Thinkers360
Interested in getting your own thought leader profile? Get Started Today.

Kayne McGladrey

Director of Security and IT at Pensar

Bellingham, United States

22097 Followers

The modern company has an implicit social contract to protect the data entrusted to it. As a cybersecurity professional, my role is to advise companies on how to uphold that social contract by managing risks and deterring and denying threat actors. My consultative approach is the result of decades of experience working with Fortune 500 and Global 1000 companies.

The ability to fluently speak the languages of both business and technology and effectively communicate complex concepts to non-technical audiences has not only facilitated conversation with company leadership in developing and implementing effective policies to reduce cyber threat, it has made me the go-to person for multiple media outlets and a spokesperson for IEEE’s Public Visibility Initiative.

One of my career priorities is to inspire under-represented communities to pursue careers in cybersecurity. Talent is not limited by geography or background. Because I look beyond the usual circles for talent, trust their abilities, and have an eagerness to help people succeed, I have been able to build effective teams despite the continued challenges of low unemployment in cybersecurity careers.

Sample Initiatives:

? Transformational leadership: developed internal security teams, introduced risk management processes, improved disaster-recovery systems, implemented SOC II, PCI, HIPAA, SOX, New York Section 500, and more

? Spokesperson for IEEE’s Public Visibility Initiative and Keynote Speaker at top industry events, including IEEE Vision Innovation Challenges Summit 2019 and AT&T Business Summit 2018

? Media presence: USA Today, Cheddar TV, Dark Reading, Fast Company, CIO Online, Network World, Quartz news, IEEE Transmitter, Reader’s Digest; articles featured in Bloomberg, Insecure Magazine, ISSA Journal, Robotics Business Review; Article of the Year Award

? Development of company-wide cybersecurity educational programs for all staff

Available For: Influencing, Speaking
Travels From: Bellingham, WA
Speaking Topics: Cybersecurity, AI, IOT

Speaking Fee $500

Personal Speaking Website: www.kaynemcgladrey.com
Kayne McGladreyPoints
Academic20
Author82
Influencer357
Speaker33
Entrepreneur60
Total552

Points based upon Thinkers360 patent-pending algorithm.

Thought Leader Profile

Portfolio Mix

Featured Videos

Managing the Risks of the Internet of Things
September 07, 2019
Interview on Diversity and Cybersecurity
September 07, 2019

Featured Topics

Cybersecurity

I'm comfortable speaking to audiences about the social, ethical, business and technical aspects of cybersecurity.

Company Information

Company Type: Company
Last Media Training: 02/08/2017
Last Media Interview: 08/22/2019

Areas of Expertise

AI 36.25
Cybersecurity 77.06
Leadership 35.90
Business Strategy 30.39
Digital Transformation 31.32
IoT 48.40
Privacy 31.83
Culture 30.39
Mobility 31.22
Risk Management 49.18
Govtech 33.44
Autonomous Vehicles 33.68
Future of Work 30.76
Management 31.01
Cloud 32.82
Healthtech 34.12

Industry Experience

Aerospace & Defense
Automotive
Consumer Products
Financial Services & Banking
Healthcare
High Tech & Electronics
Higher Education & Research
Hospitality
Industrial Machinery & Compone
Insurance
Manufacturing
Oil & Gas
Pharmaceuticals
Professional Services
Retail
Telecommunications
Travel & Transportation
Utilities

Publications

1 Advisory Board Membership
Cyber Security Hub Advisory Board
Cyber Security Hub
October 07, 2019
· Working to increase the diversity of perspectives on enterprise cyber security challenges and opportunities.
· Dynamically responding to and anticipating the needs of the cyber security marketplace through unique and timely content.
· Serving as an “early explainer” to articulate “why” the subject matter is important to current practitioners and the next generation of cyber professionals.

See publication

Tags: Cybersecurity, IoT

22 Article/Blogs
3 Ways To Prepare Now For Future Endpoint Defense
CSHub
September 26, 2019
“The explosion of connected devices also requires re-thinking the protection mechanisms to apply to those endpoints,” says Kayne McGladrey, Director of Security and IT, Pensar Development. “Similarly, the widespread adoption of cloud-based services means that there’s no single network to protect.”

See publication

Tags: Cybersecurity, IoT

4 Cybersecurity Best Practices for Electrical Engineers
Dark Reading
September 24, 2019
Threat actors have increased their focus on supply chain attacks since 2017, with 73% of engineering firms reporting a supply chain attack in 2018. In the first quarter of 2019, Operation Shadowhammer was revealed to have compromised the software update mechanism of a major PC manufacturer. According to eSentire, 44% of firms have suffered a significant supply chain breach through a vendor.

These high-profile breaches have either been used to deploy ransomware or steal the intellectual property produced by engineers. As engineers create and access intellectual property such as CAD designs or manufacturing data, achieving persistence in an engineering firm gives a threat actor unparalleled insight into upcoming product designs and manufacturing processes.

Much of the media focus has been on the financial damage from supply chain breaches, the nation-state actors behind the breaches, and the ill-defined "supply chain" itself. But surprisingly, despite the overheated media coverage, most electrical engineering (EE) firms are not the targets of a bear, kitten, or panda, which are frequently cited as advanced persistent threat groups behind the attacks. Most EE firms are targeted by threat actors of opportunity because they have two necessary ingredients: people and computers. This article lays out four best practices for individual EEs to help protect their firms.

See publication

Tags: Cybersecurity

Changing The Course Of History Means Every Month Needs To Be Cyber Security Month
Cyber Security Hub
September 09, 2019
There’s a communications breakdown between those working in cyber security and those who are not. This failure to communicate is leading to the greatest transfer of wealth in history. People aren’t seeking actionable advice during “October is National Cyber Security Month”, and they’re tuning out of their mandatory corporate drop-ceiling one-hour cyber security training in the breakroom. Even though individuals are harmed, there’s the persistent belief that this must be someone else’s problem.

See publication

Tags: Cybersecurity

The Ethics Of The IoT: Are Engineers Failing To Speak Up?
CSHub
June 25, 2019
The overwhelming majority of IoT devices on the market are hot garbage that do not follow security best practices. Allowing consumers to use passwords that have appeared in breaches before makes it easy for threat actors to gain persistence on devices. Devices with no update mechanism means IoT devices become a perpetual threat once the first vulnerability is found. Most people have no way of knowing that their IoT sensor needs an update, so it’s unrealistic to shift the responsibility of software updates to consumers.

