Security and Compliance Weekly Subscribe

Mapping Across an Ocean of Security Frameworks, Part 1 – Thomas Sager, Tony Sager – SCW #92

October 26, 2021

Tony and Thomas will discuss the importance, value, and challenge of cross-mapping security frameworks, and the rationale and process used by CIS to create end support mapping, some real-world examples, and some real-life problems.

Full episode and show notes

Announcements

In case you missed it: Paul's Security Weekly's new streaming time is Wednesday nights from 6pm-9pm ET & Enterprise Security Weekly's new streaming time is Thursday afternoons from 3pm-4:30pm ET. You can view our live stream schedule at any time at https://securityweekly.com/live!
In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.

Guests

Thomas Sager

undefined at undefined

Thomas Sager is an Associate Cybersecurity Engineer for CIS. In this role, he is dubbed as the team cryptographer for mapping of the CMMC and PCI frameworks to the CIS Controls. Sager is also working on the Controls Assessment Specification to provide a common understanding of what should be measured in order to verity that CIS Sub-Controls are properly implemented. Prior to joining the CIS, Sager was a commercial security consultant under a federal contractor, greatly benefiting from the opportunity to work within a variety of client environments.

Tony Sager

Senior Vice President & Chief Evangelist at Center for Internet Security

http://cisecurity.org/

Tony Sager is a Senior VP for the Center for Internet Security. He led the development of the CIS Controls, a community consensus project to identify and support best practices in cybersecurity. His “volunteer army” identifies practices that will stop the vast majority of attacks seen today, and he leads projects that will share, scale, and sustain these practices for worldwide adoption.

Tony retired from the National Security Agency in 2012 after 34 years as a mathematician, software vulnerability analyst, and executive manager. Tony oversaw all NSA Red and Blue Teams, as well as all security product evaluation teams. He helped guide the Agency’s top talent development programs, and founded the Vulnerability Analysis and Operations Group (NSA’s premier technical organization in defense).

Hosts

Jeff Man

Information Security Evangelist at Online Business Systems

http://obsglobal.com/

Adrian Sanabria

Director of Product Management at Tenchi Security

Tyler Robinson

Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

TRob#6466

http://darkelement.io/

Leadership

Talking to Boards and C-Suites, Leadership Debt, and Adaptive Leadership – BSW #272

August 8, 2022

In the leadership and communications section, The Number 1 Growth Killer is Leadership Debt, How to Talk to Your Board & C-Suite About Cybersecurity, 5 ways to unite security and compliance, and more!

Careers

Using MindMaps to Strengthen Cybersecurity – Michael Wilcox – CSP #81

August 2, 2022

CISOs, security leaders and their teams must consume a large amount of information from many sources to remain effective. How does the CISO organize unstructured information? How does the CISO brainstorm? How does the CISO collaborate? Mind Mapping is a very effective tool to generate ideas quickly ...

Privacy

How to Talk With Your Lawyer – Mark Daryl Rasch – CSP #80

July 26, 2022

A Lawyer can be the CISOs best friend and advocate for cybersecurity investments. Are you frustrated with a lawyers answer of, “it depends?” Lawyers have a different thought process than many CISOs when apply the law. Join this session from a notable cybersecurity lawyer as to the differences in lan...