Billede af showet Secure Talk Podcast

Secure Talk Podcast

Podcast af Justin Beals

engelsk

Teknologi

Begrænset tilbud

1 måned kun 9 kr.

Derefter 99 kr. / månedOpsig når som helst.

  • 20 lydbogstimer pr. måned
  • Podcasts kun på Podimo
  • Gratis podcasts
Kom i gang

Læs mere Secure Talk Podcast

Secure Talk reviews the latest threats, tips, and trends on security, innovation, and compliance. Host Justin Beals interviews leading privacy, security and technology executives to discuss best practices related to IT security, data protection and compliance. Based in Seattle, he previously served as the CTO of NextStep and Koru, which won the 2018 Most Impactful Startup award from Wharton People Analytics. He is the creator of the patented Training, Tracking & Placement System and the author of “Aligning curriculum and evidencing learning effectiveness using semantic mapping of learning assets,” published in the International Journal of Emerging Technologies in Learning (iJet). Justin earned a BA from Fort Lewis College.

Alle episoder

258 episoder

episode Special Episode: CMMC Phase 2 SUSPENDED: What DOD Just Did, What It Really Means, and Why Little Changed cover

Special Episode: CMMC Phase 2 SUSPENDED: What DOD Just Did, What It Really Means, and Why Little Changed

The Pentagon paused CMMC Phase 2 with zero warning — and half the defense industrial base is celebrating for the wrong reason. When the Department of War suspended CMMC Phase 2 rollout with no notice, panic spread fast across the defense contractor community — but the requirement to secure CUI never went away. In this special roundtable, host Justin Beals brings together three CMMC insiders — Logan Therrien (C3PAO Chief Strategy Officer, retired Navy submariner), Lance Arnold (30-year industry veteran, just completed his own CMMC Level 2 journey), and Brian Hubbard (President, Evolved Cyber Solutions, CMMC assessor since 2015) — to separate what actually changed from what didn't. They break down the difference between the assessment requirement (paused) and the security implementation requirement (still very much alive under NIST 800-171), why "self-assessment" doesn't mean "no requirement," and what small businesses and primes should do right now instead of waiting for clarity that may not come for months. Sources Referenced:  DFARS 252.204-7021 (CMMC assessment clause) DFARS 252.204-7012 (NIST 800-171 compliance clause) DFARS 252.204-7019 (SPRS scoring requirement) 32 CFR Part 170 (CMMC Program Rule) 32 CFR Part 48 NIST SP 800-171 / NIST SP 800-172

17. juli 2026 - 46 min
episode Considering Security, Compliance and Revenue with David Grazer cover

Considering Security, Compliance and Revenue with David Grazer

Most companies chase certifications to win deals — but what actually keeps customers is something no audit can measure. In this episode, vCISO David Grazer makes the case that trust is a measurable economic asset hiding in plain sight: your customer retention rate. Drawing on 15+ years inside high-growth tech companies, David explains why compliance frameworks are customer acquisition tools, not retention strategies — and how the gap between the two is costing businesses more than they realize. This episode is for founders, security leaders, and C-suite executives who want to connect their security and privacy programs to real business outcomes. You'll learn: → Why a SOC 2 or ISO 27001 certification is only the beginning of earning customer trust → How customer churn functions as one of the most honest security metrics available → Why MFA and common security controls often fail the users who need them most → What "Trust by Design" looks like in product development and AI programs → How to translate security risk into language that resonates with your CFO Chapters 00:00 Introduction to Secure Talk and Trust 03:42 David Grazer's Journey into Security and Privacy 08:09 Navigating Compliance and Customer Trust 12:49 The Role of Consulting in Security 18:07 Trust as a Measurable Economic Asset 23:42 Identity Management in the Entertainment Industry 26:09 The VC SO Model and Its Impact 29:13 The Evolution of Compliance Conversations 33:17 Exploring the Intersection of Technology and Society 🔔 Subscribe to SecureTalk for weekly conversations at the intersection of cybersecurity, compliance, and business strategy. #cybersecurity #compliance #CISO #trustbydesign #vciso #informationsecurity #GRC #dataprivacy

16. juni 2026 - 41 min
episode Why you could fail your CMMC Level 2 C3PAO audit | Secure Talk with Logan Therrien cover

Why you could fail your CMMC Level 2 C3PAO audit | Secure Talk with Logan Therrien