See publication

Tags: Cybersecurity, IoT

Securing IoT: Whose responsibility is it?
Tech Target
February 26, 2019
Enterprises and consumers alike are rewarding vendors that produce low-cost, insecure devices, such as $20 IP-based security cameras. It'd be easier for everyone if those consumers instead sent $20 to threat actors who will inevitably compromise those devices, as this would only be a $20 problem.

However, when threat actors conscript thousands of insecure IP-based security cameras into a botnet that can knock major brands off the internet -- such as what happened with the Mirai botnet attacks in the fall of 2016, it potentially becomes a multimillion-dollar problem that affects major markets and international relations.

See publication

Tags: Cybersecurity, IoT

How can a security automation tool help mitigate unknown threats?
Tech Target
January 25, 2019
Security automation tools help ease the deluge of alerts security teams receive, according to IEEE member Kayne McGladrey, letting them focus on more interesting aspects of IT security.

See publication

Tags: Cybersecurity, Risk Management

How do AI algorithms automate IoT threat detection?
IoT Agenda
January 09, 2019
IoT threat detection is about to get easier, thanks to the automating abilities of AI algorithms. But, as IEEE member Kayne McGladrey explains, it doesn't mean humans are out of the picture.

See publication

Tags: AI, Cybersecurity, IoT

How Awareness, Attention Can Improve Cyber Security
CS Hub
October 10, 2018
Besides working nights, I learned in my fifteen-minute conversation that Rosa volunteers at an elementary school. She’d met no one who worked in cyber security, and the kids she worked with hadn’t considered it as a career option. They wanted to be rappers, they wanted to be marine biologists; they didn’t know there was a high-paying position called “security operations center analyst.”

See publication

Tags: Cybersecurity

3 Cybersecurity Challenges for IIoT Devices in 2018
Robotics Business Review
September 25, 2018
As the clock ticks towards a massive and preventable cyberattack on IIoT devices, manufacturers and companies deploying them must address three challenges.

See publication

Tags: Cybersecurity, IoT

Budgetary Foresight: 3 Essential Cyber Security Programs For 2019
CSHub
July 16, 2018
The back-to-school sales circulars are arriving, a reminder that fall is on its way. For most organizations, fall also brings an annual budgetary exercise for which many mid-level managers and executives will be unprepared.

See publication

Tags: Cybersecurity

Video: Certification Campaigns (Core Identity and Access Management Part 8 of 8)
linkedin
July 11, 2018
In this last video in the series of 8 about Identity and Access Management, we will see how the process of certification in consulting works. IGA, a governance administration tool, will produce certification reports and should work with all the systems. The auditor will use the tool, and the tool will interrogate all the resources. All the logic and process for the campaign will be saved in this tool. This reduces the need to keep questioning participants constantly.

See publication

Tags: Cybersecurity

Video: Attestation Reporting (Core Identity and Access Management Part 7 of 8)
linkedin
June 27, 2018
Kayne McGladrey discusses Attestation Reporting in the seventh video in this series about Identity and Access Management. The goal of Attestation Reporting is to ensure that a user should have the access that has been requested and if not, being able to revoke that access.

See publication

Tags: Cybersecurity

3 Tips To Thwart Insider Attacks: An Essential Guide For Summer Travels
CS Hub
June 25, 2018
Dos And Dont's For Privileged Accounts

See publication

Tags: Cybersecurity

Video: Multi-Factor Authentication (Core Identity and Access Management Part 6 of 8)
linkedin
June 20, 2018
In this sixth episode of this 8 part series on Identity and Access Management, Kayne McGladrey reviews Multi-Factor Authentication (MFA). MFA can be used in many instances to ensure the identity of a person trying to access or approve items on your system. There are several different types of MFA that can be used, and this video discusses which ones are recommended or not and why. Several different scenarios are also presented to discuss when/why you want to have MFA set up to work with your Identity and Access Management and User and Entity Behavior Analysis systems. You will learn:

See publication

Tags: Cybersecurity

The 'Internet of Payments' puts ID security on the smartphone
Payments Source
May 29, 2018
When a "pay restroom" 100 miles from the nearest major city accepts frictionless mobile payments, stores that force buyers to wait a minute for a chip-and-PIN transaction seem dated, and cash-only transactions are inconvenient.

See publication

Tags: Cybersecurity

Three Preventative Measures for Cybersecurity Health-Care Disorders
Bloomberg Law
April 25, 2018
The regulatory environment for health-care organizations places a high value on personal health information, writes Kayne McGladrey of Integral Partners. However, the dark web market value of PHI has cratered, according to cybersecurity firm Flashpoint. A PHI record that sold for an average of $75 to $100 in 2015 would net $0.50 to $1 in 2017, he writes.

See publication

Tags: Cybersecurity

Two Easy Steps To Reduce And Detect Threats In A Cloud Environment
CS Hub
March 19, 2018
Although organizations believe the cloud to be inherently more secure, this two-step strategy will improve the security of cloud-based solutions for each organization. When combined with a larger cyber security program, these reduce the risks of a damaging breach.

See publication

Tags: Cloud, Cybersecurity

‘Cyber Security’s Not An Install Process’: Q&A With Kayne McGladrey
CS Hub
February 12, 2018
McGladrey, whose work focuses on identity and access management, leads a team that assists clients in multiple industries. The focus: insider and outsider threats on non-privileged or privileged credentials. McGladrey said that technology has matured so much, that overall cyber security is not about software installation.

See publication

Tags: Cybersecurity

‘It Comes Back To You’: Evaluating Third-Party Cyber Risk Management
CS Hub
February 07, 2018
Expanding on this, national cyber security expert and the Director of Information Security Services at Integral Partners, Kayne McGladrey, told the Cyber Security Hub that, “If you’re breached by a third party, nobody cares that it’s the third party’s fault. It comes back to you.”

He continued: “It’s your fault for not having adequate controls. And the single easiest third-party control is around onboarding and off-boarding third-party accounts.”

Even if you’re rotating passwords, monitoring privileged access, auditing, etc., McGladrey said you must know, empirically, who’s accessing your network.

See publication

Tags: Cybersecurity, Risk Management

Welcoming the robo-nannies
HP Enterprise
January 30, 2018
"Things that were unthinkable 10 years ago are being accepted as commonplace. And that trend will continue.”

See publication

Tags: AI, Cybersecurity

Five spring cleaning tips for your Identity and Access Management program
(IN)Secure Magazine by Helpnet Security
March 30, 2017
Spring cleaning is a tradition for millions of families, but most companies lack the same tradition when it comes to the long-term management of their Identity and Access Management (IAM) programs. This is not benign neglect, but rather an underlying fear that the IAM program resembles a shaky tower of cardboard boxes full with random stuff, sitting in the garage.

