Secure Access
In a world where security defines success, are you leading the way? “Secure Access” by Sign In Solutions empowers tech visionaries and executives with groundbreaking insights to master every aspect of security. Join us weekly as we dive deep into the heart of security challenges facing businesses today. Through candid conversations with industry insiders, we uncover the hidden truths and strategies needed to thrive. Whether you're striving to safeguard your organization or propel your career, our podcast equips you with the insights to outperform competitors and secure your future. Don't be left behind—discover the secrets to staying compliant and...Show more
All Episodes
Why You Should Comply with SOC 2 and ISO Standards
In this episode of the Secure Access Podcast, host John Dillard chats with Jason Mordeno, the Director of Compliance and Security at Sign In Solutions, about the intricacies of SOC 2 and ISO compliance standards. John introduces his background in security and compliance and the mission of Sign In Solutions as a visitor management platform. Jason shares his unconventional journey from 3D animation to compliance and discusses his passion for creating robust security frameworks. The conversation covers key aspects of SOC 2 and ISO, including differences, overlaps, and the practical challenges companies face while implementing these frameworks. Jason emphasizes the importance of a security mindset, effective communication, and foundational security principles in managing compliance across diverse and complex organizations. He also provides insights into current trends in compliance, the role of tools, and the importance of being proactive with incident response. This episode serves as a comprehensive guide for anyone looking to understand and navigate the complexities of SOC 2 and ISO compliance. KEY TAKEAWAYS Importance of security frameworks: Discussion on SOC 2 compliance and ISO standards, and their relevance to businesses. Expert insights: Jason Mordeno shares his journey from 3D animation to compliance, emphasizing the importance of a security mindset. Compliance frameworks overview: Detailed explanation of SOC 2 and ISO, their differences, similarities, and implementation strategies. Challenges in compliance: Importance of human factors and effective communication in maintaining robust security frameworks. Role of tools: Tools assist in compliance but are not a silver bullet; manual processes and human ingenuity are crucial. Global organizational considerations: Strategies for managing compliance in diverse and large-scale enterprises. Common compliance mistakes: Miscommunication and presumption are major pitfalls in compliance execution. Trends in compliance: Importance of staying proactive and preparing for emerging threats and regulatory changes. Final advice: Maintain a security mindset, believe in yourself, and focus on foundational pillars to navigate compliance challenges. QUOTES "Security mindset is thinking, how would we do this? What if we're the attacker?" "The challenge is not going to be money. The challenge is not your process. The challenge is not the business itself. The challenge is always going to be the people." "The first tool is yourself, right? Because without it, nothing runs." "Communication is the most offside answer I can give, but communication." "Never think you're secure. You must assume you'll be breached at any point." "Believe in yourself. If you're a security person, compliance person...keep yourself grounded because you are the foundation of the security mindset in the company." This episode is brought to you by Sign In Solutions. If you found today’s conversation insightful, be sure to subscribe, leave a review, and share it with your network. For more on transforming compliance, security, and workplace experiences, visit www.signinsolutions.com.
Breaking Down Security Silos: AI, Compliance, and the Future of Security
In this inaugural episode of the Secure Access Podcast, guest host Adam Cleveland interviews John Dillard, ex-CIA, Navy Veteran, author of Microslices, and founder of ThreatSwitch—a security compliance platform acquired by Sign In Solutions, to discuss the evolving landscape of security, and our host. They explore key issues such as the fragmented vocabulary in security, the impact of AI on security protocols, and the need for regulatory simplification to enable faster and more effective security measures. John shares insights from his career, including his experiences during 9/11 and his views on the future of security leadership. This episode aims to provide actionable advice for security leaders to prepare for rapidly changing threats. Key takeaways The Complexity of Security Vocabulary: Modern security challenges demand a unified approach, breaking down silos between cyber, personnel, and physical security. Rapid Changes with AI: The fast-paced evolution of AI necessitates a shift in security strategies. The traditional playbook is now outdated. Continuous Learning: For security professionals, continuous education in diverse security domains is crucial to keep pace with new threats. Regulatory Simplification: Simplifying regulations could speed up companies’ ability to implement effective security measures. Effective Leadership: Successful security leadership involves future prediction, continuous learning, and motivating teams toward proactive action. Identity Verification: Investing in robust identity verification can significantly enhance a company’s security posture. Quotes "The biggest thing that maybe people don't mention is that I think our vocabulary is broken." "If agents and AI can adapt their tactics in the midst of conducting the attack, there is no playbook. The playbook changes while it's being played." "If you are not reading and studying... the world is gonna blow by you in about two seconds." "The regulation is not the countermeasure." "Complying with the regulation does not protect you from everything related to that." This episode is brought to you by Sign In Solutions. If you found today’s conversation insightful, be sure to subscribe, leave a review, and share it with your network. For more on transforming compliance, security, and workplace experiences, visit www.signinsolutions.com.