Compliance Is Not Security | A Conversation With Compliance Guru, AJ Yawn | Tech Done Different With Ted Harrington
ITSPmagazine Podcast
English - March 16, 2021 15:00 - 44 minutes - 40.4 MB - ★★★★★ - 15 ratingsTechnology education internet business computers digital transformation future technology innovation science hacking Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
In this episode of Tech Done Different, we hear from compliance expert AJ Yawn. Perhaps the most surprising takeaway from this dynamic chat with a guru in compliance? Security and compliance are not the same thing. Yet, done properly, compliance can be a powerful driver for security.
Listen in to learn:
why compliance reports should get better over time (and why a "clean report" is neither realistic nor a good thing)why cursory, scan-based "penetration testing" (meaning, really vulnerability scanning) does a disservice in many caseshow to get meaningful work done, in two steps: 1) meditate, and 2) the 90/90/1 Rulewhy to wake up earlyhow technology will shape the future of compliance testingwhy auditors should be advisors, not box-checkershow to vet auditors, and why different auditors are appropriate for different projects (and they're not all the same!)why you don't want auditors who have framework knowledge, but rather technical knowledgewhy compliance is not security (but security could be compliance)how to think about change, reassessments, and doing them soonerwhy the power of following up is "where you catch things"Guest
AJ Yawn, CEO, ByteChek (@AjYawn on Twitter)
Host
Ted Harrington
This Episode’s Sponsors
If you’d like to sponsor this or any other podcast episode on ITSPmagazine, you can learn more here: https://www.itspmagazine.com/podcast-series-sponsorships
For more podcast stories from Tech Done Different With Ted Harrington: https://www.itspmagazine.com/tech-done-different-podcast
Are you interested in sponsoring an ITSPmagazine Channel?
https://www.itspmagazine.com/podcast-series-sponsorships
Learn more about Ted and his book at https://hackablebook.com