See publication

Tags: Cybersecurity

Three Lessons about Cloud Security from 1980s Horror Movies
ISSA Journal
March 10, 2017
This article discusses how businesses can apply three fundamental best practices for adapting current security programs to mitigate insider threats as applications and data migrate to the cloud.

See publication

Tags: Cloud, Cybersecurity

9 Coursewares
Cyber Threat Prevention for PSOs: Credential Stuffing (Part 1 of 8)
PSVillage
May 17, 2017
Credential Stuffing, unfortunately, is not a new attack rather an existing attack that the bad guys have found a way to operate at economies of scale. Credential stuffing is a type of automated...

See publication

Tags: Cybersecurity

Cyber Threat Prevention for PSOs: Provisioning and De-provisioning (Part 2 of 8)
PSVillage
May 17, 2017
In this second episode of our 8 part series, Kayne McGladrey will be discussing Provisioning and De-Provisioning. In general, provisioning means "providing" or making a resource available. De-...

See publication

Tags: Cybersecurity

Cyber Threat Prevention for PSOs: Identity and Access Management (Part 3 of 8)
PSVillage
May 17, 2017
In this third episode of our 8 part series, Kayne McGladrey will walk you through three primary Identity and Access Management (IAM) systems available for your end users to have access to your...

See publication

Tags: Cybersecurity

Cyber Threat Prevention for PSOs: Privileged Access Management (Part 4 of 8)
PSVillage
May 17, 2017
In this fourth episode of our 8 part series, Kayne McGladrey will cover Identity Access Management system and a specific resource when it comes to where your client files are stored, or your...

See publication

Tags: Cybersecurity

Cyber Threat Prevention for PSOs: User and Entity Behavior Analysis (Part 5 of 8)
PSVillage
May 17, 2017
When a hacker has intercepted your credentials and login information and attempts to use that information, an effective User and Entity Behavior Analysis (UEBA) solution can be what saves you from...

See publication

Tags: AI, Cybersecurity

Cyber Threat Prevention for PSOs: Multi-Factor Authentication (Part 6 of 8)
PSVillage
May 17, 2017
In this sixth episode of our 8 part series, Kayne McGladrey reviews Multi-Factor Authentication (MFA). MFA can be used in many instances to ensure the identity of a person trying to access or...

See publication

Tags: Cybersecurity

Cyber Threat Prevention for PSOs: Attestation Reporting (Part 7 of 8)
PSVillage
May 17, 2017
Kayne McGladrey discusses Attestation Reporting in the seventh video in this series. The goal of Attestation Reporting is to ensure that a user should have the access that has been requested and...

See publication

Tags: Cybersecurity

Cyber Threat Prevention for PSOs: Certification Campaigns (Part 8 of 8)
PSVillage
May 17, 2017
In this last video in the series of 8, We will see how the process of certification in consulting works. IGA, a governance administration tool, will produce certification reports and should work...

See publication

Tags: Cybersecurity

Fundamentals of Professional Services Management
UDemy
April 07, 2017
You can learn to manage a professional services firm in less time than it takes to fly from Seattle to London

See publication

Tags: Management

1 Founder
Include Cybersecurity
Include Cybersecurity
January 05, 2018
Include Cybersecurity is a non-profit organization dedicated to changing the face of cybersecurity professionals. As a co-founder alongside Carmen Marsh, I am responsible for helping to find volunteers and speakers, moderating panel discussions, social media outreach, fundraising, and establishing connections with the many underrepresented communities in cybersecurity.

See publication

Tags: Cybersecurity, Leadership

1 Influencer Award
ISSA Article of the Year 2017
ISSA Journal
January 08, 2018
ISSA International Article of the Year for 2017: Lessons about Cloud Security from 1980s Horror Movies

See publication

Tags: Cloud, Cybersecurity

4 Journal Publications
Passwords, Multi-Factor Authentication and Cybersecurity
IEEE Transmitter
April 16, 2018
Device location and user behavior can shed a lot more light on a login attempt, yet not all MFA solutions currently incorporate them, says McGladrey. If organizations switched to better access management systems, the cost to successfully infiltrate accounts would rise exponentially, barring “all but the best-funded nation-state actors and APTs.”

See publication

Tags: Cybersecurity

Why AI Could be Cybersecurity’s Next Big Thing
IEEE Transmitter
February 16, 2018
For many organizations, analysts in security operations centers spend their days sifting through hoards of log files for suspicious activity. The repetitive nature of this work makes AI an ideal replacement, says Kayne McGladrey, IEEE Member, Director of Information Security Services at Integral Partners (US): “Artificial intelligence has been shown to be good at pattern recognition and correlation over a vast number of data points, and can make connections faster than human analysts would.”

See publication

Tags: AI, Cybersecurity

Smart Office Controls
IEEE Transmitter
April 20, 2017
Forget light switches and thermostat buttons in the office. IoT sensors can control when lights go on and off, as well as heating and cooling in the office. Lights can go on and off based on your location.

See publication

Tags: Cybersecurity, IoT

Understanding Cybersecurity Breaches at Consulting Firms
IEEE Transmitter
March 30, 2017
Cybersecurity threats are affecting consulting and professional service firms causing substantial losses. Kayne McGladrey (@kaynemcgladrey), an IEEE Member and professional services director, weighed in on how consulting firms can mitigate threats, keep client data safe and learn from current breaches.

See publication

Tags: Cybersecurity

4 Keynotes
Cybersecurity Career Accelerator EXPO
Include Cybersecurity
December 01, 2018
The Cybersecurity Career Accelerator Expo 2018 program is an opportunity for anyone interested in cybersecurity to come receive – and share – useful and relevant information critical to launching – or advancing – a career in cybersecurity. This day-long symposium will be divided into two tracks with sessions designed to benefit novice, entry-level and advanced cybersecurity professionals. The content will be presented in a combination of lectures, workshops and expert panel formats.

Cybersecurity Career Accelerator Expo 2018 is part of the “Include Cybersecurity” initiative focusing on cybersecurity workforce development in the Sacramento Valley. Our mission is to spark interest within traditionally underrepresented groups in exploring an exciting and rewarding career in cybersecurity.

See publication

Tags: Cybersecurity

Cyber Security Workshop and Employment Opportunities
Worksource
November 05, 2018
Presentation to veterans on how to pursue careers in cyber security.

See publication

Tags: Cybersecurity

Include Cybersecurity Event 2018
Include Cybersecurity
September 06, 2018
Our panel discussion on September 6th, 2018 presents an opportunity for anyone interested in cybersecurity to learn firsthand from the experts what it takes to succeed. A significant portion of this event will be questions from the audience.

