scw94

Security and Compliance Weekly Episode #94 – November 09, 2021

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Governance, Risk, & Compliance…so What? – Part 1 – 12:00 PM-12:30 PM

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • Join us for our next live webcast on December 2nd to see what’s under the XDR hood. Visit https://securityweekly.com/webcasts to save your seat! Don’t forget to check out our library of on-demand webcasts & technical trainings at https://securityweekly.com/ondemand

Description

Join us on this episode of SCW for a general discussion about how to do this whole security/compliance thing better; how compliance really needs to come first; how it’s all risk-based or should be RGC not GRC; legal and privacy issues/focus – and how they help or hinder the cause; other factors like burnout/gatekeeping/etc. that all contribute to our industry being overly focused/reliant on technology and don’t handle the people/process part very well.

Guest(s)

Allan Alford

Allan Alford – CISO/CTO @ TrustMAPP at TrustMAPP

@AllanAlfordinTX

With 20+ years in information security, Allan Alford has served as CISO four times in three industries. Alford parlayed an IT career into a product security career and then ultimately fused the two disciplines. Allan has worked in companies from 5 employees to 50,000 and executes a risk-based approach to security, as well as compliance with NIST CSF, CIS CSC 20, GDPR, ISO 27001, DFARS and others.

Hosts

Fredrick

Fredrick “Flee” Lee

@fredrickl

CSO at Gusto

JeffMan

Jeff Man

@MrJeffMan

#HackingisNotaCrime Advocate, Sr. InfoSec Consultant at Online Business Systems

KatValentine

Kat Valentine

Compliance Free Agent (Consultant) at Osmosis Security

PriyaChaudhry

Priya Chaudhry

@Chaudhrylaw

Jedi Warrior Princess at ChaudhryLaw PLLC

2. Governance, Risk, & Compliance…so What? – Part 2 – 12:30 PM-01:00 PM

Announcements

  • Security Weekly Unlocked will be held IN PERSON this December 5-7 at the Hilton Lake Buena Vista! Keynotes from Alyssa Miller, John Strand, Lesley Carhart, Dave Kennedy, & Maril Vernon! Visit https://securityweekly.com/unlocked to register and check out our rockstar lineup!

Description

Join us on this episode of SCW for a general discussion about how to do this whole security/compliance thing better; how compliance really needs to come first; how it’s all risk-based or should be RGC not GRC; legal and privacy issues/focus – and how they help or hinder the cause; other factors like burnout/gatekeeping/etc. that all contribute to our industry being overly focused/reliant on technology and don’t handle the people/process part very well.

Guest(s)

Allan Alford

Allan Alford – CISO/CTO @ TrustMAPP at TrustMAPP

@AllanAlfordinTX

With 20+ years in information security, Allan Alford has served as CISO four times in three industries. Alford parlayed an IT career into a product security career and then ultimately fused the two disciplines. Allan has worked in companies from 5 employees to 50,000 and executes a risk-based approach to security, as well as compliance with NIST CSF, CIS CSC 20, GDPR, ISO 27001, DFARS and others.

Hosts

Fredrick

Fredrick “Flee” Lee

@fredrickl

CSO at Gusto

JeffMan

Jeff Man

@MrJeffMan

#HackingisNotaCrime Advocate, Sr. InfoSec Consultant at Online Business Systems

KatValentine

Kat Valentine

Compliance Free Agent (Consultant) at Osmosis Security

PriyaChaudhry

Priya Chaudhry

@Chaudhrylaw

Jedi Warrior Princess at ChaudhryLaw PLLC