Kayne McGladrey, Field CISO at Hyperproof and IEEE Senior Member, noted that the use of generative AI models in business hinges on their ability to provide accurate information. He cited as examples studies of AI models’ abilities to extract information from documents used for financial sector regulation that are frequently relied on to make investment…

Join Tom Coughlin, J.L. Doty, Gloria Washington, Kathleen Kramer and me as we explore the jobs we’ll see created over the next 20 years, industry’s role driving innovation and the skills our future workforce will need.

“These threats are not merely theoretical, although, at the moment, they are still relatively limited in their application,” McGladrey said. “It is reasonable to expect that threat actors will continue to find innovative new uses of generative AI, extending beyond business email compromise, deepfakes, and the generation of attack code.”

“In 2024, the most significant cybersecurity surprise will be the widespread recognition that Chief Information Security Officers (CISOs) are primarily risk advisors, not risk owners. This distinction contrasts with some companies’ previous perceptions and the operational reality. With cybersecurity concerns such as data center vulnerability, cloud vulnerability, and ransomware attacks still being a top concern…

“It should be a strategic choice for a company to transfer certain business risks associated with cybersecurity threats, which exceed an acceptable level of risk, to an insurer,” says Kayne McGladrey, a senior member of the IEEE. “The expectation is that the insurer will help lessen the financial impact of significant cyber incidents or data…

Next, commit to solving the complexity issue. In practice, this involves consolidation and integration of tools while striking “a balance between robust protection and user convenience,” said Kayne McGladrey (@kaynemcgladrey), Field CISO at Hyperproof and Senior IEEE Member. For example, “automation and integration of security controls are crucial in achieving scalability and simplifying validation of…

Kayne and Tom are joined by special guest Michael Chaoui, the Founder of Atlas One Security. Michael pulls the covers back on some of the challenges of companies going through the ATO process. We also discuss recent legislation and draft memos intended to modernize the FedRAMP process, all while enjoying one of Michael’s favorite stout…

In response to the ever-changing risk environment, company leadership is asking more and more questions about how to best manage risk. But being able to answer those questions means having a system and process in place to accurately document, manage, mitigate, and report on those risks.Luckily, some frameworks and processes already exist to help guide…

My prediction for 2024: In response to increasing regulatory burdens and the risk of civil litigation, successful companies in 2024 will lean into enhancements in their compliance operations. They will actively collect and test evidence of security control effectiveness, linking these controls directly to their risks, across all critical assets or systems. This approach ensures…

Presented byKayne McGladrey, Field CISO – Hyperproof | Charity Otwell, Director, Critical Security Controls – CISDec 05 2023, 11:00am PSTCIS Critical Security controls are a prescriptive, prioritized, and simplified set of best practices that can strengthen your cybersecurity posture. The CIS Controls include foundational security measures that you can use to achieve essential hygiene and…

Kayne and Tom talk about the System and Communications Protection family of FedRAMP Rev5 controls. Learn about the “catch all” approach to this control family and some challenges faced to implementation. Tom and Kayne try a stout for the first time on the show, and Kayne seems to group it with all the other beers.…

The biggest issue with prioritizing software fixes is that there’s often a disconnect between security controls and business risk outcomes, according to Kayne McGladrey, IEEE senior member and field CISO at Hyperproof, a security and risk company. That makes it harder to get executive support, he says. Code maintenance and dependency management aren’t sexy topics.…

An illuminating panel discussion, ‘Expert Predictions for 2024’, where seasoned experts delve into the future of cybersecurity. This dynamic discussion explores controversial key areas shaping the landscape in the coming year.Cyber Budgets Taking a Step BackMaturity in Vulnerability ManagementAI Effects on Cybersecurity Job MarketExperts provide valuable predictions and actionable insights to help you navigate the…

“Realistically, the use of AI in cybersecurity will help to reduce the punishing cognitive load on tier one analysts in the security operation center,” said IEEE Senior Member Kayne McGladrey. “Rather than having to comb through a needlestack looking for a needle, AI promises to automate much of the correlation across vast amounts of data…

In the cybersecurity realm, AI promises to automate tasks burdening human analysts, as noted by IEEE Senior Member Kayne McGladrey.