The panelists and speakers are passionate cybersecurity defenders. They are experts in the field and bring first-hand knowledge of what it’s like working as part of a cybersecurity team and how to take the first steps to join this growing community.

See publication

Tags: Cybersecurity, IoT

Cybersecurity workshop and job opportunities for veterans
Worksource Rainier
September 05, 2018
Presentation on how to get started in careers in cybersecurity for veterans

See publication

Tags: Cybersecurity

42 Media Interviews
Users are the target: How employees can be the strongest line of defense
SC Magazine
October 08, 2019
Recognizing that fact, Kayne McGladrey, director of security and information technology at Pensar Development, an engineering consultancy in Seattle, says continuously phishing end users is the best way to help them identify phishing and other potentially malicious content. “This continuous exposure [to phishing] should take a variety of forms, from email-based phishing to direct messages on social media.”

McGladrey says short, actionable, culturally relevant education initiatives on a regular schedule are recommended because “users don’t want to sleep through the mandatory ‘October is cybersecurity month,’ two-hour, PowerPoint presentations.”

Training modules should be short — five minutes or less — and sent out regularly. If possible, they should be tailored to an individual’s role in the organization, so that the finance department is receiving training about business email compromise (BEC) and identity validation procedures rather than the latest zero-day exploits, he says.

See publication

Tags: Cybersecurity

Yahoo porn hacking breach shows need for better security: 5 ways to protect your company
Tech Republic
October 02, 2019
Security expert Kayne McGladrey, who serves as director of security and IT at Pensar Development and is a member of the Institute of Electrical and Electronics Engineers, said companies need to add extra steps to everything.

"The company could choose to add friction, whether it's multi-factor authentication or an email link just to put a little additional scrutiny and raise the bar so it is materially more difficult for threat actors who have obtained someone's credentials to be able to reuse those," he said.

"The benefit of this strategy is that it applies universally. All of the automated attacks these days around credential stuffing and credential spraying do what the Yahoo hacker had done on a much larger scale. They get compromised credentials and test them across a whole bunch of websites using a distributed botnet."

See publication

Tags: Cybersecurity

Cyber Security Digital Summit Explores Who Owns Enterprise Security
Cyber Security Hub
October 02, 2019
A comprehensive information security program is a standard practice for every organization. In addition to securing company and employee data, organizations must also consider the privacy of their clients. For integrated design and manufacturing firm Pensar Development, clients need confidence that their intellectual property (IP) is only accessible to Pensar employees contributing to that specific project. The Seattle-based design firm is known for mechanical integration for medical devices and the enclosure design of gaming consoles among other client solutions.

Cyber Security Hub recently had the chance to speak with Pensar’s Director of Security Kayne McGladrey to learn about his approach to maintaining the confidentiality of both employee and client data.

In addition to his company security role, Kayne is an IEEE member, the professional engineers association often associated with developing technology standards. Members agree to a code of ethics to help people and society understand the social implications of emerging technologies. For his part, McGladrey is a spokesperson for cyber security and the broader technology to both industry and the general public. He is also proud of building a cyber security team at Pensar of entirely military veterans.

See publication

Tags: Cybersecurity

12 Signs Your Computer Has a Virus
Reader's Digest
September 06, 2019
“Viruses are most commonly spread through phishing, which is a technique of sending emails designed to prey on a person’s emotions to make them click a link or open a malicious attachment,” says Kayne McGladrey IEEE member and director of security and IT for Pensar Development. “Besides running up-to-date commercial antivirus software, the easiest way to avoid viruses is to pause before acting on messages. Get a cup of coffee, or at least get up and stretch, before deciding if the email is trying to manipulate your emotions through a sense of authority (someone impersonating your boss or a police officer), a sense of urgency (because of an artificial time constraint), or scarcity (supplies are limited, act now).” These are the same psychological techniques used by con artists since time immemorial, with the only difference being that con artists had to con one person at a time. “With email, social media, and text messages, threat actors can con thousands of people. No antivirus software is perfect, but pausing before acting can stop most of today’s viruses.”

See publication

Tags: Cybersecurity

Lack of cyber investment could spell trouble for smart cities: report
SC Magazine
August 22, 2019
For smart cities, investing in cyber defense means being able to support a cyber workforce capable of supporting their IoT initiatives. “We’ve seen many failures with widespread deployment of IoT devices, whether due to insecure authentication methods, static passwords, or a lack of centralized and automated patch distribution. As city governments look to the future.....

See publication

Tags: Cybersecurity, IoT

Intuitive, Cognitive Technologies Are Changing the Business and Its Workforce
CIO.com
July 17, 2019
The workforce of tomorrow still will be technically savvy, well-versed in machine learning and data science. Advanced machine learning skills will be important, but Kayne McGladrey (@kaynemcgladrey), Director of Security and Information Technology at Pensar Development, recommended that those looking for future employment also consider learning a programming language.

“The intent here is not to master it,” McGladrey explained, “but rather to gain an understanding and appreciation of how things work from the inside out. Employers are also looking for career stability so that they can invest in their people, so don’t hop from company to company on an annual basis.”

See publication

Tags: Business Strategy, Digital Transformation

How hackers used little-known credit-card feature to defraud Lansdale woman, $1.99 at a time
The Philadelphia Inquirer
June 13, 2019
“It’s low effort for them. Once they set up the subscription and unless the subscription is canceled, they don’t have to do any other work and they can resell access to that subscription," he said. "So it’s a guaranteed line of profit for them until somebody goes and notices there’s been a problem.”

Criminals typically resell access to the services on secondary markets, McGladrey said. Criminals may resell a streaming service that’s normally $10 per month for $5, netting the thieves $5 monthly. While a single crime is not that profitable, there have been cases where groups have reaped millions of dollars by charging small amounts to hundreds of thousands of consumers, he said.

See publication

Tags: Cybersecurity, Privacy

Successful Digital Transformation Begins with a Cultural Transformation
CIO.com
June 12, 2019
Kayne McGladrey (@kaynemcgladrey), Director of Security and Information Technology at Pensar Development, observed that IT leaders are recognizing that building and operating on-premises servers is not a competitive advantage.

“As part of the purchasing cycle they’re replacing outdated infrastructure with infrastructure as a service,” he said. “This gradual transition to the cloud lowers risks and makes disaster recovery simpler and more reliable than in past years. This strategy also significantly lowers the threats of a physical site compromise by threat actors.”

