Compliance and “The Crowd”, Part 1 – Casey Ellis – SCW #88
Crowdsourcing and multi-sourcing focus on risk identification and reduction, and they seem to be effective... but my auditor doesn't understand what it is yet - Will it meet the requirements of security compliance standards? Jeff and Casey will dig into the hits and misses of plugging novel assurance approaches into established markets.
Announcements
In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.
InfoSec World 2021 is proud to announce its keynote lineup for this year’s event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on Digital Pass registration! Visit https://securityweekly.com/isw2021 to register now!
Guest
Casey is the Founder and Chief Strategy Officer of Bugcrowd, as well as the co-founder of The disclose.io Project. He is a 20+ year veteran of information security who entered the space from a youth spent inventing things and generally getting technology to misbehave. Prior to Bugcrowd, Casey entered information security as a penetration tester and security researcher, before wearing a variety of hats ranging from solutions architecture and sales to CSO, and finally landing as a career cybersecurity entrepreneur.
Casey pioneered Crowdsourced Security as-a-Service, launching Bugcrowd and its first bug bounty programs in 2012, and co-founded the disclose.io vulnerability disclosure standardization and adoption project in 2014.