Besides working nights, I learned in my fifteen-minute conversation that Rosa volunteers at an elementary school. She’d met no one who worked in cyber security, and the kids she worked with hadn’t considered it as a career option. They wanted to be rappers, they wanted to be marine biologists; they didn’t know there was a high-paying position called “security operations center analyst.”
Online threats are only getting more and more sophisticated as technology continues to advance. Kayne McGladrey, Director of Security and Information Technology at Pensar Development, says organizations will need to study the tools, techniques, and procedures (TTPs) of each cyber-attacker in order to build a defensive strategy to contain them.
As the clock ticks towards a massive and preventable cyberattack on IIoT devices, manufacturers and companies deploying them must address three challenges.
“Hybrid cloud solutions can help organizations deploy cybersecurity solutions faster, without deploying additional infrastructure or spending staff hours on software and platform updates,” said Kayne McGladrey (@kaynemcgladrey), director of security and IT at Pensar Development. “This will help organizations to deploy innovative solutions rapidly such as deception technologies, which can reduce the ‘dwell time’ associated with breaches.”
Another way to thwart cyberattacks is to increase the number of cybersecurity experts, McGladrey says. According to the 2017 cybercrime report from the Herjavec Group, cybersecurity firms estimate such crimes are going to cost about $6 trillion annually by 2021. Companies are experiencing shortages in qualified applicants for cybersecurity jobs. The U.S. Department of Commerce estimates there are now about 350,000 unfilled positions, and that number is only going to increase. McGladrey says.
“This (factors into) the broader economic outlook,” McGladrey told the Cyber Security Hub. “If the economy is thriving and people are considering asking for a raise, they may pursue a new certification. If they do not receive the raise, they may mentally justify the time spent by putting the certification on their resume and searching for new openings.”
[01:23] What are the most pressing Cyber threats to businesses?
[03:30] Why is diversity, and hiring more women, so important for Cybersecurity?
[07:54] Why do cybercriminals go after our data?
[24:11] With cybercriminals spoofing GPS signals, how concerned should we be about them redirecting self-driving cars?
[25:21] What’s next in Cybersecurity and Cybercrime?
The back-to-school sales circulars are arriving, a reminder that fall is on its way. For most organizations, fall also brings an annual budgetary exercise for which many mid-level managers and executives will be unprepared.
Dos And Dont’s For Privileged Accounts
The regulatory environment for health-care organizations places a high value on personal health information, writes Kayne McGladrey of Integral Partners. However, the dark web market value of PHI has cratered, according to cybersecurity firm Flashpoint. A PHI record that sold for an average of $75 to $100 in 2015 would net $0.50 to $1 in 2017, he writes.
Tune in KXL-FM (Portland, OR) at 4 PM Pacific for a discussion on the intersection of cyber security, agriculture, and the cloud.
“IoT security remains one of the most challenging security vulnerabilities to businesses and consumers,” says Kayne McGladrey (@kaynemcgladrey), Director of Information Security Services at Integral Partners. “The Mirai and Reaper botnets are results of threat actors leveraging poor security controls on IoT devices, building attack infrastructure out of those devices, and using that stolen infrastructure to attack organizations. Organizations purchasing IoT/IIoT devices should treat them the same as any other endpoint device connecting to the corporate network.”