GRC Academy podcast

Player FM - Podcast Thông Minh Hơn

הוסף לפני two שנים

Hướng dẫn sử dụng nhanh

Podcast hàng đầu

Tạp chí thể thao

Tạp chí kinh tế

KBS WORLD Radio Tiếng Hàn qua phim ảnh

Vietnamese News - NHK WORLD RADIO JAPAN

Tạp chí tiêu điểm

The Present Writer

Podcasts – Life Abroad Podcast

Nghe chương trình này trong khi bạn khám phá

Nghe

<% _(superChannels).chain().sortBy(function(c) { return } ).each(function(superchan) { %> <% inclusion = superchan.findInclusion(subChannel.id) %>

' id='<%= superchan.id %>'>

<% checkedStr = inclusion ? 'checked=checked' : '' %> /> <%= superchan.title %>

Public: /> Content source: />

<% }); %>

Nội dung được cung cấp bởi Jacob Hill. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được Jacob Hill hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.

In Her Ellement

1
Navigating Career Pivots and Grit with Milo’s Avni Patel Thompson 26:18

cách đây 28 ngày trước26:18

Nghe Sau

Danh sách

Thích

Đã thích

26:18

How do you know when it’s time to make your next big career move? With International Women’s Day around the corner, we are excited to feature Avni Patel Thompson, Founder and CEO of Milo. Avni is building technology that directly supports the often overlooked emotional and logistical labor that falls on parents—especially women. Milo is an AI assistant designed to help families manage that invisible load more efficiently. In this episode, Avni shares her journey from studying chemistry to holding leadership roles at global brands like Adidas and Starbucks, to launching her own ventures. She discusses how she approaches career transitions, the importance of unpleasant experiences, and why she’s focused on making everyday life easier for parents. [01:26] Avni's University Days and Early Career [04:36] Non-Linear Career Paths [05:16] Pursuing Steep Learning Curves [11:51] Entrepreneurship and Safety Nets [15:22] Lived Experiences and Milo [19:55] Avni’s In Her Ellement Moment [20:03] Reflections Links: Avni Patel Thompson on LinkedIn Suchi Srinivasan on LinkedIn Kamila Rakhimova on LinkedIn Ipsos report on the future of parenting About In Her Ellement: In Her Ellement highlights the women and allies leading the charge in digital, business, and technology innovation. Through engaging conversations, the podcast explores their journeys—celebrating successes and acknowledging the balance between work and family. Most importantly, it asks: when was the moment you realized you hadn’t just arrived—you were truly in your element? About The Hosts: Suchi Srinivasan is an expert in AI and digital transformation. Originally from India, her career includes roles at trailblazing organizations like Bell Labs and Microsoft. In 2011, she co-founded the Cleanweb Hackathon, a global initiative driving IT-powered climate solutions with over 10,000 members across 25+ countries. She also advises Women in Cloud, aiming to create $1B in economic opportunities for women entrepreneurs by 2030. Kamila Rakhimova is a fintech leader whose journey took her from Tajikistan to the U.S., where she built a career on her own terms. Leveraging her English proficiency and international relations expertise, she discovered the power of microfinance and moved to the U.S., eventually leading Amazon's Alexa Fund to support underrepresented founders. Subscribe to In Her Ellement on your podcast app of choice to hear meaningful conversations with women in digital, business, and technology.…

GRC Academy

Chia sẻ

Trang chủ series•Feed

Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform for GRC professionals, executives, and anyone else who wants to increase their knowledge in the GRC space!

47 tập

#Tech #Jacob Hill

GRC Academy

updated cách đây 6 ngày trước

Chia sẻ

Trang chủ series•Feed

Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform for GRC professionals, executives, and anyone else who wants to increase their knowledge in the GRC space!

