastructure that will take longer to detect and evict,” he said. McGladrey also pointed out that as organizations deploy…

“Organizations should invest in a combination of asset management, endpoint detection, data loss prevention, cloud-based managed detection and response, and patch or vulnerability management,” says Kayne Mcgladrey (@kaynemcgladrey), Field CISO at Hyperproof and Senior IEEE Member. “Of those, asset management is the starting point, as an organization should have visibility into the devices accessing corporate…

“Work from home is not necessarily new. I just think that for budgetary purposes many companies thought, “oh, that’ll be over soon.””

“We talk about ‘data breaches’ because of regulatory and statutory definitions that focus on the disclosure of data. An organization’s security strategy should work with the end in mind and focus heavily on denying threat actors access to those data with the highest regulatory, statutory, or contractual risks.” Kayne McGladrey, Field CISO at Hyperproof

As we approach 2023, it’s natural to look back on the biggest security events that took place this year and anticipate their effect next year. The previous two years have shown that our world is full of complexity and uncertainty, despite all the advances in data collection, compliance operations automation, and SaaS technology. Risk modelers…

Since the initial release of ISO 27001, the threat actor economy has diversified substantially, with both criminal groups and nation states developing and selling offensive cyber products and cyber surveillance solutions. In response, cybersecurity experts have documented and developed best practices and actionable guidance for organizations to effectively manage their cybersecurity risks. ISO 27001:2022 provides…