Security and Compliance Weekly Subscribe

CMMC – SCW #47

October 13, 2020

While we're on the topic of doing business with the federal government, we'll provide an update on the goings on of Cybersecurity Maturity Model Certification (CMMC). We've invited Mike Brooks to stay with us for this conversation to talk about the status, success, (failure?) of this new program designed to provide a maturity path for cybersecurity programs of organizations wishing to conduct business with the federal government.

Full episode and show notes

Announcements

Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
Join us June 29th for a webcast with Tyler Robinson and Beau Bullock to learn how to pivot into the world of Crypto security. Visit https://securityweekly.com/webcasts to register with only your name and email! Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Guest

Mike Brooks

vCISO at Abacode

http://abacode.com/

Michael Brooks is a security and compliance executive with over 20 years of experience in developing, implementing, and operating cybersecurity programs for the Department of Defense and private sector clients in numerous industries. He is a retired Air Force officer with experience as both a Chief Information Officer and Chief Information Security Officer. Mike holds an MBA from American Military University and is also a credentialed Certified Information Systems Security Professional (CISSP) and Project Management Professional (PMP).

Hosts

Jeff Man

#HackingisNotaCrime Advocate, Sr. InfoSec Consultant at Online Business Systems

John Snyder

CEO at AGNES Intelligence

http://agnesintel.com/

Josh Marpet

Executive Director at RM-ISAO

Scott Lyons

CEO at Red Lion

https://redlion.io

Third-party risk

Going Beyond the Motions of Cybersecurity – Malcolm Harkins – RSA22 #4

June 9, 2022

Speed, Velocity, and Acceleration. The physics of motion are well documented, and we understand how these scalar and vector quantities differ. In information security and cyber risk management the dynamics are not as well understood which has confused our ability to distinguish between motion and pr...

Compliance

Assessing (& Reassessing) Risk in the Financial Sector – Payal Chakravarty – RSA22 #3

June 8, 2022

Financial services has long been a leader in information security. But as more and more customers demand digital services and online transactions, the risk profile has shifted. Has this sector, arguably among the more conservative, been able to meet client demand without lowering the security standa...

Third-party risk

Is the Market Ready for Integrated Cyber Risk Management? – Victor Gamra – RSA22 #2

June 7, 2022

Cyber risk management is now a dynamic practice for security teams and leadership. It requires up-to-date risk intelligence across many factors - external, internal, third parties, cloud posture - to inform the right decisions and enable cyber risk quantification and risk modeling to be more dynamic...