47 tập

#Tech #Jacob Hill

כל הפרקים

1
CMMC Will BREAK Your MSP - Axiom's CMMC Level 2 Journey 1:32:14

cách đây 6 ngày trước1:32:14

1:32:14

“We built a second company from scratch…” Is that what it takes for MSPs to get CMMC'd!?! 👀 In this episode I’m joined by Bobby Guerra and Kaleigh Floyd from Axiom, an IT Managed Service Provider (MSP). They explain exactly what it took to achieve CMMC level 2 certification - after 4 years of effort. Most MSPs aren’t ready for CMMC. Many believe it's just another checkbox, but it’s a complete operational shift that requires rethinking your tools, processes, and client relationships! Here are some of the highlights: How much money they allocated for CMMC (it’s more than you think) How to build scalable and repeatable processes to support compliance The tools, contracts, and agreements you MUST have in place How to prepare for the assessment (and avoid sleepless nights!) Bobby Guerra is the CEO of Axiom and has led the MSP for over 22 years. Under his leadership, Axiom became one of the first MSPs in the U.S. to achieve CMMC Level 2 Certification. Bobby now helps guide clients through their own CMMC journeys, focusing on sustainable security and compliance. Kaleigh Floyd is the Marketing Director at Axiom and Co-Host of the Climbing Mount CMMC podcast. Raised in the MSP world, she now educates others through Microsoft 365 training and cybersecurity content. Her passion lies in simplifying tech and making a lasting impact in the industry. This is a true CMMC for MSPs masterclass! So much great advice packed into this episode! What were your biggest takeaways? Let me know in the comments! Follow Bobby on LinkedIn: https://www.linkedin.com/in/bobbyguerra/ Follow Kaleigh on LinkedIn: https://www.linkedin.com/in/kaleigh-floyd-079a52190/ Axiom's Website: https://www.axiom.tech/ Climbing Mount CMMC Podcast: https://www.axiom.tech/climbing-mount-cmmc-the-podcast/ ----------- Thanks to our sponsor Vanta! Need continuous visibility into the state of your security controls? Discover the new way to GRC here: https://vanta.com/grcacademy ----------- Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform! Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s2-e4&utm_campaign=courses #cmmc #nist #cybersecurity…

1
CMMC Level 2 Assessments - What to Expect and How to Avoid Disaster 35:44

cách đây 20 ngày trước35:44

35:44

Preparing for a CMMC assessment, but don't know what to expect? Get ready to learn from CMMC Lead Assessor Fernando Machado as he explains EXACTLY what happens in each phase of the CMMC assessment process! Fernando is the Managing Principal of Cybersec Investments which is an authorized C3PAO. Fernando has been involved with CMMC starting in 2020 as a member of the Cyber AB's Standards Management Industry Working Group. Cybersec Investments has already issued 12 CMMC certifications since CMMC assessments began in January of 2025 and previously participated in nearly 20 Joint Surveillance Voluntary Assessments (JSVAs). 👉 Here are some highlights: What to expect during a CMMC assessment The 4-phases of the CMMC Assessment Process (v2.0) No self-assessment? No independent assessment Common issues that could cause assessment failures How to make the assessment easier for your assessor (and you) It is overwhelming preparing for a CMMC assessment, but don't go into it without knowing what to expect! What were your biggest takeaways? Let me know in the comments! Follow Fernando on LinkedIn: https://www.linkedin.com/in/fernando-machado-cissp-cism-cca-ccp-5b5581124/ Cybersec Investments Website: https://cybersecinvestments.com/ ----------- Thanks to our sponsor Vanta! Need continuous visibility into the state of your security controls? Discover the new way to GRC here: https://vanta.com/grcacademy ----------- Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform! Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s2-e3&utm_campaign=courses #cmmc #nist #cybersecurity…

1
CMMC Mistakes COST Villa-Tech $485,000 54:08

cách đây 5 weeks trước54:08

54:08

🔥 "I Could Have Saved $300K on CMMC!" 🔥 Miguel is the founder of Villa-Tech, a small but powerful tech company that is breaking into the defense contracting space. Miguel shares a raw and honest look at the costly missteps, lessons learned, and strategies that could save small businesses hundreds of thousands of dollars preparing for CMMC certification! 👉 Here are some highlights: How he could have saved $300k Bad advice is expensive - how to hire the right consultants Rebuilding their SSP 4 times The importance of CMMC education before diving in Villa-Tech has built a CUI enclave environment that other defense contractors can leverage! They also have an amazing set of capabilities and just achieved CMMC level 2 certification, so be sure to check out their capabilities statement below. Small businesses CAN succeed in CMMC, but the path is filled with pitfalls that can drain your budget. Don’t make the same mistakes - learn from someone who’s been through it! What were your biggest takeaways? Let me know in the comments! Follow Miguel on LinkedIn: https://www.linkedin.com/in/miguel-villarreal-0231286/ Villa-Tech Website: https://www.villa-tech.com Villa-Tech Capabilities: https://villa-tech.com/government/capabilities-statement/ Structura.io Website: https://structura.io/ ----------- Thanks to our sponsor Vanta! Need continuous visibility into the state of your security controls? Discover the new way to GRC here: https://vanta.com/grcacademy ----------- Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform! Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s2-e2&utm_campaign=courses #cmmc #nist #cybersecurity…