See publication

Tags: Culture, Cybersecurity, Digital Transformation

Prepping for the Data Deluge
CIO.com
May 22, 2019
Companies should pay special attention to consistent classification and labeling of data, as it’s one of the biggest hurdles to effective data governance. Setting default labels for new data (for example, dubbing them confidential) can ensure that policies and technical controls are applied consistently across the organization. This also frees up data creators from having to manually label all newly created information. “In that way, a data steward only needs to review data labels when that data is crossing a security barrier such as preparing a file to send to a client or third-party vendor,” notes Kayne McGladrey (@kaynemcgladrey), director of security and information technology at Pensar Development.

See publication

Tags: Cybersecurity, Digital Transformation

22 Red Flags Someone Is Spying on Your Phone
Reader's Digest
May 11, 2019
You receive a text message or an email notification from your mobile carrier about an account change you didn’t make and, thirty minutes later, your cell phone has no signal, even after a reboot. You can’t log into your email. You’re locked out of your bank account.

See publication

Tags: Cybersecurity, Privacy

CrowdStrike tackles BIOS attacks with new Falcon features
TechTarget.com
May 03, 2019
In the past few years, security researchers and advanced persistent threat actors have demonstrated attacks on the BIOS, said Kayne McGladrey, IEEE member and director of security and IT at Seattle-based Pensar Development.

These rare attacks can provide a persistent and hidden bridgehead into an enterprise network, McGladrey said.

See publication

Tags: Cybersecurity

5G and What it Means for Cybersecurity
bisinfotech.com
May 02, 2019
“Consumers should use the ‘guest’ network of their home Wi-Fi routers as a dedicated network for IoT devices, so if one of those devices were compromised, the threat actor can’t easily pivot to more valuable data.” That’s the case for newer devices, he says. “For older, cheap, IP-based security cameras and digital video recorders (DVRs), the easiest way to secure them is to recycle them responsibly as there often are no security updates available.” The ability to update devices over their lifetime is essential to security, and should factor into buying decisions, he says.

See publication

Tags: Cybersecurity, Mobility

Why security-IT alignment still fails
CSO Online
April 16, 2019
An organization that doesn’t understand or appreciate security won’t be able to adequately identify and prioritize risk, nor articulate its tolerance for those risks based on business goals and objectives, says Kayne McGladrey, director of security and IT for Pensar Development and a member of the professional association IEEE (The Institute of Electrical and Electronics Engineers).

“The CIO won’t see the business impact if there’s not a culture of risk mitigation,” McGladrey says. “A culture where security is seen as someone else’s problem will derail any conversation around security, so the biggest thing for CISOs is to make the conversation with CIOs around risk – not around technologies or shiny objects but around risks to the business.”

See publication

Tags: Cybersecurity, Leadership, Risk Management

DHS-led agency works to visualize, share cyber-risk information
Tech Target
April 09, 2019
Sharing information about threats can help boost overall cybersecurity by alerting others to those risks, as well as providing successful ways to counteract them, said Kayne McGladrey, national cybersecurity expert, director of security and information technology for Pensar Development, and member of the Institute of Electrical and Electronics Engineers.

"They could actually see a reduction in those threats that are commodity threats -- threats that are crimes of opportunity [vs. targeted attacks]," he said.

See publication

Tags: Cybersecurity, Govtech, Risk Management

Insider Threats: A Big Fear for Small Businesses
Security Boulevard
March 21, 2019
This goes hand in hand with the increasing number of vendors, solutions and buzzword technologies. There’s a fear that an SMB will buy the solution that solves a problem defined by a venture capitalist and not address a genuine threat to their business.

See publication

Tags: Cybersecurity

7 hot cybersecurity trends (and 4 going cold)
CSO Online
March 13, 2019
While we hope these points have brought into focus some of the evolving challenges in IT security, we also want to point out that certain best practices will continue to underpin how smart security pros approach problems, no matter what the flavor of the month is. "Enterprises are going back to the basics: patching, inventory management, password policies compliant with recent NIST directives," says Kayne McGladrey, IEEE Member and Director of Security and Information Technology at Pensar Development. "Enterprises are recognizing that it’s impossible to defend what can't be seen and that the easiest wins are to keep systems up to date and to protect against credential stuffing attacks."

See publication

Tags: Cybersecurity

6 Strategies for Transitioning to a Digital World
CIO.com
March 12, 2019
“Identify those elements of your business that are core competitive differentiators,” says Kayne McGladrey, Director of Security and Information Technology. “Focus on improving those. If accounting, cybersecurity, legal affairs, or marketing is not core to your organizational identity, then plan to migrate away from your legacy systems and processes in those areas. Organizations can then focus their limited time and resources on improving what they do well, and what customers value most about those organizations.”

See publication

Tags: Cybersecurity

6 Questions to Ask While Buying a Connected Car
Dark Reading
March 06, 2019
"People need to ask the car companies where they stand on security," says Kayne McGladrey, director of security and IT at Pensar Development and an IEEE member, who cites companies such as Apple and Google, which have made strong public statements on these matters.

When asked if the car companies have followed suit, McGladrey says, "Not really."

See publication

Tags: Autonomous Vehicles, Cybersecurity

How AI cybersecurity thwarts attacks -- and how hackers fight back
Tech Target
February 19, 2019
"If the end user logs on from Seattle, where their mobile phone and laptop is, a connection from New York would be unusual," McGladrey explained. "It is also possible to note the typing style and speed of a user and use that biometric signature to determine if the user is legitimate. These data [points] make it more difficult for a threat actor to operate silently in the environment."

See publication

Tags: AI, Cybersecurity

6 Tips for Conducting a Digital Literacy Assessment
CMS Wire
January 29, 2019
An assessment of digital literacy isn’t a one-time event in an organization, according to McGladrey. “This is a continuous cycle for businesses to assess how employees use the tools provided, how they process information, how they’re creating content, and their critical thinking skills,” McGladrey said. And don't make this a class that's going to drag people down and eat most of their day, he added. “This continuous assessment process should be buttressed by brief just-in-time learning opportunities. No one wants to sit down for a four-hour digital literacy class for things they do know if they can instead get a five-minute tutorial on a new topic or technique they can apply to their current work.”

See publication

Tags: Digital Transformation, Future of Work

Navigating the Rocky Road of Data-Driven Insights
CIO
January 08, 2019
It’s no longer enough to have a Security Information and Even Management (SIEM) system or layer in commercial threat data, deploy a deception system, or prioritize assets--there’s simply no one-size-fits-all security solution. “This is still more art than science,” says Kayne McGladrey (@kaynemcgladrey), a director of security and information technology. “An effective solution needs to incorporate elements of all of those products or solutions to create meaningful and actionable intelligence.”

