scw88

Security and Compliance Weekly Episode #88 – September 28, 2021

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Compliance and “The Crowd”, Part 1 – 12:00 PM-12:30 PM

Announcements

  • InfoSec World 2021 is proud to announce its keynote lineup for this year’s event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on Digital Pass registration! Visit https://securityweekly.com/isw2021 to register now!

  • Security Weekly Unlocked will be held IN PERSON this December 5-7 at the Hilton Lake Buena Vista!

    Keynotes from Alyssa Miller, John Strand, Lesley Carhart, & Dave Kennedy!

    Visit https://securityweekly.com/unlocked to register and check out our rockstar lineup!

Description

Crowdsourcing and multi-sourcing focus on risk identification and reduction, and they seem to be effective… but my auditor doesn’t understand what it is yet – Will it meet the requirements of security compliance standards? Jeff and Casey will dig into the hits and misses of plugging novel assurance approaches into established markets.

Guest(s)

Casey Ellis

Casey Ellis – Founder/Chair/CTO at Bugcrowd

@caseyjohnellis

Casey is the Chairman, Founder, and CTO of Bugcrowd. His 20+ information security career spans work as a pentester, security and risk consultant, solutions architect, Chief Security Officer, serial entrepreneur, and business leader. Casey established the Crowdsourced Security as a Service model, launching the first bug bounty programs on the Bugcrowd platform in 2012, and co-founded the disclose.io vulnerability disclosure standardization project in 2014. Since then, he has advised the US Department of Defense and Department of Homeland Security/CISA, the Australian and UK intelligence communities, and various US House and Senate legislative cybersecurity initiatives (including pre-emptive cyberspace protections ahead of the 2020 Presidential Elections). Casey, a native of Sydney, Australia, splits his time between Sydney and the San Francisco Bay Area with his wife and two kids.

Hosts

JeffMan

Jeff Man

@MrJeffMan

#HackingisNotaCrime Advocate, Sr. InfoSec Consultant at Online Business Systems

JoshMarpet

Josh Marpet

@quadling

Executive Director at RM-ISAO

KatValentine

Kat Valentine

@kjvalentine

Compliance Free Agent (Consultant) at Osmosis Security

ScottLyons

Scott Lyons

@Csp3r

CEO at Red Lion

2. Compliance and “The Crowd”, Part 2 – 12:30 PM-01:00 PM

Announcements

  • Don’t miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

  • Join us October 21 to learn why zero-knowledge encryption matters. If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand

Description

Crowdsourcing and multi-sourcing focus on risk identification and reduction, and they seem to be effective… but my auditor doesn’t understand what it is yet – Will it meet the requirements of security compliance standards? Jeff and Casey will dig into the hits and misses of plugging novel assurance approaches into established markets.

Guest(s)

Casey Ellis

Casey Ellis – Founder/Chair/CTO at Bugcrowd

@caseyjohnellis

Casey is the Chairman, Founder, and CTO of Bugcrowd. His 20+ information security career spans work as a pentester, security and risk consultant, solutions architect, Chief Security Officer, serial entrepreneur, and business leader. Casey established the Crowdsourced Security as a Service model, launching the first bug bounty programs on the Bugcrowd platform in 2012, and co-founded the disclose.io vulnerability disclosure standardization project in 2014. Since then, he has advised the US Department of Defense and Department of Homeland Security/CISA, the Australian and UK intelligence communities, and various US House and Senate legislative cybersecurity initiatives (including pre-emptive cyberspace protections ahead of the 2020 Presidential Elections). Casey, a native of Sydney, Australia, splits his time between Sydney and the San Francisco Bay Area with his wife and two kids.

Hosts

JeffMan

Jeff Man

@MrJeffMan

#HackingisNotaCrime Advocate, Sr. InfoSec Consultant at Online Business Systems

JoshMarpet

Josh Marpet

@quadling

Executive Director at RM-ISAO

KatValentine

Kat Valentine

@kjvalentine

Compliance Free Agent (Consultant) at Osmosis Security

ScottLyons

Scott Lyons

@Csp3r

CEO at Red Lion