Kayne McGladrey is a national cyber security expert helping clients develop proactive risk-based security programs. He's the Director of Security and IT for Pensar Development and has 20+ years of experience, including 10 years in blending information technology and management acumen to cultivate and build best practices within the Professional Services team. He’s a frequent contributor to Cyber Security Hub with valued content you can access here. He took a few minutes out of his busy day to answer 5 questions for Cyber Security Hub's “Member Spotlight” series.
1.) What’s the coolest thing you are working on right now?
Building a cybersecurity program based on agreed-upon definitions of risk and stack ranked threats, rather than on shiny objects and someone else’s threat actors. It’s a rare pleasure to have a green field and comprehensively create new policies, procedures, and integrate specific tools.
2.) What is the greatest technology invented in the last 10 years, and why?
Integration of analytics with user and entity behavior analysis telemetry. The ability to defend against credential stuffing/password stuffing attacks based on known good patterns for individual users and cohorts significantly increases the difficulty for threat actors to compromise accounts in bulk.
3.) What’s the most ‘useless’ fact you know?
The earliest recorded use of the word “badger” for the animal was in 1523.
4.) What is your favorite way to spend free time?
Board sports and board games. My current commuter vehicle is a OneWheel+ XR, and I’m looking forward to 2’ of fresh powder at Mt. Baker on my swallowtail snowboard. I also host a bi-monthly Meetup for board gamers.
5.) What is your biggest fear?
That we’ve missed the crux of cybersecurity and that the situation won’t change until we incorporate views from the under-represented communities in our industry. I cringe when I hear an expert use the term “bad guy” and there’s an accompanying image of a man in a hoodie. Consider a single mother in a country without an extradition agreement working in a ransomware call center to support her family. Not only has the use of a stereotype discouraged talented people from considering cybersecurity careers, but we’ve also missed an opportunity to talk about the underlying challenge of economic disparity in an environment where it’s more effective for that mother to work for the threat actors. Until we change how we talk and think about cybersecurity, I fear it’s like the Alcoholics Anonymous definition of insanity: doing the same thing and expecting a different result.