Author Archives: mclaukl

About mclaukl

Professional Certifications - Certified CISO, CISM, CISSP, PMP, ITIL Master Certified, GIAC Security Leadership Certificate (GSLC), CRISC. Kevin also holds Certificates in the Advanced Principles of Information Security and in Advanced Information Security Research Methods from Jones International University. Kevin L. McLaughlin began his career as a Special Agent for the Department of Army. He was responsible for investigating Felony crimes around the globe. He has had many careers over the years, including being a Police Officer in Kissimmee Florida, an Investigator for Mastercard/Visa, a Middle School teacher, a Director at Kennedy Space Center (where he worked with Fred Hayes, James Lovell, Armstrong, Sheppard, etc.), the President of his own company, an IT Manager and Senior Information Security manager with the Procter & Gamble (P&G) company (fortune 35), a CISO at the University of Cincinnati and a Senior Information System Security Manager for the Whirlpool Corporation (fortune 125). Kevin has also been an adjunct since 1992. While at P&G Kevin created one of P&G’s augmentation outsourcing teams in India. Kevin designed and implemented this India team and it won a global Gold Service award from Atos-Origin and has acted as a model for countless corporate relationships since. Over the years Kevin has: created an Information Security program conducted Information Security Strategic planning designed Information Security solutions, investigated over 700 Cyber cases and operated a Global Security Operations Center. • Education - MS in Computer Science Education, BS in Management of Information Systems * PhD in Cyber Security, University of Fairfax

I just read an article on LinkedIn about the negative impact caused by the recent Home Depot breach. Here are my thoughts about how all the 2014 breaches should change some C level and Information Security paradigms. These could cause a major … Continue reading

Posted on November 29, 2014 by mclaukl | Leave a comment

The Insider Threat is Alive and Well – a summary taken directly from Raytheon’s How to Build an Insider Threat Program (2014) …

Posted on November 4, 2014 by mclaukl

Aspects of human nature further complicate matters: Well-intended managers resist any notions of “their people” doing “bad things.” They screened them. They hired them. They work with them side-by-side and – if they’re good bosses – have developed a genuine interest … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , | Leave a comment

Just a Random Thought After an Information Technology (IT) Meeting

Posted on October 31, 2014 by mclaukl

It is not the job of IT operational support staff to eliminate 100% of failures across the corporate infrastructure. (cost would be too high) It is ITs job to manage failures so that they stay within the levels of operation … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , | Leave a comment

A day in the life of a senior Cyber Security Incident Responder

Posted on October 21, 2014 by mclaukl

  The day was proving to be an exciting one for team Havoc, the Company’s cyber Red Team, as the L2 report he had just read showed that 4 of the core company servers were vulnerable to a very common … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , | Leave a comment

What’s It Going to Take to Have Cyber Security?

Posted on October 4, 2014 by mclaukl

Written by- Kevin L. and Kody T. McLaughlin If you are a Cyber Security professional do you get as mad as I do when you read and hear over and over again that Cyber Security professionals don’t have enough talent, … Continue reading

Posted in Uncategorized | Leave a comment

The Cyber Security CIA explained via Calvin and Hobbes

Posted on September 3, 2014 by mclaukl

Leave it to my son Kody, who is starting his Cyber Security career to come up with this novel way to explain the CIA triad for Cyber Security. In InfoSec terms, CIA refers to Confidentiality, Integrity, and Availability. To illustrate … Continue reading

Posted in Uncategorized | Tagged , , , , , , , | Leave a comment

Compliance does not Equal Security

Posted on March 13, 2014 by mclaukl

When I read items like this: Agarwal said NoMoreRack is now in the process of certifying itself this time as a Tier-1 merchant, even though the number of credit and debit cards it processed in 2013 placed it squarely in … Continue reading

Posted in Uncategorized | Tagged , , , | Leave a comment

Excelsior National Cyber Security Institute

Posted on December 11, 2013 by mclaukl

In December 2013 I was named a fellow for the Excelsior National Cyber Security Institute. http://www.nationalcybersecurityinstitute.org/fellows/  

Posted in Uncategorized | Tagged , , , , | Leave a comment

Short ISO Presentation

Posted on December 2, 2013 by mclaukl
Posted in Uncategorized | Tagged , , , | Leave a comment

Fun Story about UC Cyber Warfare Game

Posted on October 24, 2013 by mclaukl

Ok, so I wasn’t going to share this but I sort of think its pretty neat. My friend Quinn and I started an urban legend story at the University of Cincinnati from my classes first cyber warfare event years ago. … Continue reading

Posted in Uncategorized | Tagged , , , | Leave a comment