A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Indhold leveret af Security Voices. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af Security Voices eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.
Player FM - Podcast-app
Gå offline med appen Player FM !
Gå offline med appen Player FM !
The Compliance Episode - History, Theater & Industry-Reshaping Impact
MP3•Episode hjem
Manage episode 331804936 series 2495524
Indhold leveret af Security Voices. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af Security Voices eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.
First, a confession: this is the last episode we would have envisioned when we started Security Voices. Compliance was as mundane as it is mandatory– where’s the fun in that? Where’s the untold, fascinating story of the person who summited the tallest mountain? Rose from ashes to improbable success?
In the short years that have passed since we started in early 2019, the world has changed dramatically. And so has compliance. From driving cyberinsurance premiums to becoming the security baseline for even startups to achieve in their early days, compliance is now an undeniable juggernaut. While SOC2 defines the scope of many companies’ security gameplans, GDPR and its kin drives how we respond to breaches whereas industry specific mandates influence what data we have, how we defend it and even where we store it.
In this episode, Jack and Dave welcome both Abby Kearns and Shrav Mehta to demystify exactly what’s happening in the world of compliance from 2 unique perspectives. Abby speaks from her work on software assurance as CTO at Puppet (and beyond) whereas Shrav’s angle is that of a compliance startup CEO. Plainly stated: code on one side, standards and certifications on the other. Both increasingly important and horribly complex.
This 4 person dialogue traces the roots of compliance back to the early days of security and the inception of PCI DSS, one of the first widely impactful compliance initiatives to hit the industry. We chart the course of compliance to today and unpack where it has had meaningful impact… and where it is mere box-checking theater we could do without.
In a similar fashion, we examine the path to software compliance today and the inevitability of automation given the dramatic changes in release speed and frequency. Abby provides a sober take on where we are today including a dialogue on what it means for response to threats such as Log4shell.
If you’re a longtime listener, this episode connects back to so many of our past interviews, from Carey Nachenberg (supply chain security) to Andy Ellis (compliance perspective) and Nand Mulchandani who recently became CTO of the CIA. We hope you appreciate the references if you already heard this episodes, and if you haven’t, consider giving them a listen as they’re some of our favorites and pass the test of time with flying colors.
…
continue reading
In the short years that have passed since we started in early 2019, the world has changed dramatically. And so has compliance. From driving cyberinsurance premiums to becoming the security baseline for even startups to achieve in their early days, compliance is now an undeniable juggernaut. While SOC2 defines the scope of many companies’ security gameplans, GDPR and its kin drives how we respond to breaches whereas industry specific mandates influence what data we have, how we defend it and even where we store it.
In this episode, Jack and Dave welcome both Abby Kearns and Shrav Mehta to demystify exactly what’s happening in the world of compliance from 2 unique perspectives. Abby speaks from her work on software assurance as CTO at Puppet (and beyond) whereas Shrav’s angle is that of a compliance startup CEO. Plainly stated: code on one side, standards and certifications on the other. Both increasingly important and horribly complex.
This 4 person dialogue traces the roots of compliance back to the early days of security and the inception of PCI DSS, one of the first widely impactful compliance initiatives to hit the industry. We chart the course of compliance to today and unpack where it has had meaningful impact… and where it is mere box-checking theater we could do without.
In a similar fashion, we examine the path to software compliance today and the inevitability of automation given the dramatic changes in release speed and frequency. Abby provides a sober take on where we are today including a dialogue on what it means for response to threats such as Log4shell.
If you’re a longtime listener, this episode connects back to so many of our past interviews, from Carey Nachenberg (supply chain security) to Andy Ellis (compliance perspective) and Nand Mulchandani who recently became CTO of the CIA. We hope you appreciate the references if you already heard this episodes, and if you haven’t, consider giving them a listen as they’re some of our favorites and pass the test of time with flying colors.
66 episoder
MP3•Episode hjem
Manage episode 331804936 series 2495524
Indhold leveret af Security Voices. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af Security Voices eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.
First, a confession: this is the last episode we would have envisioned when we started Security Voices. Compliance was as mundane as it is mandatory– where’s the fun in that? Where’s the untold, fascinating story of the person who summited the tallest mountain? Rose from ashes to improbable success?
In the short years that have passed since we started in early 2019, the world has changed dramatically. And so has compliance. From driving cyberinsurance premiums to becoming the security baseline for even startups to achieve in their early days, compliance is now an undeniable juggernaut. While SOC2 defines the scope of many companies’ security gameplans, GDPR and its kin drives how we respond to breaches whereas industry specific mandates influence what data we have, how we defend it and even where we store it.
In this episode, Jack and Dave welcome both Abby Kearns and Shrav Mehta to demystify exactly what’s happening in the world of compliance from 2 unique perspectives. Abby speaks from her work on software assurance as CTO at Puppet (and beyond) whereas Shrav’s angle is that of a compliance startup CEO. Plainly stated: code on one side, standards and certifications on the other. Both increasingly important and horribly complex.
This 4 person dialogue traces the roots of compliance back to the early days of security and the inception of PCI DSS, one of the first widely impactful compliance initiatives to hit the industry. We chart the course of compliance to today and unpack where it has had meaningful impact… and where it is mere box-checking theater we could do without.
In a similar fashion, we examine the path to software compliance today and the inevitability of automation given the dramatic changes in release speed and frequency. Abby provides a sober take on where we are today including a dialogue on what it means for response to threats such as Log4shell.
If you’re a longtime listener, this episode connects back to so many of our past interviews, from Carey Nachenberg (supply chain security) to Andy Ellis (compliance perspective) and Nand Mulchandani who recently became CTO of the CIA. We hope you appreciate the references if you already heard this episodes, and if you haven’t, consider giving them a listen as they’re some of our favorites and pass the test of time with flying colors.
…
continue reading
In the short years that have passed since we started in early 2019, the world has changed dramatically. And so has compliance. From driving cyberinsurance premiums to becoming the security baseline for even startups to achieve in their early days, compliance is now an undeniable juggernaut. While SOC2 defines the scope of many companies’ security gameplans, GDPR and its kin drives how we respond to breaches whereas industry specific mandates influence what data we have, how we defend it and even where we store it.
In this episode, Jack and Dave welcome both Abby Kearns and Shrav Mehta to demystify exactly what’s happening in the world of compliance from 2 unique perspectives. Abby speaks from her work on software assurance as CTO at Puppet (and beyond) whereas Shrav’s angle is that of a compliance startup CEO. Plainly stated: code on one side, standards and certifications on the other. Both increasingly important and horribly complex.
This 4 person dialogue traces the roots of compliance back to the early days of security and the inception of PCI DSS, one of the first widely impactful compliance initiatives to hit the industry. We chart the course of compliance to today and unpack where it has had meaningful impact… and where it is mere box-checking theater we could do without.
In a similar fashion, we examine the path to software compliance today and the inevitability of automation given the dramatic changes in release speed and frequency. Abby provides a sober take on where we are today including a dialogue on what it means for response to threats such as Log4shell.
If you’re a longtime listener, this episode connects back to so many of our past interviews, from Carey Nachenberg (supply chain security) to Andy Ellis (compliance perspective) and Nand Mulchandani who recently became CTO of the CIA. We hope you appreciate the references if you already heard this episodes, and if you haven’t, consider giving them a listen as they’re some of our favorites and pass the test of time with flying colors.
66 episoder
Alle episoder
×Velkommen til Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.