Attestation, scoring, evaluation, and business process in achieving improved cybersecurity posture and compliance

Joy Beland joins Felicia to discuss:

• What Edwards Performance Solutions is doing in the CMMC training space
• Joy's team created the CMMC assessor textbook
• Many orgs have cybersecurity insurance enforcement for the first time ever
• Joy's extremely wise metaphor and perspective on cybersecurity insurance (15 mins)
• Transfer of risk and economic destruction
• DMARC, DKIM, SPF tuning
• What tools exist to help the SMB market with attestation, and establishing patterns of due care and due diligence?
• IS policies and processes are required as part of the proof mechanism
• Mechanisms to actually evaluate risk so that business leaders can make effective decisions
• Control planes for infrastructure

Joy's sage advice: "Know what the crown jewels are."

Learn to identify wasteful practices with Gemba walks.

https://www.creativesafetysupply.com/content/PPC/gemba/index.html

CMMC 2.0 scoping analysis

https://www.linkedin.com/feed/update/urn:li:activity:6889627454466469888/

Future Feed for CMMC orgs

https://futurefeed.co/

https://qpcsecurity.podbean.com/e/the-real-reason-you-cannot-afford-to-have-a-cybersecurity-incident/

Special guest:

Joy Beland, a CMMC Provisional Assessor and CMMC Provisional Instructor, who works with Edwards Performance Solutions as a Senior Cybersecurity Consultant.  Joy owned an MSP for twenty-one years in Los Angeles.  She has a CISM and Security+ certification.