Join our host Blaise Wabo and guest Morvareed Z. Salehpour, Managing Partner of Salehpour Legal, as they delve into the constantly evolving legalities of generative artificial intelligence (AI). During the discussion, Blaise and Morvareed discuss the technical, legal, and privacy risks and challenges around generative AI that many organizations should be aware of, as well as recently passed laws and regulations around safe AI use. Listen to the episode to learn more about how your business ca...
Join hosts Giles House and Abby Rodrigues along with their guest Mark Petry, Cyber Compliance and Risk Manager at GoodLeap, as they lend valuable insights about the importance of building a culture of security. Listen to learn why more organizations should phase out rubber stamp reports, seek high-quality audits, and position compliance as a value proposition for their business.
Join host Blaise Wabo and guest Alberto España, CEO of Solver 4, as they discuss the evolving cybersecurity landscape in Latin America, Mexico, and Spain. Gain insights into the current threat landscape, the impact of COVID-19, and the future of cybersecurity and compliance in these regions. Listen as Alberto shares the struggles of competing against US vendors, the rising costs of resources, and the scarcity of qualified cybersecurity talents, spotlighting how remote work during the pandemic...
In this episode of the Compliance Crosswalk podcast, your host Blaise Wabo is joined by Jacques Antikadjian, the co-founder and chief security officer at Xano. Join them as they discuss connecting the dots between compliance and security. They emphasize the importance of integrating security and compliance measures to effectively manage risk. They also mention the evolution of security and privacy compliance frameworks and the need to bridge the gap between evolving threats and existing stand...
In this episode of the Compliance Crosswalk podcast, your host Blaise Wabo is joined by his good friend and compliance expert, Patrick Sullivan, to dive deep into the A-LIGN's 2023 Compliance Benchmark Survey. Join Blaise and Patrick as they share key insights and discuss the implications of the survey results on compliance strategies in today's ever-changing landscape. They shed light on how compliance is evolving from being a mere checkbox exercise to becoming a value driver in organization...
On this episode of the Compliance Crosswalk Podcast, Blaise Wabo engages in an enlightening conversation with former COO of Tulane Medical Center, Andre Duplessis. This episode zeroes in on the harrowing experience faced by Tulane Medical Center during Hurricane Katrina in 2005. Duplessis reflects upon the importance of business continuity planning, disaster recovery, and the unforeseen complications when the real world interacts with theoretical planning. He emphasizes the need for an agile ...
After repeatedly falling victim to identity thieves through SIM swap attacks, a telecom engineer and entrepreneur, Haseeb Awan, decided to start his own carrier with security as its top priority. Today, Haseeb is the founder and CEO of EFANI Secure Mobile, a private cell phone service provider catering to individuals and organizations that need extra security.On this episode of the Compliance Crosswalk Podcast, A-LIGN's Blaise Wabo and Haseeb Awan talk about the many security vulnerabilities ...
With a new digital landscape brought on by the pandemic, a war in Ukraine, increasingly sophisticated threat actors, artificial intelligence, and now a potential recession, the nature of how organizations are breached has fundamentally changed. No company is too small to be attacked; making a single breach can be enough to put one out of business.In this episode of Compliance Crosswalk, our host Blaise Wabo welcomes Taiye Lambo, founder of the Holistic Information Security Practit...
In the final installment of this five-part series, Blaise Wabo welcomes A-LIGN's Federal Practice Lead, Tony Bai, and HITRUST Associate Director, Shreesh Bhattarai, for a deep dive into the intricacies of HITRUST, HIPAA, & Federal certifications.Together they discuss updates to the NIST 800-171 and how that affects the various government certifications (FedRAMP, CMMC, StateRAMP, FISMA), and what companies should be doing now to remain compliant. They also review the many HITRUST Assessmen...
