Gartner estimates that 63% of all IAM products will be thrown out in the next two years as the ‘requirements have changed’ since the date of original purchase. The challenge for new and existing IAM programs is to establish and maintain a strong justification for the program’s continued existence. One retail client recognized this potential risk to their IAM program and took a novel approach to clearly illustrating the benefits of an IAM program.
“Organizations should focus first on protecting heartbeat user identities with strong identity governance, multifactor authentication and privileged command escalation roles,” says Kayne McGladrey (@kaynemcgladrey), director of information security services at Integral Partners.“Nonheartbeat users, such as service accounts and shared accounts, require protection levels that include vaulting and automatic password rotation, on a defined schedule.”
Taking these three actions immediately — investing in both cyber liability insurance and cybersecurity, investing in a trusted consulting firm, and getting people emotionally invested in cybersecurity training — will not prevent the next breach. However, these actions make it exponentially more expensive for criminals to breach your organization and are the socially responsible course of action to protect both your organization’s reputation and the public.
A 2016 American Bar Association survey showed that more than 25% of law firms had at least one data security breach in that year. In the spring of 2017, the Association of Corporate Counsel (“ACC”) released their Model Information Protection and Security Controls for Outside Counsel Possessing Company Confidential Information (“Model ”). The Model provides best practices for data security that outside counsel should use to safeguard their company’s confidential information.
This webinar will show how outside counsel can best implement the ACC’s recommendations to avoid a potentially catastrophic data security breach. Instead of focusing on the easy and self-evident solutions to sections 3, 4, 7, and 8 of the Model, this presentation will focus on the areas where external counsel is most likely to encounter difficulties.
We made it to 20 episodes! I know some people don't like it when you talk about milestones like this, but I'm doubly excited for this one because I finally get to publish my interview with Kayne McGladrey from Integral Partners. I know many of your have been scrambling to finish up the quarter or fiscal year, depending on your industry, so hopefully this will give you an opportunity to sit back, relax, and listen to the excellent information that Kayne provided.
Kayne McGladrey (@kaynemcgladrey), director of information security services at Integral Partners, notes that, for several years, we’ve been hearing predictions about millions of Internet of Things (IoT) devices with poor security joining networks and providing an easy attack vector for third parties.
“Printers are a culturally trusted technology because they’re perceived as not being new,” he says. “However, this doesn’t mean that modern organizations should not consider printers separately from a comprehensive strategy for the IoT.”
This is a breach that will live with Americans for decades as we cannot change our social security numbers. It is unconscionable and irresponsible to offer a meager year of a service that will tell consumers that their identities have been stolen and misused by criminals. It’s then up to the consumers to sort it out.
Here are three things that you can do today to prevent this breach from affecting you and your family.
"It can replace some of the simpler tasks," explains Kayne McGladrey, a computer security consultant in Bellingham, Wash. AI can help plan trips, recommend the least agonizing flight itineraries and handle some of the easier tasks handled by a hotel concierge, like recommending restaurants.
Do you feel like you are overwhelmed trying to run your business while defending against the latest cyber threats? Join Kayne McGladrey, speaker, author and Director of Information Security Services for Integral Partners (http://www.ipllc.co) for our upcoming presentation on taking a proactive, risk-oriented approach to cyber security for individual consultants and small businesses.
Kayne will discuss:
- Why you should manage risks based on user identity instead of chasing the latest threats
- How individual consultants can protect themselves
- A vendor-neutral reference architecture for cyber security at small businesses
We will have time for Q&A at the end of the presentation.
When planning any migration or deployment of new technology, businesses should carefully consider the best way to communicate the intent and need of the new technology to those users affected by it, as well as to those who work in supporting roles. This article will examine the effects of communication (and lack thereof) on two different client projects.
Skip to 1:10:00 for my live interview on Cheddar about Generation AI
Even software developers often lack formal security training, says Kayne McGladrey, director of information security services at Boulder, Colorado security consulting firm Integral Partners. And even those who do can face pressure to roll code out quickly from employers impatient to see new features and fixes in production, he says.
There’s quite a lot of optimism in Generation AI, the IEEE study of millennial parent’s attitudes about artificial intelligence. The findings of the study are evolutionary, not revolutionary, as views towards artificial intelligence have become more refined over the years. However, the optimism shown in this study pre-supposes that we can move past our current cybersecurity issues.
