CISO Insights: Voices in Cybersecurity

• The Compliance Crucible: Navigating the CMMC 2.0 & SPRS Mandate

  As the Department of Defense activates Phase 1 of the CMMC rollout, government contractors must race to validate their cybersecurity posture or risk losing contract eligibility. This episode breaks down the critical path to Level 2 certification, including the costs of remediation, the 110 controls of NIST SP 800-171, and the mandatory reporting requirements for the Supplier Performance Risk System (SPRS). Tune in for a strategic guide on finalizing your System Security Plan, budgeting for third-party assessments, and ensuring your organization avoids the "No CMMC Status" designation. www.compliancehub.wiki/compliance-report-procedures-for-nist-sp-800-171-and-cmmc-assessment-submission-in-the-supplier-performance-risk-system-sprs   Sponsor: https://cmmcnist.tools www.compliancehub.wiki  

  --------  

  24:54

  --------

  24:54
• De Cyberbeveiligingswet: De Digitale Revolutie van 2026

  In deze aflevering duiken we in de nieuwe Cyberbeveiligingswet (Cbw), die de Europese NIS2-richtlijn naar Nederlandse wetgeving vertaalt en de huidige Wbni vervangt. We bespreken waarom de implementatie is vertraagd tot het tweede kwartaal van 2026 en waarom de Rijksoverheid adviseert om nu al te starten met de tien verplichte zorgplichtmaatregelen. Daarnaast analyseren we de impact op bestuurders, die persoonlijk aansprakelijk kunnen worden gesteld voor het falen van het digitale risicobeheer. https://eumapping.compliancehub.wiki www.compliancehub.wiki/the-dutch-nis2-law-cbw-is-delayed-to-2026-acting-now-is-not-optional-its-a-fiduciary-duty   Sponsor: www.compliancehub.wiki www.cisomarketplace.com  

  --------  

  17:20

  --------

  17:20
• The Cbw Countdown: Surviving the Dutch Cybersecurity Revolution

  This episode unpacks the new timeline for the Cyberbeveiligingswet, the Dutch implementation of NIS2 now projected for the second quarter of 2026, and explains the critical distinction between Essential and Important entities. We dive into the expanded fiduciary duties for board members, who now face mandatory training and potential personal liability if they fail to approve and supervise strict risk management measures. Experts discuss why the "Duty of Care" obligations—ranging from supply chain security to incident reporting within 24 hours—must be adopted now to avoid catastrophic fines of up to €10 million. www.compliancehub.wiki/the-dutch-nis2-law-cbw-is-delayed-to-2026-acting-now-is-not-optional-its-a-fiduciary-duty https://eumapping.compliancehub.wiki   Sponsors: www.compliancehub.wiki www.myprivacy.blog  

  --------  

  16:30

  --------

  16:30
• Carded at the Digital Door: The Surveillance of the Public Square

  As governments from Australia to Texas enforce "digital borders" through mandates like the Social Media Minimum Age Act, the internet is rapidly shifting from an open forum to a surveillance state requiring government ID or biometric scans for entry. While intended to protect children, experts warn these systems create "massive centralized repositories" of sensitive data ripe for hackers, while determined minors easily bypass them using VPNs or even photos of pets. This episode unpacks how these laws threaten online anonymity, disproportionately exclude marginalized communities, and force users to trade their privacy for the right to speak. www.compliancehub.wiki/analysis-of-online-age-verification-mandates   https://biometric.myprivacy.blog https://pii.compliancehub.wiki https://digitaltwinrisk.health   Sponsors:  www.compliancehub.wiki www.myprivacy.blog   

  --------  

  35:51

  --------

  35:51
• The Perimeter is Dead: How Vendor Insecurity Ignited a $500 Million Ransomware Crisis

  We investigate the "Firewall Crisis" where the four dominant vendors—Cisco, Fortinet, SonicWall, and Check Point—collectively contributed over 50 actively exploited vulnerabilities to CISA's catalog, effectively transforming defensive appliances into primary attack vectors. The discussion uncovers how this systemic failure enabled the Akira ransomware group to generate $244 million by targeting Cisco VPNs and allowed the Qilin group to cripple healthcare systems by exploiting Fortinet flaws. Finally, we analyze the "Zero-Day Paradox," exploring how security giant Check Point was breached twice in nine months by its own research, signaling the urgent need for organizations to abandon perimeter reliance in favor of Zero Trust.   https://breached.company/fortinet-under-fire-how-firewall-vulnerabilities-are-devastating-healthcare-and-critical-infrastructure https://breached.company/check-points-zero-day-paradox-the-security-company-that-couldnt-secure-itself https://breached.company/marquis-ransomware-breach-when-third-party-vendors-become-the-weakest-link-in-financial-services https://breached.company/cisco-under-siege-how-akira-ransomware-and-nation-state-actors-are-exploiting-americas-most-critical-network-infrastructure https://www.securitycareers.help/the-cisos-nightmare-trifecta-when-data-centers-vendor-risk-management-and-insider-threats-collide www.securitycareers.help/the-firewall-crisis-a-cisos-guide-to-understanding-why-americas-network-perimeter-is-collapsing   Sponsors:  www.cisomarketplace.com www.securitycareers.help www.breached.company  

  --------  

  33:39

  --------

  33:39

Mais podcasts de Notícias

Podcasts em tendência em Notícias

Sobre CISO Insights: Voices in Cybersecurity