In the latest installment of this five-part series, Blaise Wabo welcomes A-LIGN's PCI Lead, Dustin Rich, and Technical Knowledge Leader and Research and Development Director, Joe Cortese, for a deep dive into the intricacies of PCI, Penetration tests, and Vulnerability Scans. Together they discuss new updates related to the new PCI 4.0 and the latest OWASP Top 10 Penn test framework and what organizations need to do now to prepare. They also discuss the importance of close collaboration ...
In the latest installment of this four-part series, Blaise Wabo welcomes A-LIGN's SOC 2 lead, Shayna Davitt, and ISO 27001 lead, Adam Lubbert, for a deep dive into SOC and ISO assessments.They discuss common pitfalls companies face when pursuing both audits and how to avoid them, recent updates in the ISO 27001 standards, and the advantages of doing both SOC 2 and ISO 27001 simultaneously.
Knowing which compliance assessment will best benefit your organization is just the start. Understanding the intricacies of compliance as a whole is critical in ensuring your find the right partners and people to successfully achieve compliance and leverage them to strengthen your security posture effectively. In this new episode, Blaise Wabo joins A-LIGN's practice leads for multiple compliance service lines as they continue their conversation on Which Compliance Assessment is Right for...
The world of compliance is one of numerous assessments and certifications, each varying in scope and effort depending on the industry they serve and the level of security. Figuring out which one is right for your organization can effectively and efficiently bolster your security posture, improving your competitive edge and offering to your clients. On the flip side, spending time and effort on the wrong one can exhaust an unnecessary amount of resources.In this new episode, Blaise Wabo joins ...
ESG is a topic we’re hearing come up more and more lately, especially as it relates to investors. If you’re unfamiliar, ESG stands for Environmental, Social and Governance. At its core, ESG is helping companies and investors understand how ESG non-financial factors impact a company and how a company impacts those factors as well.In this episode of Compliance Crosswalk, hosts Arti Lalwani and Blaise Wabo are joined by Leela Ramnath, Head of ESG at Warburg Pincus, to discuss what exactly ESG is...
From advances in technology creating the "new perimeter" as a result of remote work, to the shifting perspectives on the importance of privacy, the landscape for security compliance has changed dramatically within the last five years.These changes leave startups in the early stages of product development uniquely positioned to leverage compliance to unlock sales and drive scalable growth.In this episode, Blaise and Arti talk with Rob Carson, a former Marine Corps officer, tenured cybersecurit...
It’s no secret that businesses across all industries and sizes are feeling the effects of the Great Resignation. So, what can organizations do to find and retain quality cybersecurity talent in these trying times?In this episode of Compliance Crosswalk, hosts Arti Lalwani and Blaise Wabo are joined by Andrew Houshian, Vice President of Service Delivery Operations at A-LIGN to discuss what the great resignation is and how we got here. They highlight the reasons why finding and retaining qualit...
Earlier this month, cybersecurity and compliance firm A-LIGN released its 2022 Compliance Benchmark Report. The 2022 Compliance Benchmark Survey was conducted from November 2021 through January 4, 2022 and was comprised of questions about where these professionals see their compliance and cybersecurity programs going in 2022. Survey participation was significant, with 732 survey respondents comprised entirely of IT, security and compliance professionalsIn this month’s episode, the report’s au...
In February 2022, the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) released an update to the ISO/IEC 27002:2013, known as ISO/IEC 27002:2022. In order to make the framework more adaptable and customizable to various organizations, a cadre of changes were announced. The major changes will include a reduction of the total number of controls, changes to the framework’s taxonomy and the creation of new attribute tables. This isn’t ...
A distributed workforce, the continued rise of ransomware and other malicious cyber activities and the marked increase of remote activities like telehealth have all lead to an expanded attack surface. More data is at more risk! In the inaugural episode of Compliance Crosswalk, hosts Blaise Wabo and Arti Lalwani sit down to discuss how things have changed in security, privacy and compliance since the global Covid-19 pandemic started and where they see these new trends taking us in a post-...