1
CMMC Compliance in AWS Cloud Just Got a LOT Easier 29:16

cách đây 7 weeks trước29:16

29:16

CMMC and DFARS compliance is hard - especially in the cloud. Got AWS? They've given you tools that make compliance much easier! In this episode, I sit down with Travis Goldbach from Amazon Web Services (AWS) to break down the solutions AWS has created to simplify CMMC and DFARS compliance. 👉 Here are some highlights: AWS compliance automation - reducing manual effort and risk Shared Responsibility Model - what AWS secures vs. what you manage AWS GovCloud vs. Commercial Cloud - choosing the right environment Landing Zone Accelerator - your shortcut to a secure, compliant AWS setup How AWS is pursuing its own CMMC certification & what that means for you I didn't know that AWS was so mature when it came to CMMC and DFARS compliance! It was really awesome to learn how they are making compliance easier! What were your biggest takeaways? Let me know in the comments! Follow Travis on LinkedIn: https://www.linkedin.com/in/travis-goldbach-b446a223/ AWS CMMC website: https://aws.amazon.com/compliance/cmmc/ ----------- Thanks to our sponsor Vanta! Need continuous visibility into the state of your security controls? Discover the new way to GRC here: https://vanta.com/grcacademy ----------- Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform! Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s2-e1&utm_campaign=courses #cmmc #nist #cybersecurity #aws…

1
CMMC 2.0 Is FINALLY Here - What Happens Next (with Stacy Bostjanick) 1:07:48

cách đây 12 weeks trước1:07:48

1:07:48

It’s been a long and wild ride on this #cmmc ship! ⛵ In this episode, I speak with Stacy Bostjanick who is the Director of the CMMC program at DoD CIO! Here are some highlights from the episode: Expectations for the initial phase in of CMMC Who determines CMMC levels for contracts? How will CMMC waivers work? Criteria for CMMC level 2 self-assessments and CMMC level 3 Early use of NIST 800-171 r3 And so much more! First mentioned in 2019, CMMC 1.0 was released in 2020 under the Trump administration. CMMC 1.0 was reviewed during the Biden administration, they released CMMC 2.0 in late 2021, and then… There was a great silence. If you threw a small rock, you’d hit ten people who thought CMMC was going away. All this time though, the DoD was quietly marching on. They released the proposed CMMC program rule in December 2023 and released the final CMMC program rule in October 2024 - which is now EFFECTIVE. After all of that, CMMC will FINALLY begin to phase into DoD solicitations and contracts by this summer. CMMC has been a LONG time coming, and it was an honor to hear the back story and why certain decisions were made! What were your biggest takeaways? Let me know in the comments! Follow Stacy on LinkedIn: https://www.linkedin.com/in/stacy-bostjanick-a3b67173/ DoD CIO CMMC website: https://dodcio.defense.gov/CMMC/ ----------- Thanks to our sponsor Vanta! Want to save time filling out security questionnaires? Experience questionnaire automation here: https://vanta.com/grcacademy ----------- Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform! Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e43&utm_campaign=courses #cmmc #nist #cybersecurity…

1
CMMC Disaster: What MSPs Aren't Telling You 47:28

cách đây 15 weeks trước47:28

47:28

Your MSP could be a CMMC disaster. 💥💣💥 I wish I was joking. In this episode I speak with Joy Beland about the critical role IT Managed Service Providers (MSPs) play in the CMMC space and why so many of them will cause their clients to fail their CMMC assessments. Here are some of the highlights: The NEW critical CMMC requirement for MSPs Why so many MSPs will cause their clients to fail CMMC assessments Why MSPs SHOULD still get CMMC certified Questions to ask your MSP to gauge their CMMC readiness Joy is the Vice President of Cybersecurity Compliance at Summit 7 and brings over 20 years of experience as a former MSP owner. Summit 7 is a specialized MSP exclusively supporting defense contractors. If you use an MSP, don't just assume that everything is OK and your MSP has it all covered. It's highly likely that they do NOT and you'll FAIL your CMMC assessment because of them. There are some great CMMC-focused MSPs out there, but the majority of MSPs have NO BUSINESS supporting defense contractors. Choose wisely! What stood out most to you? Whatever your thoughts are, feel free to let me know in the comments! Follow Joy on LinkedIn: https://www.linkedin.com/in/joy-belinda-beland/ Summit 7 website: https://www.summit7.us/ ----------- Thanks to our sponsor Vanta! Want to save time filling out security questionnaires? Experience questionnaire automation here: https://vanta.com/grcacademy ----------- Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform! Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e42&utm_campaign=courses…

