Monday Jan 24, 2022

Attestation, scoring, evaluation, and business process in achieving improved cybersecurity posture and compliance

Joy Beland joins Felicia to discuss:

  • What Edwards Performance Solutions is doing in the CMMC training space
  • Joy's team created the CMMC assessor textbook
  • Many orgs have cybersecurity insurance enforcement for the first time ever
  • Joy's extremely wise metaphor and perspective on cybersecurity insurance (15 mins)
  • Transfer of risk and economic destruction
  • DMARC, DKIM, SPF tuning
  • What tools exist to help the SMB market with attestation, and establishing patterns of due care and due diligence?
  • IS policies and processes are required as part of the proof mechanism
  • Mechanisms to actually evaluate risk so that business leaders can make effective decisions
  • Control planes for infrastructure

Joy's sage advice: "Know what the crown jewels are."

Learn to identify wasteful practices with Gemba walks.

https://www.creativesafetysupply.com/content/PPC/gemba/index.html

CMMC 2.0 scoping analysis

https://www.linkedin.com/feed/update/urn:li:activity:6889627454466469888/

Future Feed for CMMC orgs

https://futurefeed.co/

https://qpcsecurity.podbean.com/e/the-real-reason-you-cannot-afford-to-have-a-cybersecurity-incident/

 

Special guest:

Joy Beland, a CMMC Provisional Assessor and CMMC Provisional Instructor, who works with Edwards Performance Solutions as a Senior Cybersecurity Consultant.  Joy owned an MSP for twenty-one years in Los Angeles.  She has a CISM and Security+ certification.

Comments (0)

To leave or reply to comments, please download free Podbean or

No Comments

Copyright 2022 All rights reserved.

Podcast Powered By Podbean

Version: 20221013