Doing business with the Federal government has always had its share of requirements and regulations, especially when it comes to storing, processing, or transmitting any sensitive data. In fact, organizations doing business with the Federal government involving sensitive data are well acquainted with the cybersecurity controls they must implement based on controls from well-known frameworks such as the National Institute of Standards and Technology (NIST) Special Publication 800-53 (NIST SP 800-53) and NIST SP 800-171. However, in the last several years these controls (and the method by which organizations must demonstrate compliance have drastically changed, culminating in the Cybersecurity Maturity Model Certification (CMMC) Framework.
Official DoD Acquisition Site for CMMC Program Info: https://www.acq.osd.mil/cmmc/
Official Site of the CMMC Program: https://cmmcab.org/Full Episode Show Notes
Doug Landoll - CEO at Lantego
Douglas Landoll has over three decades of information security experience. He has led security risk assessments and established security programs for top corporations and government agencies. He is an expert in security risk assessment, security risk management, security criteria, and building corporate security programs and the author of three cybersecurity books. His background includes evaluating cybersecurity at the National Security Agency (NSA), North Atlantic Treaty Organization (NATO), Central Intelligence Agency (CIA), the Federal Bureau of Investigations (FBI), and other government agencies; co-founding the Arca Common Criteria Testing Laboratory, co-authoring the systems security engineering capability maturity model (SSE-CMM); teaching at NSA’s National Cryptologic School; and speaking at national and international cybersecurity conferences. Doug has founded or directed four information security firms including the southwest security services at Exodus Communications, Veridyn (sold to EnPointe Technologies), the Risk and Compliance Management division at Accuvant (now Optiv) and Lantego. Doug is currently the CEO of Lantego, specializing in risk assessment, policy development, and training. He is a CISSP. He holds a BS degree from James Madison University and an MBA from the University of Texas at Austin. In his 30+ years in the industry he has performed over 100 cybersecurity risk assessment, written policies for scores of organizations, and instructed over 2500 CISSP and CISA candidates. Doug Landoll is dynamic speaker, perceptive author, and information security expert, who always brings a unique mix of business strategy, keen insight, and technical know-how to current cybersecurity topics.
Fredrick "Flee" Lee - CSO at Gusto
Fredrick "Flee" Lee is the Chief Security Officer at Gusto, where he leads information and physical security strategies including consumer protection, compliance, governance and risk. Before Gusto, Lee spent more than 15 years leading global information security and privacy efforts at large financial services companies and technology startups, most recently as Square's Head of Information Security. He previously held senior security and privacy roles at Bank of America, NetSuite and Twilio. Lee was born and raised in Mississippi and holds a bachelor's degree in computer engineering from the University of Oklahoma.
Josh Marpet - Executive Director at RM-ISAO
Executive Director, RM-ISAO Co-founder, MJM Growth IANS Faculty Blockchain Patent Holder MISTI Instructor Entrepreneurship Curmudgeon Board Member BSidesDE Board Member BSidesDC Ex-cop and Fireman
Scott Lyons - CEO at Red Lion
CEO at Red Lion
Security Weekly is more than happy to announce that we will be at InfoSec World 2021 IN PERSON October 25th-27th, 2021! This year, our annual partnership with InfoSec World is extra special, as we are both business units under the CyberRisk Alliance brand! What does that mean for Security Weekly listeners & InfoSec World attendees? You will get to see and hear from many of the Security Weekly team at the event AND you will save 20% off on your world pass! Visit https://securityweekly.com/isw2021 to register using our discount code!
Security Weekly is ecstatic to announce that Security Weekly Unlocked will be held IN PERSON this December 5-8 at the Hilton Lake Buena Vista! Call for presentations & early registration for Security Weekly listeners is open now! Visit securityweekly.com/unlocked to submit your presentation & register for the early registration price before it expires!