1
Healthcare Cybersecurity: Lives are at Stake 34:48

cách đây 15 weeks trước34:48

34:48

Should you NEVER pay after a ransomware attack? In this episode I speak with Frank Riccardi about cybersecurity in healthcare and the event that triggered much more cyber accountability for the C-suite. Here are some of the highlights: Why healthcare workers are prone to social engineering attacks Reasons you SHOULD and should NOT pay after ransomware attacks Managing shadow IT after acquisitions/mergers Why every member of the C-suite must understand cyber The importance of a culture of reporting Frank is a former C-level executive with 25 years of experience developing compliance and privacy programs for large healthcare systems comprised of hospitals, physician practice groups, urgent care centers, and other healthcare organizations. I really enjoyed Frank's description of shadow IT! I always thought of an employee who is using an unauthorized application, but I never thought of it from the standpoint of an acquisition/merger. What stood out most to you? Whatever your thoughts are, feel free to let me know in the comments! Follow Frank on LinkedIn: https://www.linkedin.com/in/frank-riccardi-261831b1/ Frank's Book (Mobilizing the C-Suite: Waging War Against Cyberattacks): https://www.amazon.com/Mobilizing-C-Suite-Waging-Against-Cyberattacks/dp/1637424248/ ----------- Thanks to our sponsor Vanta! Want to save time filling out security questionnaires? Experience questionnaire automation here: https://vanta.com/grcacademy ----------- Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform! Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e41&utm_campaign=courses #cybersecurity #healthcare #hospital #informationtechnology…

1
My MSP Was Hacked - Should I Fire Them? 52:47

cách đây 17 weeks trước52:47

52:47

Should you fire your MSP?!? 🔥🔥🔥 In this episode, I speak with cybersecurity attorney Sarah Anderson about how to evaluate IT Managed Service Providers and how businesses can protect themselves when relying on them. Here are some of the highlights: How you should evaluate MSPs What to do after your MSP is hacked Managing the cyber incident Cyber insurance pitfalls Should you fire your hacked MSP? Sarah is the owner of SWA Law LLC and also serves in U.S. Army Reserves as a Lieutenant Colonel. She has been involved in more than 100 cyber incident responses throughout her career and also represents public and private entities in regulatory compliance, cybersecurity practices, and technology contract negotiations. If you are relying on an MSP to manage your IT and security, you won’t want to miss this! As Sarah said, not all MSPs are created equally. Many MSPs have such poor security practices they WILL get you hacked. Encourage your MSP to join MSPCyberX! It's a nonprofit focused on elevating the security of MSPs: https://www.mspcyberx.com/ Follow Sarah on LinkedIn: https://www.linkedin.com/in/sarah-anderson-lacyberlawblog123/ Legally Cyber website: https://www.legallycyber.com/ Sarah's cybersecurity course for lawyers: https://courses.sprouteducation.com/item/cybersecurity-basics-lawyers-653403 ----------- Thanks to our sponsor Vanta! Want to save time filling out security questionnaires? Experience questionnaire automation here: https://vanta.com/grcacademy ----------- Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform! Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e40&utm_campaign=courses #msp #informationtechnology #cybersecurity #cmmc…

1
SOC 2 Compliance: ALL The Essentials Simplified 22:16

cách đây 18 weeks trước22:16

22:16

SOC 2 isn't the only SOC out there! 🧦 In this episode Cera Adams breaks down these SOC reports and what to expect in a SOC audit! Here are a few highlights from this episode: Why CPAs are involved What SOC 1 / SOC 2 / SOC 3 reports mean to providers and consumers Difference between SOC 2 Type 1 and Type 2 reports How SOC scoping and audits work SOC consulting/audit independence requirements Cera is the Director of IT Assurance Services and leads OCD Tech's SOC 2 and IT Audit Practices. She has more than 20 years of experience in information security! I've spent most of my career working in the NIST cybersecurity space, so this was very interesting to me! I thought that the SOC 3 report was interesting, especially since many other frameworks don't have an equivalent. What were your takeaways? What is your best SOC pun? Let me know in the comments! Follow Cera on LinkedIn: https://www.linkedin.com/in/ceraadams/ OCD Tech Website: https://ocd-tech.com/ ----------- Thanks to our sponsor Vanta! Want to save time filling out security questionnaires? Experience questionnaire automation here: https://vanta.com/grcacademy ----------- Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform! Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e39&utm_campaign=courses #soc2 #cybersecurity #informationsecurity…

