Author Archives: mclaukl

About mclaukl

Professional Certifications - Certified CISO, CISM, CISSP, PMP, ITIL Master Certified, GIAC Security Leadership Certificate (GSLC), CRISC. Kevin also holds Certificates in the Advanced Principles of Information Security and in Advanced Information Security Research Methods from Jones International University. Kevin L. McLaughlin began his career as a Special Agent for the Department of Army. He was responsible for investigating Felony crimes around the globe. He has had many careers over the years, including being a Police Officer in Kissimmee Florida, an Investigator for Mastercard/Visa, a Middle School teacher, a Director at Kennedy Space Center (where he worked with Fred Hayes, James Lovell, Armstrong, Sheppard, etc.), the President of his own company, an IT Manager and Senior Information Security manager with the Procter & Gamble (P&G) company (fortune 35), a CISO at the University of Cincinnati and a Senior Information System Security Manager for the Whirlpool Corporation (fortune 125). Kevin has also been an adjunct since 1992. While at P&G Kevin created one of P&G’s augmentation outsourcing teams in India. Kevin designed and implemented this India team and it won a global Gold Service award from Atos-Origin and has acted as a model for countless corporate relationships since. Over the years Kevin has: created an Information Security program conducted Information Security Strategic planning designed Information Security solutions, investigated over 700 Cyber cases and operated a Global Security Operations Center. • Education - MS in Computer Science Education, BS in Management of Information Systems * PhD in Cyber Security, University of Fairfax

AI and Cybersecurity

Posted on January 31, 2023 by mclaukl

I would like to discuss the advantages and disadvantages of using AI technologies in the field of cybersecurity. On one hand, AI technologies can greatly enhance the capabilities of cybersecurity professionals in detecting and responding to security incidents. AI algorithms … Continue reading →

Posted in Uncategorized | Tagged cybersecurity AI, cybersecurity operations, cybersecurity trends, information security | Leave a comment

Zero Trust

Posted on July 15, 2022 by mclaukl

For the past few years I was puzzled by the concept of Zero Trust (ZT). I thought it was this big, nebulous thing that I just could not wrap my mind around. Every time I asked a vendor partner for … Continue reading →

Posted in Uncategorized | Tagged compliance, information assurance, information security, information system security | Leave a comment

A Risk Approach to Cybersecurity Vulnerability Management McLaughlin, 2022

Posted on May 13, 2022 by mclaukl

When first arriving at an organization that has not invested in a major cybersecurity program and then looking at the sheer number of computer vulnerabilities in the environment a sense of feeling overwhelmed is a common initial response. In many … Continue reading →

Posted in Uncategorized | Leave a comment

Small and Medium Size Organizations at Risk

Posted on April 10, 2018 by mclaukl

The bad guys are now starting to target mid-tier companies with their hacking activities. In many cases these companies have not yet come to realize that having a Certified Chief Information Security Officer (C|CISO) or a Virtual Cerified|CISO (vC|CISO) is … Continue reading →

Posted in Uncategorized | Tagged Application Security, compliance, cyber, cyber security, Cyber Security Incident Response, Incident Response, information assurance, information security, Information Security Policy, information system security, Information Technology, ISO, IT, leadership, risk, risk assessment, risk management, Security | Leave a comment

Security Steering Committee – Members Needed

Posted on February 15, 2018 by mclaukl

Posted in Uncategorized | Tagged Application Security, compliance, cyber, cyber security, information assurance, information security, information system security, Information Technology, ISO, IT, leadership, Policy, risk, risk assessment, risk management, Security | Leave a comment

The Office of No, Really?

Posted on June 12, 2017 by mclaukl

Successful ransomware attacks are at an all time high, we are losing the cyberwar, cyber criminals are making more money than ever before and it is only going to get worse, a cyber attack could be as damaging as … Continue reading →

Posted in Critical Manufacturing Cyber Security, Uncategorized | Tagged Application Security, compliance, cyber, cyber security, Cyber Security Incident Response, cyber warfare, Incident Response, information assurance, information security, Information Security Policy, information system security, Information Technology, IT operations, leadership, risk, risk assessment, risk management, Security | Leave a comment

For Cyber Security the Perimeter Still Exists and Never Went Away

Posted on June 6, 2017 by mclaukl

One item that really bugs me is to hear IT and Cyber Security professionals espouse that the perimeter is dead and that Cyber Security professionals should stop focusing on tools that protect the non-existing perimeter. I was at … Continue reading →

Posted in Uncategorized | Tagged Application Security, compliance, cyber security, Cyber Security Incident Response, information assurance, information security, Information Security Policy, information system security, Information Technology, risk assessment, Security | 2 Comments

Why Protect End User Workstations Instead of Servers First?

Posted on June 4, 2017 by mclaukl

I have been lucky enough to spend most of my Cyber Security career doing startup operations for large companies. I thrive on the energy and passion that teams get when they are given the opportunity and support to design and … Continue reading →

Posted in Uncategorized | Tagged compliance, cyber security, Cyber Security Incident Response, information assurance, information security, information system security, Information Technology, risk assessment, risk management, Security | Leave a comment

Cyber Security Quotes From Kevin

Posted on September 29, 2016 by mclaukl

Our job is to enable the business to do neat stuff such as this in a secure manner : our approach is to help them design their solution in a secure way and make recommendations that allow them to … Continue reading →

Posted in Uncategorized | Leave a comment

Critical Manufacturing Legacy Systems

Posted on March 13, 2016 by mclaukl

One common item that information Security Professionals working in Critical Manufacturing environments have to deal with is that of legacy systems. You see, in Critical Manufacturing environments it is very common for the systems that run … Continue reading →

Posted in Critical Manufacturing Cyber Security, Uncategorized | Tagged compliance, cyber, cyber security, Cyber Security Incident Response, information assurance, information security, Information Security Policy, information system security, Information Technology, risk assessment, risk management, Security | Leave a comment