cybersecurity

The security industry can do a better job of promoting emerging technologies in security environments by linking their solutions to measurable outcomes that matter to CISOs. Those outcomes could be to either reduce sales friction or to show measurable progress in key risk indicators that board members care about. For example, while according to the recent “The Impact of Technology in 2025 and Beyond: an IEEE Global Study,” 48% of technologists said that the top application for AI in 2025 will be real-time cybersecurity vulnerability identification and attack prevention, vendors should still be prepared to explain how investments in their solutions can produce progress over time and support agreed-upon business objectives, outside of the technical benefits. Unfortunately, most emerging technologies primarily discuss technical benefits and features, not business outcomes. For example, if a CISO cares about multifactor authentication coverage, vendors should explain how their solution improves coverage and ties that to higher business resiliency. That would also reduce friction in B2B sales where a high degree of MFA coverage could be cited as a key control in a SOC 2 type 2 report, for example.

We chatted with Kayne about education systems security, funding for cyber tools and services, and what the future of education might look like to fill more cyber roles.

Cybersecurity failures were definitely in the news in 2024, but the year’s most serious issue — the outage at security vendor CrowdStrike, which affected millions of Windows systems around the world — wasn’t the result of a intentional attack, notes Kayne McGladrey, Field CISO at Hyperproof and senior member of the Institute of Electrical and Electronics Engineers (IEEE). It was caused by a flaw in an update of the CrowdStrike software. Yet it cost a wide range of companies, including airlines, public transit, healthcare and financial services, an estimated $5.4 billion.

Join us in this episode of the Security Podcast in Silicon Valley, where host Jon McLachlan sits down with Kayne McGladrey, Field CISO at Hyperproof. shares his unique journey from theater to cybersecurity, offering insights into risk management, regulatory compliance, and the evolving landscape of cyber threats. Discover how his background in improv and theater has shaped his approach to cybersecurity, the importance of SEC 10-K disclosures, and practical advice for startups and security professionals. Don’t miss this engaging and informative conversation!

“We can anticipate a significant increase in disinformation and phishing attacks as the United States prepares for early or mail-in voting in the 2024 elections. The majority of these attacks will likely come from cybercriminals spreading disinformation about how and where to vote. This year’s phishing campaigns may be more sophisticated and widespread, as non-native English or Spanish speakers will be able to leverage large language models to produce realistic messaging,” says Kayne McGladrey, IEEE Senior Member.

In this episode, we’re talking with Kayne McGladrey about cybersecurity, cyberterrorism and how to defend against these attacks at the personal, corporate, and national levels. I’ve been working on research for my next book and I knew that I had to talk to him to see what we could do to defend against this new and pernicious form of war.

In this Help Net Security video, Kayne McGladrey, IEEE Senior Member, discusses best practices for using digital wallets safely. With the adoption of digital wallets and the increasing embedding of consumer digital payments into daily life, ensuring security measures is essential. According to a McKinsey report, digital payments are now mainstream and continually evolving, bringing advancements and new data protection and fraud prevention challenges.

Early threat detection practices mostly involved identifying “something bad on a device by detecting that it matched a known signature,” explained Kayne McGladrey, a senior member of IEEE, a nonprofit professional association, and field CISO at Hyperproof. This signature-based detection was, and still is, a key part of threat detection, but other rules-based detection practices — where computer activities are analyzed to determine if they follow set rules — have become foundational components of threat detection over the years, too.

“[AI] allows a threat actor to scale a lot faster and across multiple channels,” Kayne McGladrey, chief information security officer at compliance management company Hyperproof, told Built In. “And the defensive tools haven’t quite caught up. Unfortunately, none of this stuff is going away. This has now become a fixture of the landscape. It’s part of our new, modern cybersecurity hellscape that we inhabit continuously.”

“After all, AI serves as both a force accelerator, as it will allow those threat actors to operate at large scale without having to increase the size of their workforce. At the same time, the ability of AI to generate convincing-enough speech in another language will serve to open new markets to threat actors who might have previously employed linguists,” says Kayne McGladrey, IEEE Senior Member.

Companies with mature GRC programs have an advantage over their competitors. However, something has been missing in the GRC world: the ability to truly understand an organization’s GRC maturity and the steps it would take to build the business case for change. That’s where the GRC Maturity Model comes in.

Hyperproof’s GRC Maturity model is a practical roadmap for organizations to improve their GRC maturity business processes to enter new markets and successfully navigate our rapidly changing regulatory and legal space. By providing a vendor-agnostic roadmap for how companies can improve key business operations, we can help even the playing field for everyone in GRC.

This extensive, peer-reviewed model written by Kayne McGladrey includes:

• An overview and definition of Governance, Risk, and Compliance (GRC)

• A summary of the four maturity levels defined in the model: Traditional, Initial, Advanced, and Optimal

• An overview of the most common business practices associated with governance, risk, and compliance

• A simplified maturity chart listing the attributes associated with each maturity level

• A list of observable behaviors or characteristics associated with the maturity level to help you assess where your organization falls

• A set of high-level recommendations for how to move from a lower level to a higher level

Kayne McGladrey, the Field CISO at Hyperproof, is a renowned cybersecurity expert with an extensive background in enhancing security landscapes across various industries. His career is marked by significant contributions in developing robust security frameworks, managing complex risk scenarios, and driving comprehensive compliance initiatives. With a deep commitment to transforming the cybersecurity field, Kayne’s insights and strategies continue to influence how organizations approach security and regulatory compliance, making him a sought-after voice in the industry.