1
Android Security Masterclass: What Every Cyber GRC Team Must Know 1:20:55

cách đây 19 weeks trước1:20:55

1:20:55

Do you use Android at work, but don't really understand it? In this episode Hahna Kane Latonick teaches an Android cybersecurity masterclass for cyber GRC teams: Here are a few highlights from this episode: How the Android project is managed How Android devices are compromised The many steps to update Android devices Most important steps to secure Android devices Is Apple more secure than Android? Hahna is the Director of Security Research at Dark Wolf Solutions. Some of her focuses include Android reverse engineering and exploit development. She has been featured on national media outlets including Fox Business News, ABC News, and many others! Too often companies integrate mobile devices at work without truly understanding how they work and the risks involved. Hahna explained these concepts so well! And of course, we had some back and forth on what is more secure, Android or Apple. I really enjoyed this episode and learned more about Android myself! What were your takeaways? Follow Hahna on LinkedIn: https://www.linkedin.com/in/hahnakane/ Dark Wolf Solutions Website: https://darkwolfsolutions.com/ Android Security Research Playbook: https://asrp.darkwolf.io/ ----------- Thanks to our sponsor Vanta! Want to save time filling out security questionnaires? Experience questionnaire automation here: https://vanta.com/grcacademy ----------- Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform! Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e38&utm_campaign=courses #android #cybersecurity #informationsecurity…

1
Penn State Cybersecurity False Claims Scandal: Meet the Whistleblower 44:24

cách đây 20 weeks trước44:24

44:24

Introducing the Penn State Whistleblower. In this episode, the whistleblower explains how he tried to stop Penn State from misrepresenting their NIST 800-171 compliance to the DoD and what he has faced since he blew the whistle! Whistleblower attorney Julie Bracker also shares what the media got wrong in this case and the latest on the Georgia Tech FCA case! Here are a few highlights from this episode: - Hear directly from the whistleblower in this False Claims Act case - What the media got wrong - Recommendations to universities - Advice for other whistleblowers Matthew Decker was the Chief Information Officer at the Applied Research Laboratory at Penn State from 2015 until 2023 and the interim Vice Provost and CIO responsible for all of Penn State from January 2016 until September 2016. Matthew currently serves as the Chief Data and Information Officer at NASA’s Jet Propulsion Laboratory since 2023. It was fascinating to learn that the university assumed compliance with their own AD95 security policy meant they were automatically compliant (at least to some measure) with NIST 800-171. This is a great reminder that the details always matter! Special thanks to Matt for sharing his story with us, and to Julie Bracker for coordinating this interview! Follow Julie on LinkedIn: https://www.linkedin.com/in/juliekeetonbracker/ Bracker & Marcus LLC Website: https://www.fcacounsel.com/ Connect with Matt on LinkedIn: https://www.linkedin.com/in/matt-decker-cio/ Whistleblower's Handbook: https://www.amazon.com/New-Whistleblowers-Handbook-Step-Step/dp/1493028812/ ----------- Thanks to our sponsor Vanta! Want to save time filling out security questionnaires? Experience questionnaire automation here: https://vanta.com/grcacademy ----------- Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform! Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e37&utm_campaign=courses #whistleblower #cmmc #cybersecurity…

1
Microsoft 365 GCC High: The Inside Story with Richard Wakeman 1:02:05

cách đây 21 weeks trước1:02:05

1:02:05

Confused about Microsoft 365 and DFARS/CMMC compliance? In this episode, I speak with Richard Wakeman, Chief Architect for cybersecurity of Aerospace & Defense @ Microsoft! We discuss the history of the government clouds, the need behind GCC and GCC High, and much more! Here are some highlights: The origins of the Microsoft clouds Which clouds support DFARS 7012 compliance When will GCC High be FedRAMP authorized? CUI enclave considerations Richard is a wealth of knowledge, and I have personally benefited from his compliance blog articles since at least 2020! If you are currently operating in the Microsoft cloud or are trying to decide which Microsoft cloud to buy, you won't want to miss this! Were you aware that GCC High isn't FedRAMP authorized yet? What about Microsoft 365 commercial not being compliant with DFARS 7012? Whatever your thoughts are, let me know! Follow Richard on LinkedIn: https://www.linkedin.com/in/wakeman/ Microsoft Cloud compliance article: https://aka.ms/MSGovCompliance Microsoft 365 Roadmap: https://www.microsoft.com/en-us/microsoft-365/roadmap ----------- Thanks to our sponsor Vanta! Want to save time filling out security questionnaires? Experience questionnaire automation here: https://vanta.com/grcacademy ----------- Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform! Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e36&utm_campaign=courses…