You did your self assessment and received a perfect 110 score, congratulations! You met with your C3PAO and scored less than 0. What happened! How can two CMMC assessors examine the same defense contractor and arrive at completely different scores? A lack of rigor in assessment methodology could mean the entire certification system is measuring the assessor — not your security. Logan Therrien, Chief Strategy Officer at Kieri Solutions and one of the original C3PAO lead assessors in the U.S., joins Justin Beals to expose a critical flaw in how CMMC Level 2 assessments are conducted today: no standardized evidence sampling methodology. This episode is for DoD contractors, compliance consultants, and defense industry executives who want to understand what's at stake — and how to navigate assessments before the rules tighten further. What you'll learn: * Why NIST 800-171 was intentionally vague — and how that backfired for assessors * How one assessor might review a single evidence point while another reviews 100% * What ISO 17020 accreditation will require of C3PAOs and why it matters now * What the 48 CFR expansion means for 118,000+ contractors in the supply chain * How to prepare for an assessment so it feels like an open-book test Logan also co-authored the peer-reviewed paper "The Need for Standardized Evidence Sampling in CMMC Assessments: A Survey-Based Analysis of Assessor Practices" (with John Hastings) — one of the first data-driven studies of assessment methodology in the CMMC ecosystem. Chapters 00:00 Introduction to Secure Talk and Psychometrics 01:45 Understanding CMMC and Its Implications 05:32 Logan Therian's Background and Insights 09:16 The Challenges of Assessment Methodologies 16:10 The Scale and Impact of CMMC Assessments 20:31 Navigating Standards in Cybersecurity 23:53 Evidence Testing in CMMC Assessments 27:43 The Importance of Reliable and Accurate Assessments 36:22 Building Trust Between Industry and Defense 41:46 Future Directions in CMMC Research Resources: Therrien, Logan and Hastings, John. (2026, February 10). The need for standardized evidence sampling in CMMC assessments: A survey-based analysis of assessor practices. arXiv. https://arxiv.org/abs/2602.09905 [https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqblZMOGVCeWg0cXZidEw4eS1pdC1BZ1ZQNnFCZ3xBQ3Jtc0tuOGtpa09qNzhhOXVhWHdVcmMwNHFkQ0hsbVdmUGhoU0p0OHd6UXJ5UUszMDdCdWZ4bFJWVjFBcGdya3E3VjV5eFVnMG9yZFZIRnY5NGhhMk9Vek1sWHRoTGRVUkxLbk1FcnRlR3hFaTQyenBVMWk1dw&q=https%3A%2F%2Farxiv.org%2Fabs%2F2602.09905&v=RqPHxN86kWY]

2. juni 2026 - 53 min
episode Mark Zuckerberg has an AI twin. Who Is Mark Zuckerberg? cover

Mark Zuckerberg has an AI twin. Who Is Mark Zuckerberg?

Mark Zuckerberg built an AI version of himself that attends meetings and approves budgets while he's elsewhere. That's not science fiction — it's happening now. But when an AI replica makes a consequential decision, who's legally responsible? Who owns it when you die? Dr. Candi Cann, Thanatologist and professor at Baylor University, joins SecureTalk host Justin Beals to explore the uncomfortable intersection of technology, mortality, and identity — and what it means for data governance, digital rights, and the future of enterprise accountability. In this episode: Key topics: digital identity, AI accountability, data governance, CMMC compliance, death technology, digital ethics, AI agents, enterprise security If your organization is deploying AI agents that act on behalf of humans — approving transactions, attending meetings, representing employees — this episode raises the governance questions your security and legal teams need to be asking right now. Subscribe to SecureTalk for weekly conversations at the edge of cybersecurity, compliance, and technology culture. Resources:  Book: Augmented: Life and Death as a Cyborg by Candy Cann, MIT Press, 2026. Link: https://mitpress.mit.edu/9780262051118/augmented/

19. maj 2026 - 47 min
En fantastisk app med et enormt stort udvalg af spændende podcasts. Podimo formår virkelig at lave godt indhold, der takler de lidt mere svære emner. At der så også er lydbøger oveni til en billig pris, gør at det er blevet min favorit app.
En fantastisk app med et enormt stort udvalg af spændende podcasts. Podimo formår virkelig at lave godt indhold, der takler de lidt mere svære emner. At der så også er lydbøger oveni til en billig pris, gør at det er blevet min favorit app.
Rigtig god tjeneste med gode eksklusive podcasts og derudover et kæmpe udvalg af podcasts og lydbøger. Kan varmt anbefales, om ikke andet så udelukkende pga Dårligdommerne, Klovn podcast, Hakkedrengene og Han duo 😁 👍
Podimo er blevet uundværlig! Til lange bilture, hverdagen, rengøringen og i det hele taget, når man trænger til lidt adspredelse.

Vælg dit abonnement

Mest populære

Begrænset tilbud

Premium

20 timers lydbøger

  • Podcasts kun på Podimo

  • Ingen reklamer i podcasts fra Podimo

  • Opsig når som helst

1 måned kun 9 kr.
Derefter 99 kr. / måned

Kom i gang

Premium Plus

100 timers lydbøger

  • Podcasts kun på Podimo

  • Ingen reklamer i podcasts fra Podimo

  • Opsig når som helst

Prøv gratis i 30 dage
Derefter 129 kr. / måned

Prøv gratis

Kun på Podimo

Populære lydbøger

Ofte stillede spørgsmål

Flere spørgsmål og svar
Kom i gang

1 måned kun 9 kr. Derefter 99 kr. / måned. Opsig når som helst.