See publication

Tags: Cybersecurity

Beware the holiday ‘smart toys’ that spy on your kids
The Philadelphia Inquirer
December 04, 2018
Smart toys seemingly come to life utilizing “Internet of Things” [IoT] technology that has wirelessly connected coffeemakers, thermostats, and yes, toilets. But smart toys have proven to be particularly vulnerable to cyber attacks. Manufacturers try to keep toy prices low and lack an incentive to add reasonable security mechanisms, said Kayne McGladrey, member of the Institute of Electrical and Electronics Engineers, the world’s largest technical professional organization

See publication

Tags: Cybersecurity, IoT

How to Make Data More Accessible at All Levels With Access Controls and Strong Governance
CIO
December 03, 2018
What’s needed is “an effective provisioning and de-provisioning system that defines rules for what users can do with data and provides quick auditing of who granted access to the data. There needs to be training around the approval process for granting and revoking access to data; otherwise, organizations risk compliance fatigue and start rubber-stamping all the access requests.”

See publication

Tags: Cybersecurity, Risk Management

Member Spotlight: Kayne McGladrey, Director Of Security And IT, Pensar Development
CSHub
November 05, 2018
Kayne McGladrey is a national cyber security expert helping clients develop proactive risk-based security programs. He's the Director of Security and IT for Pensar Development and has 20+ years of experience, including 10 years in blending information technology and management acumen to cultivate and build best practices within the Professional Services team. He’s a frequent contributor to Cyber Security Hub with valued content you can access here. He took a few minutes out of his busy day to answer 5 questions for Cyber Security Hub's “Member Spotlight” series.

See publication

Tags: Cybersecurity, Leadership

Q&A: Security Thought Leaders Discuss Certs, SMEs & Hiring Process
CSHub
October 19, 2018
One way to combat that involves grassroots efforts to boost the ranks. But do security teams search for qualified, seasoned experts, and do they look for specialization or the proverbial “generalist” who can cover many corners of the cyber space? It is an ongoing debate in the industry, and today, we’ve brought together two security thought leaders to provide their take. We sat down with Kayne McGladrey, Co-Founder and Spokesperson, Include Security, and Rebecca Wynn, Head of Information Security and Data Protection Officer (DPO), Senior Director, Matrix Medical Network.

See publication

Tags: Cybersecurity

The IT exec's reading list
HP Enterprise
October 16, 2018
For creative direction on hiring, Kayne McGladrey, co-founder of Include Cybersecurity, turned to "Who," by Geoff Smart and Randy Street. “This is a book I consistently recommend to all managers and directors who are responsible for hiring personnel, in that it defines a consistent and repeatable technique for identifying and hiring high-performing candidates,” McGladrey says. “When I started as a manager, I followed a lot of the pseudo-science that I’d seen from prior managers and found it wasn’t reliable advice.”

See publication

Tags: Leadership, Management

The Future Workspace: Secure and Collaborative
CIO
October 03, 2018
“The most essential technology for tomorrow’s workspace is a reliable and agreed-upon primary communications technology, with a backup,” says Kayne McGladrey (@kaynemcgladrey), director of Security and IT at Pensar Development. “As organizations recognize the benefits of remote work for employees and contractors, they still need to reach people quickly.”

See publication

Tags: Cybersecurity, Future of Work

How is Hybrid Cloud helping to accelerate innovation? Let’s count the ways.
CIO
September 19, 2018
"Hybrid cloud solutions can help organizations deploy cybersecurity solutions faster, without deploying additional infrastructure or spending staff hours on software and platform updates,” said Kayne McGladrey (@kaynemcgladrey), director of security and IT at Pensar Development. “This will help organizations to deploy innovative solutions rapidly such as deception technologies, which can reduce the ‘dwell time’ associated with breaches.”

See publication

Tags: Cloud, Cybersecurity

Certifications A Part Of ‘Vicious Circle’ In Cyber Security Space?
CS Hub
September 06, 2018
“This (factors into) the broader economic outlook,” McGladrey told the Cyber Security Hub. “If the economy is thriving and people are considering asking for a raise, they may pursue a new certification. If they do not receive the raise, they may mentally justify the time spent by putting the certification on their resume and searching for new openings.”

See publication

Tags: Cybersecurity

AI in cybersecurity: what works and what doesn't
CSO
August 15, 2018
Kayne McGladrey, IEEE member, gave this advice: "Evaluate an AI-based security solution by standing up in a lab, alongside a replica of your environment. Then contract a reputable external red team to repeatedly attempt to breach the environment."

See publication

Tags: AI, Cybersecurity

IoT, Cloud, or Mobile: All Ripe for Exploit and Need Security’s Attention
CSO
April 17, 2018
“IoT security remains one of the most challenging security vulnerabilities to businesses and consumers,” says Kayne McGladrey (@kaynemcgladrey), Director of Information Security Services at Integral Partners. “The Mirai and Reaper botnets are results of threat actors leveraging poor security controls on IoT devices, building attack infrastructure out of those devices, and using that stolen infrastructure to attack organizations. Organizations purchasing IoT/IIoT devices should treat them the same as any other endpoint device connecting to the corporate network.”

See publication

Tags: Cybersecurity, IoT

Cybersecurity experts talk about the digital world
AT&T
April 16, 2018
“Administrative passwords — they're sort of interesting," McGladrey says. "If you can get an application’s password, that's what got us to the Panama Papers a few years ago, where the third-party attacker was able to compromise the WordPress password, which, because of poor password storage technologies, happened to be the same as their database password.

"All of a sudden we got — three terabytes or something like that; it was something absurd — of ex-filtrated client data. The prime minister of Iceland got in a little bit of trouble about that, as well as people like Jackie Chan, all because the organization didn't have a good mentality around rotating the passwords that were associated with apps. That problem transitions. It's not a technology problem. It's a cultural problem. And it transitions, regardless of environment.”

See publication

Tags: AI, Cybersecurity

USA Today: Cool cyber jobs
USA Today
April 13, 2018
Cybersecurity is a game of cat and mouse. As a threat hunter, you're the cat. "This role is close to that of a field biologist, as the threat hunter observes their prey - third party attackers - in the wild," says Kayne McGladrey, director of information security services at Integral Partners, a cybersecurity firm whose specialty is identity and access management, and a member of the Institute of Electrical and Electronics Engineers. "Threat hunters set traps and snares that appeal to (cybercriminals) and lead to fake computers where the threat hunter can monitor an attacker's behavior before shutting down the breach."