1
MSP Cyber Exchange: Shield Your MSP from Hackers (MSPCyberX) 15:38

cách đây 21 weeks trước15:38

15:38

Is your MSP a cybersecurity liability? In this episode, I speak with Brian Hubbard, President of Evolved Cyber Solutions and the MSP Cybersecurity Exchange! We discuss the state of MSP cybersecurity and how MSPCyberX is elevating the security posture of MSPs everywhere! Here are some highlights: Why MSPs are so critical to our nation's security The inevitable regulations that will target MSPs MSPs involvement during CMMC assessments How MSPCyberX can help GRC Academy partnered with MSPCyberX early on to provide CMMC training to its members at a discount! It was great to hear about MSPCyberX's origin story! If your MSP is not a member of MSPCyberX, it is in your best interest that they join! Follow Brian on LinkedIn: https://www.linkedin.com/in/brian-scott-hubbard/ Follow MSPCyberX on LinkedIn: https://www.linkedin.com/company/mspcyberx/ MSPCyberX Website: https://www.mspcyberx.com/ ----------- Thanks to our sponsor Vanta! Want to save time filling out security questionnaires? Experience questionnaire automation here: https://vanta.com/grcacademy ----------- Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform! Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e35&utm_campaign=courses…

1
FREE CMMC Cybersecurity Services You NEED to Know About! 17:43

cách đây 26 weeks trước17:43

17:43

FREE CMMC gap assessments!! FREE penetration tests!! FREE SOC & incident response!! This is a hidden CMMC treasure that no one's talking about! In this episode, I speak with Darren Mott about the FREE cybersecurity services offered to the DIB by the National Cybersecurity Operations Center! Here are some of the FREE services they offer: CMMC gap assessments Penetration testing SOC & Incident response Forensic analysis Threat intelligence I had no idea the National CSOC existed! This is an AMAZING opportunity that small defense contractors should take advantage of quickly before they reach capacity! On another note, I actually listened to Darren's podcast when it first came out. I never thought I'd actually host a podcast let alone speak with him! Follow Darren on LinkedIn: https://www.linkedin.com/in/darrenmott/ The CyBUr Guy Podcast: https://podcasts.apple.com/us/podcast/the-cybur-guy-podcast/id1526491250 National CSOC Website: https://nationalcsoc.com/ ----------- Thanks to our sponsor Vanta! Want to save time filling out security questionnaires? Experience questionnaire automation here: https://vanta.com/grcacademy ----------- Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform! Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e34&utm_campaign=courses…

1
Mastering GRC - What I Learned from Big Tech! (with Kenneth Moras) 31:09

cách đây 27 weeks trước31:09

31:09

Want a high paying job in GRC? Want to build a powerful GRC team? In this episode, I spoke with Kenneth Moras, Security GRC Lead at Plaid. Kenneth has worked in critical GRC roles in big tech companies like Adobe and Meta! He was heavily involved in the cyber response to international regulators after severe breaches. Here are some highlights: What you need to do and know to get a job in GRC How to master GRC 3 critical skillsets you need in your cyber GRC team How regulatory incident response differs from traditional cyber incident response Kenneth is a true GRC master! His advice for folks wanting to get into GRC is the best I've heard! His tips on building successful GRC teams were excellent as well! What were your biggest takeaway? Do you agree that GRC teams need technical knowledge? Looking forward to your thoughts! Follow Kenneth on LinkedIn: https://www.linkedin.com/in/kennethmoras/ Plaid Website: https://plaid.com/ ----------- Thanks to our sponsor Vanta! Want to save time filling out security questionnaires? Register for Vanta's webinar on Questionnaire Automation here: https://vanta.com/grcacademy ----------- Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform! Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e33&utm_campaign=courses…

Chào mừng bạn đến với Player FM!

Player FM đang quét trang web để tìm các podcast chất lượng cao cho bạn thưởng thức ngay bây giờ. Đây là ứng dụng podcast tốt nhất và hoạt động trên Android, iPhone và web. Đăng ký để đồng bộ các theo dõi trên tất cả thiết bị.