SCWEpisode35

From Security Weekly Wiki
Jump to navigationJump to search

Security and Compliance Weekly Episode #35 - July 14, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Interview - Auditor Meets Security Pt. 1 - 12:00 PM-12:30 PM


Visit https://securityweekly.com/onapsis for more information!


Announcements

  • Join the Security Weekly Mailing List for webcast/virtual training announcements and to receive your personal invite to our Discord server by visiting https://securityweekly.com/subscribe and clicking the button to join the list!
  • With all the recent changes to BlackHat and DefCon, we realized we can keep doing what we do best - host virtual podcasts! I’m proud to announce Hacker Summer Camp 2020, a Security Weekly Virtual, Live-Stream Event, August 3 - August 6, 2020. To reserve your slot now, visit: https://securityweekly.com/summercamp2020

Description

Auditor turned security professional joins Security & Compliance Weekly to talk about how security misconfigurations and vulnerabilities can lead to compliance problems and the need for organizations to adopt a process of continuous compliance. Learn the best practices leaders can use to identify, monitor, and mitigate compliance risks related to their most critical business applications.

To learn more about Onapsis, visit: https://securityweekly.com/onapsis


10kBLAZE Threat Report: https://www.onapsis.com/resources/10kblaze Streamline and improve the audit process: https://www.onapsis.com/why-onapsis/automate-audit Automate the audit: https://youtu.be/EFkM5EOXcjE Recon Vulnerability: https://www.onapsis.com/recon-sap-cyber-security-vulnerability PAYDAY Vulnerability: https://www.onapsis.com/blog/video-oracle-payday-vulnerabilities BigDebIT Vulnerability: https://www.onapsis.com/oracle-bigdebit-vulnerabilities


Guest(s)

Brian Tremblay

Brian leads the Compliance Practice at Onapsis where he is responsible for helping customers understand and navigate the challenges and opportunities created by the increasing overlap of compliance, cybersecurity and business continuity related to IT General Controls and regulatory & compliance matters such as Sarbanes Oxley (SOX) and the General Data Protection Regulation (GDPR). Prior to Onapsis, he was the CAE for high-tech semiconductor company Acacia Communications. In addition to founding and leading all activities of the internal audit function, he helped prepare the organization to go public (including implementing SOX) and facilitated its implementation of enterprise risk management (ERM). Previously, Tremblay was the director of internal audit at Iron Mountain, overseeing all audits and projects within North America as well as liaising with global quality managers. Prior, as a senior manager at Houghton Mifflin Harcourt, he built out an internal audit department and executed a SOX implementation. Earlier in his career, he worked at Raytheon and Deloitte.


Hosts

2. Interview - Auditor Meets Security Pt. 2 - SCW #35 - 12:30 PM-01:00 PM


Visit https://securityweekly.com/onapsis for more information!


Announcements

  • We are looking for high-quality guest suggestions for all of our podcasts to fill our Q3 recording schedule! Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
  • Register for our upcoming webcasts or virtual trainings by visiting https://securityweekly.com/webcasts. Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Description

We continue the discussion with Brian Tremblay, a former auditor who "got religion" when he began to understand the complexities of security and how compliance could help or hinder security program efforts in organizations. We'll also talk about what Brian is doing at Onapsis, and how Onapsis is trying to help solve the problem.

To learn more about Onapsis, visit: https://securityweekly.com/onapsis



Guest(s)

Brian Tremblay

Brian leads the Compliance Practice at Onapsis where he is responsible for helping customers understand and navigate the challenges and opportunities created by the increasing overlap of compliance, cybersecurity and business continuity related to IT General Controls and regulatory & compliance matters such as Sarbanes Oxley (SOX) and the General Data Protection Regulation (GDPR). Prior to Onapsis, he was the CAE for high-tech semiconductor company Acacia Communications. In addition to founding and leading all activities of the internal audit function, he helped prepare the organization to go public (including implementing SOX) and facilitated its implementation of enterprise risk management (ERM). Previously, Tremblay was the director of internal audit at Iron Mountain, overseeing all audits and projects within North America as well as liaising with global quality managers. Prior, as a senior manager at Houghton Mifflin Harcourt, he built out an internal audit department and executed a SOX implementation. Earlier in his career, he worked at Raytheon and Deloitte.


Hosts