See publication

Tags: AI, Cybersecurity

Health IT Infrastructure Necessities for AI Cybersecurity
CIO Review
April 10, 2018
According to IEEE Member and Integral Partners Director of Information Security Services, Kayne McGladrey, healthcare sectors embody “Lean IT” as they are not in the cybersecurity line of business.

See publication

Tags: AI, Cybersecurity

The future of enterprise IoT
Network World
April 09, 2018
On a more explicitly enterprise level, “IoT technologies that have a rapid return on investment (ROI) are the most likely to take off first, and that means “reducing costs through automation,” said Kayne McGladrey, IEEE Member.

See publication

Tags: AI, Cybersecurity

Health IT Infrastructure Requirements for AI Cybersecurity
HIT Infrastructure
March 18, 2018
“There are too few defenders to collect, process, and analyze the overwhelming amount of available data to produce threat intelligence,” McGladrey told HITInfrastruture.com. “The promise of machine learning is to allow computers to do what they do well, in automating the collection and processing of indicators of compromise, and analyzing those data against both known and emerging threats.”

See publication

Tags: AI, Cybersecurity, Healthtech

What Are the Implications of Meltdown and Spectre for IoT?
DZone
January 16, 2018
"Patching is a reactive strategy, and there are a couple of challenges that have led us to the current situation. One of those challenges is that the market has rewarded companies that develop and produce products rapidly, and the market has shown a willingness to accept post-release patching as an acceptable trade-off. As a result, developers and architects are rewarded by their employers for producing code and architecture very quickly with less thought given to cybersecurity.

"The other significant challenge is that the cybersecurity community is generally homogenous. We have a diversity problem when just 11% of women work in cybersecurity. This lack of diversity in backgrounds and life experiences has influenced the analytic methodologies that are used to evaluate potential security issues with products. This lack of diversity of thought has led to the unfortunate set of expectations that breaches are inevitable, and this situation will continue until the cybersecurity industry does a better job of including diverse voices and opinions in the global conversation about security."

See publication

Tags: Cybersecurity, IoT

How to Adopt a Human-Centric Approach to Security
CSO
January 10, 2018
“Organizations should focus on defining a least-privilege security model for each permanent or temporary role a user may inhabit, and then apply those roles to every device, server, and service that an individual may interact with over the course of each day,” says Kayne McGladrey (@kaynemcgladrey), Director of Information Security Services at Integral Partners.

“Organizations need to move past the quaint but antiquated concept of a network perimeter and recognize that the only measurable unit of security is the individual. Individuals include employees, project team members, contractors, third-party service providers, customers, prospects, and guests at a minimum. “

See publication

Tags: Cybersecurity

3 Tips to Reduce Cybersecurity Gaps
CS Hub
November 03, 2017
“Organizations should focus first on protecting heartbeat user identities with strong identity governance, multifactor authentication and privileged command escalation roles,” says Kayne McGladrey (@kaynemcgladrey), director of information security services at Integral Partners.“Nonheartbeat users, such as service accounts and shared accounts, require protection levels that include vaulting and automatic password rotation, on a defined schedule.”

See publication

Tags: Cybersecurity

Are You Doing All You Can to Protect Your Confidential Documents?
CSO Online
September 30, 2017
Kayne McGladrey (@kaynemcgladrey), director of information security services at Integral Partners, notes that, for several years, we’ve been hearing predictions about millions of Internet of Things (IoT) devices with poor security joining networks and providing an easy attack vector for third parties.

“Printers are a culturally trusted technology because they’re perceived as not being new,” he says. “However, this doesn’t mean that modern organizations should not consider printers separately from a comprehensive strategy for the IoT.”

See publication

Tags: Cybersecurity, IoT

For travelers, chatbots and AI can't quite take you there
USA Today
August 27, 2017
"It can replace some of the simpler tasks," explains Kayne McGladrey, a computer security consultant in Bellingham, Wash. AI can help plan trips, recommend the least agonizing flight itineraries and handle some of the easier tasks handled by a hotel concierge, like recommending restaurants.

See publication

Tags: AI

The Scary Reason Companies Like Verizon Keep Blowing Your Digital Privacy
Fast Company
July 17, 2017
Even software developers often lack formal security training, says Kayne McGladrey, director of information security services at Boulder, Colorado security consulting firm Integral Partners. And even those who do can face pressure to roll code out quickly from employers impatient to see new features and fixes in production, he says.

See publication

Tags: Cybersecurity, Privacy

4 Panels
Panel Discussion: Who is responsible for Cyber Security in the enterprise?
Cyber Security Hub
November 13, 2019
Cyber Security is still primarily seen as an ‘IT issue’ and this often means that security often gets “bolted on” rather than embedded in a company’s ecosystem. In this panel discussion, discover why everyone within the business is responsible for Cyber Security and how to educate the enterprise on safeguarding customer data.

Key takeaways
- Improve security by creating a culture of healthy suspicion
- Encourage the executive board to communicate policies
- Ensure best practice is maintained throughout your business

See publication

Tags: Cybersecurity

Diversity of Mindset: Why It’s Not Just About Gender, Race, or Age
AT&T
September 27, 2018
Panel discussion about diversity and inclusion programs for cybersecurity

See publication

Tags: Cybersecurity, Leadership

Future of the Security Operations Center
AT&T
September 26, 2018
Panel discussion on the evolving role of the SOC

See publication

Tags: AI, Cybersecurity

The benefits of hiring veterans
Colorado Small Business Development Center
February 15, 2017
Panel discussion in Colorado Springs, CO on the benefits of hiring veterans for cybersecurity roles

See publication

Tags: Cybersecurity

4 Podcasts
The Ultimate Cyber Conversation with the CyberHub Engage Podcast
Cyberhub Engage
July 17, 2019
Join host James Azar and me as we talk about workforce development, diversity, the Internet of Things, and the role of government in technology.

See publication

Tags: Cybersecurity

Cybersecurity Briefing for Senior Executives With Kayne McGladrey: #AskTheCEO Episode 63
#AskTheCEO
August 16, 2018
[01:23] What are the most pressing Cyber threats to businesses?

[03:30] Why is diversity, and hiring more women, so important for Cybersecurity?

[07:54] Why do cybercriminals go after our data?

[24:11] With cybercriminals spoofing GPS signals, how concerned should we be about them redirecting self-driving cars?

[25:21] What's next in Cybersecurity and Cybercrime?

See publication

Tags: Cybersecurity

The Future is Now: Podcast
Aurora IT
February 27, 2018
The team at Aurora IT interviewed me for a feature-length podcast on cybersecurity. Listen to hear about third-party attacker tactics, managing cyber risk, multi-factor authentication, and why a lack of diversity is a threat to public safety.

