cybersecurity

Ever apply for a cybersecurity job and then either in the listing or partway through the interview you realize, “Yikes, this job is not for me.”

In this very entertaining episode of The Other Side of the Firewall podcast, we’ll learn Kayne’s amazing cybersecurity “origin story” and discuss the need for more diversity of culture and thought within cybersecurity. We’ll also go into upcoming Federal and State policy and how he and his team have developed the tools necessary to keep up with the future of Governance, Risk, and Compliance. Don’t miss out!

Video interview with Kayne McGladrey, field CISO of Hyperproof and Chris Denbigh-White, CSO of NextDLP, about the value of automating routine evidence collection and testing as part of ongoing compliance operations.

Kayne McGladrey, field CISO at Hyperproof, has seen the evidence. He worked with one organization whose executives received a contract for review and signature. “Nearly everything looked right,” McGladrey says. The only noticeable mistake was a minor error in the company’s name, which the chief counsel caught. But Gen AI isn’t just boosting the hackers’ speed and sophistication, it’s also expanding their reach, McGladrey says. Hackers can now use gen AI to create phishing campaigns with believable text in nearly any language, including those that have seen fewer attack attempts to date because the language is hard to learn or rarely spoken by non-native speakers.

Kayne and Tom talk about personnel security, background checks, what FedRAMP requires for onboarding and terminating employees as well as a host of tips and tricks for meeting this control family. Of course, they try a new beer and maybe, just maybe, agree on the score.

Join Hyperproof’s Field CISO, Kayne McGladrey, as he talks about the top five cybersecurity news stories to know for September, 2023 in under five minutes.

New SEC rules

D&O insurance and SEC rules

CISO succession planning

Board’s AI responsibility

SEC vs. Covington & Burling

In this Help Net Security video, Kayne McGladrey, IEEE Senior Member and Field CISO at Hyperproof, discusses end-to-end encryption (E2EE). E2EE ensures that only two parties – a sender and a receiver – can access data, and helps to protect consumers and businesses from prying eyes and attackers.

“The only meaningful consideration of zero trust adoption is when the board and CEO are willing to trust and partner with the CISO to effectively mitigate business risks. A recent Gartner study found that a CISO who can effectively tie business outcomes to a material reduction in business risk through practical implementation of zero trust controls will make security an asset for their organization that enables them to compete more effectively.” — Kayne McGladrey, field CISO, Hyperproof

“Not all high schools are promoting cybersecurity as a career option, and working in the SOC can have the knock-on effect of bringing people in who were unaware of the field before,” says Kayne McGladrey, a senior member at IEEE. Even if they don’t go on to take cyber jobs, “working in the SOC gives them exposure to some of the language and risks common in cybersecurity,” he says. “Then, if they’re working as developers, it’ll influence the direction by which they create things. They’ll at least have security in mind.”

TechRepublic reports that generative artificial intelligence has been touted by Hyperproof Field Chief Information Security Officer Kayne McGladrey to not hamper employment opportunities in cybersecurity.

Continuous cyberattack innovation and supply chain diversity among threat actors would ensure that humans will not be displaced by generative AI, said McGladrey in an interview at the Black Hat security conference.

“We’re going to need to continuously adapt the tools that we have with the people we have in order to face the threats and risks that businesses and society continue to face,” said McGladrey.

of a growing number of regulations, today’s CISOs and their team members are spending a lot more time responding to questions about their security programs. Providing answers — whether to internal compliance teams who need the information to fulfil legal obligations or external business partners who want assurances — is now an expected part of the modern security department’s responsibilities. Yet it’s not the most effective use of worker time. “It’s not only frustrating, but it also sucks up a lot of time,” says Kayne McGladrey, a senior member of the Institute of Electrical and Electronics Engineers (IEEE), a nonprofit professional association, and field CISO at Hyperproof. There are strategies for meeting security’s obligations to provide information without tying up CISOs and their teams too much, he and others say. McGladrey says automation is one such strategy, saying that “evidence of control operations should be automated, and evidence of effectiveness can also be automated.”

Cybersecurity expert Kayne McGladrey speaks about why AI cannot do what creative people can, and the important role of generative AI in SOCs.