Even software developers often lack formal security training, says Kayne McGladrey, director of information security services at Boulder, Colorado security consulting firm Integral Partners. And even those who do can face pressure to roll code out quickly from employers impatient to see new features and fixes in production, he says.
There’s quite a lot of optimism in Generation AI, the IEEE study of millennial parent’s attitudes about artificial intelligence. The findings of the study are evolutionary, not revolutionary, as views towards artificial intelligence have become more refined over the years. However, the optimism shown in this study pre-supposes that we can move past our current cybersecurity issues.
CIO Online interviewed me for this article about authentication and authorization for hybrid and private clouds.
I was interviewed by Network World for this piece on MFA.
You may need Google translate to read this First Financial article about the threats of MasterPrint.
Forget light switches and thermostat buttons in the office. IoT sensors can control when lights go on and off, as well as heating and cooling in the office. Lights can go on and off based on your location.
Spring cleaning is a tradition for millions of families, but most companies lack the same tradition when it comes to the long-term management of their Identity and Access Management (IAM) programs. This is not benign neglect, but rather an underlying fear that the IAM program resembles a shaky tower of cardboard boxes full with random stuff, sitting in the garage.
Cybersecurity threats are affecting consulting and professional service firms causing substantial losses. Kayne McGladrey (@kaynemcgladrey), an IEEE Member and professional services director, weighed in on how consulting firms can mitigate threats, keep client data safe and learn from current breaches.
Consulting firms can suffer irreparable damage to their reputation if they lose client data due to a cybersecurity incident. This article examines the current threat landscape and provides strategic guidance to prevent professional services firms from becoming the next breach statistic.
This article discusses how businesses can apply three fundamental best practices for adapting current security programs to mitigate insider threats as applications and data migrate to the cloud.
People are only able to detect lies about 50% of the time, but we tend to trust people we know when they request access by email. What does this mean for IAM, IGA, and PAM programs?
Interviews are inherently challenging and stressful for candidates, and everyone makes mistakes during an interview. Avoiding these seven common mistakes does not guarantee that a candidate will not advance to the second interview at a consulting firm; however, candidates who commit multiple of these (particularly concurrently) won’t be asked back.
Our fifteen-year legacy of organizations implementing the relevant regulatory standards and still suffering cyber security breaches has led forward-thinking organizations to focus on risk management rather than compliance for compliance’s sake.
This article will examine the costs and budgetary considerations for a new bad actor, lacking global resources, to set up a single privileged identity theft campaign to be able to launch insider attacks. The costs shown will assume corporate targets in the greater Seattle metropolitan area. This article will also briefly examine countermeasures.
The good news is that it is still possible to become an evil villain for an initial investment of under $1,500 USD, despite rising labor costs.