See publication

Tags: Cybersecurity, Risk Management

Episode 20 - Interview with Kayne McGladrey on Multi-Factor Authentication
Insider Threat Podcast
October 02, 2017
We made it to 20 episodes! I know some people don't like it when you talk about milestones like this, but I'm doubly excited for this one because I finally get to publish my interview with Kayne McGladrey from Integral Partners. I know many of your have been scrambling to finish up the quarter or fiscal year, depending on your industry, so hopefully this will give you an opportunity to sit back, relax, and listen to the excellent information that Kayne provided.

See publication

Tags: Cybersecurity

3 Speaking Engagements
Cyber security for Bellingham families and neighborhoods
Eventbrite
October 13, 2019
Americans are buying and installing smart speakers, virtual assistants, smart electrical plugs, smart garage door openers, smart light bulbs and connected children's toys at an unprecedented rate. We know to lock the physical doors to our homes, but fewer people appreciate how smart devices can act like unlocked doors for cyber criminals into our homes, our social networks, and our bank accounts.

The lack of communications and understanding between professionals who work in cyber security and their neighbors who don't is one of the reasons cyber crime has grown for fifteen years. There are simple things we can each do to protect our families against the risks to our privacy and security.

In this session, you'll learn:

- how cyber criminals hack into smart devices, bank accounts, and cloud services

- two easy ways you can protect your family's accounts

This session includes a live hacking demo, so please bring your mobile phone (Android or Apple) if you’d like to participate. This is not a sponsored event and there is no cost. Any solutions recommended will be free, and there will be time for questions at the end of the presentation.

See publication

Tags: Cybersecurity, IoT

IoT & Ethical Obligations of Engineers
Whatcom IT Professionals Meetup
July 05, 2019
Presentation to the Whatcom County IT Professionals Meetup

See publication

Tags: Cybersecurity

Managing the Risks of the Internet of Things
IEEE
June 01, 2019
Full video of my presentation on Managing the Risks of the Future Internet of Things at the 2019 IEEE VICS in San Diego, CA.

See publication

Tags: Cybersecurity, IoT

3 Videos
Interview on diversity and security
AT&TT
October 26, 2018
Last month at the #ATTBizSummit, Javvad Malik and I talked about increasing diversity in cybersecurity, and I unveiled my secret weapon for tweets. (Spoiler: she's 11).

See publication

Tags: Cybersecurity

Threat Hunters, Multi-factor Authentication and Mental Agility
IEEE Spectrum
March 27, 2018
Cybersecurity in a Hyperconnected World: By Kayne McGladrey, IEEE Member, and Stephen Cass, IEEE Spectrum Senior Editor, part two

See publication

Tags: Cybersecurity

Running Away From Zombies and Better Protecting Infrastructures
IEEE Spectrum
March 27, 2018
Cybersecurity in a Hyperconnected World: By Kayne McGladrey, IEEE Member, and Stephen Cass, IEEE Spectrum Senior Editor, part one

See publication

Tags: Cybersecurity

4 Whitepapers
Market Report: Cutting-Edge Defense Tactics For Network Endpoints
Cyber Security Hub
September 23, 2019
Data has historically been contained to the computing devices that accessed it within the enterprise campus perimeter. The traditional network endpoint was isolated to desktop PCs, laptop computers and most server components that attached to the organization’s network. In recent years, a dramatic increase in mobile devices has broadened the endpoint definition. Mobile devices require access to a company’s data anytime and from anywhere. With the addition of always-connected, sensor-powered Internet of Things (IoT) devices, the range of endpoints can now include everything from IP cameras to smart vending machines to biomedical devices.

The original definition still holds true to this day; however, the presence of more sophisticated devices requesting an IP address from the network, and often without a user interface, also suggests that the approach to endpoint defense must change. Bi-directional communications means the endpoint can be an entry point into a network or application. What does the device need to communicate with? Does it require internet connectivity? Does a device with an embedded OS provide some form of protection?

See publication

Tags: Cybersecurity

The Phishing Phenomenon: How To Keep Your Head Above Water
CSHub
January 30, 2019
Phishing is the lowest cost way for a threat actor to gain access to an organization’s network and assets, according to Kayne McGladrey, an IEEE member and director of Security and IT at Pensar Development. “While it might be fashionable to worry about the latest zero-day, or shadowy nation-state threat actors developing crippling remote exploits, the fact is that it’s cheaper to ask users for their passwords.”

The fact that nearly a billion people had their personal information exposed in November 2018 “has further helped threat actors to develop more compelling and targeted phishing content,’’ McGladrey adds.

See publication

Tags: Cybersecurity, Risk Management

Charting a new course: AT&T Cybersecurity report volume 8
AT&T
October 31, 2018
“Organizations that don’t have cybersecurity as a core business differentiator, or as a core business function, are often struggling to adapt modern cybersecurity practices,” says Kayne McGladrey, Director of Security and IT at Pensar Development.

See publication

Tags: Cybersecurity

AT&T Cybersecurity Insights, Vol. 7
AT&T
April 16, 2018
Migration is a transformative process, which means it needs the full backing of the C-suite. Kayne McGladrey, Director of Information Security Services for Integral Partners, LLC, says it is vital to offer “an effective presentation to the board about the benefits and challenges associated with
the migration, and it has to have a narrative. You have to find stories of success and failure inside
of your industry in order to present the full picture to the board.”

“There are many lessons that the enterprise will learn through piloting—whether it’s identified
security risks, user communication risks, or education risks—all of which provide future guidance,” says Kayne McGladrey, Director of Information Security Services for Integral Partners LLC. “By the time you get to the harder transition elements, including full infrastructure rollout, you’ve already sorted through the main issues, thanks to your pilot-based learning journey.”

See publication

Tags: Cybersecurity, Risk Management

Blog

Opportunities

1 Media Interview - Print/Online
Media source for expertise on Ai, cybersecurity, IoT

Location: Virtual    Date Required: September 07th, 2019    Payment: 0

Submission Date: September 07th, 2019    Service Type: Service Needed

As a CISSP I have an ethical responsibility to help educate the public about cybersecurity issues, and have been featured in Reader's Digest, USA Today, Fast Company, the Philadelphia Inquirer, Dark Reading, Cyber Security Hub, CIO.com, Robotics Business Review, The Institute, and more. Please contact me via email if you need a source for a story, an alternate perspective, or a longer-form piece. It'd be favorite if I had at least a day to reply.

Respond to this opportunity

Contact Kayne McGladrey

Media Kit

Share Profile

Contact Info

  Profile

Kayne McGladrey