cybersecurity

Cybersecurity has always been a critical task that must be handled effectively. However, cloud—and more recently—COVID 19—have exacerbated cybersecurity issues and changed the security landscape. In this episode of the podcast, Mike Kavis and guest, Ascent Solutions’ Kayne McGladrey, discuss cybersecurity in the context of cloud, and vis-à-vis the changes wrought by the pandemic. Kayne’s take is that the transition to cloud and the pandemic have exposed and magnified issues that have always been a problem, and that companies should not skimp on cybersecurity, in favor of spending on other “more pressing” projects. The key to success is to focus on data, automation, and risk assessment.

“Being able to rapidly detect and evict threats is necessary in the modern enterprise to avoid regulatory and legal penalties while protecting confidential data or trade secrets,” says Kayne McGladrey, CISSP (@kaynemcgladrey), cybersecurity strategist at Ascent Solutions.

What a delightful surprise! I was nominated and won one of the three “Top Cyber Pro” awards for 2020.

I hope you’ve already had a risk definition conversation- get in front of the board or in front of your CIO or in front of your CFO, whoever is going to ultimately pay the bill. And then for anything where you know you can’t afford it because you’ve seen a reduction in your budget as a consequence of the pandemic- have that conversation early with your cyber insurance broker.

Linux continues to be a popular deployment choice for new virtual machines on Azure. “Organizations moving legacy on-premises Linux servers to the cloud can quickly gain the benefits of robust disaster recovery and security without needing to change platforms or applications”

The pandemic’s continuing effects on corporate budgets will result in a net reduction in cybersecurity budgets in 2021.

Unfortunately the sessions were not recorded due to privacy concerns.

“Have a KPI about value that came out of your threat intelligence feed. Did it actually cause you to do something differently? Were your analysts able to act on this, or was it just another thing that they had to go look at? Because when you think of time as being our chief enemy, if it’s sucking time and not producing value, why do you keep it? It’s a data feed, ultimately. At the end of the day, you have to contextualize it in terms of your organization. Threat actors tend to vary in terms of behavior in their TTPs. And consequently, you need to really tailor your threat intelligence. And if you’re not getting that tailored information, drop it.”

IT and security response to the coronavirus pandemic was heroic. Although many organizations had some degree of remote-work capabilities pre-COVID-19, the past year brought this work to new levels.

Enterprise security has had to quickly evolve alongside the shift to remote work and cloud adoption. For example, companies successfully ramped up VPN infrastructure, shifted to online models of collaboration software, and re-examined security policies in light of a highly distributed workforce.

“On a related note, #ZeroTrust isn’t a sticker on your router or a #cybersecurity product that you buy. It’s a shift in architectural patterns that have to be supported by policies.”

Telehealth, often referred to as virtual doctor appointments, has been utilized in remote regions that do not have local medical resources for several decades. But when COVID-19 began impacting many countries across the globe, telehealth became the go-to method for checking in with your doctor about possible COVID-19 symptoms or other healthcare check-ups.

Hey Guys, Today I have an interview with Kayne McGladrey, he is a vCISO / Spokesperson / Global Cybersecurity Thought Leader / Strategy and GRC Practice Lead who I follow on twitter  and find extremely interesting J He is a national cybersecurity expert, helping clients develop proactive programs to manage cyber-risk. He is the cybersecurity…