-
Chris Ganacoplos with Preforce and Tim Schilbach with Penacity
- 2024/09/18
- 再生時間: 23 分
- ポッドキャスト
-
サマリー
activate_samplebutton_t1
あらすじ・解説
Industrial Talk is onsite at OMG, Q1 Meeting and talking to Chris Ganacoplos with Preforce and Tim Schilbach with Penacity about "A connected industrial world requires sound cyber protection and compliance". Scott MacKenzie hosts an industrial podcast featuring Chris Ganacoplos and Tim Schilbach. Chris, from Perforce, discusses DevSecOps and continuous compliance standards, emphasizing the importance of secure infrastructure and policy frameworks like NIST 800-171. Tim, from Penacity, highlights the Cybersecurity Maturity Model Certification (CMMC) designed to protect industrial secrets from adversaries. They stress the need for dynamic, adaptive security measures that balance innovation with compliance. Both experts advise businesses to seek professional help, consult authoritative sources, and establish a robust corporate governance program to navigate cybersecurity effectively. Action Items
Outline Introduction and Meeting Setup
Background on DevSecOps and CMMC
Challenges in Maintaining Compliance
Creating a Culture of Compliance
Practical Steps for Small Businesses
- [ ] Educate yourself on applicable frameworks like NIST SP 800-171.
- [ ] Consult with certified professionals to assess your organization's security gaps and develop a roadmap.
- [ ] Reach out to Chris and Tim on LinkedIn for cybersecurity guidance.
Outline Introduction and Meeting Setup
- Scott MacKenzie introduces the Industrial Talk podcast, emphasizing its focus on industry professionals and their innovations.
- The meeting is held at OMG Reston, Virginia, and is the Q1 meeting with a focus on problem solvers.
- Scott introduces Chris and Tim, who are in the hot seat for the discussion.
- Chris and Tim share their backgrounds: Chris from Perforce, focusing on DevSecOps and continuous compliance, and Tim from Penacity, specializing in industrial security and critical infrastructure.
Background on DevSecOps and CMMC
- Chris explains his role at Perforce, focusing on DevSecOps and continuous compliance standards.
- Tim provides a detailed background on CMMC (Cybersecurity Maturity Model Certification), its purpose, and its relevance to the defense industrial base.
- Tim highlights the importance of CMMC in protecting industrial secrets and the implications for national security.
- The discussion touches on the dynamic nature of cybersecurity standards and the need for continuous compliance.
Challenges in Maintaining Compliance
- Chris discusses the importance of securing infrastructure and the role of policies in maintaining compliance.
- Tim explains the complexity of dynamic environments and the need for continuous documentation and monitoring.
- The conversation covers the challenges of ensuring compliance in rapidly changing environments and the importance of having a robust change control process.
- Tim emphasizes the role of technology platforms like Puppet in automating compliance checks and maintaining security baselines.
Creating a Culture of Compliance
- Scott and Tim discuss the importance of creating a culture of compliance within organizations.
- Tim highlights the role of leadership in driving a culture of compliance and the need for effective communication and collaboration.
- The conversation touches on the importance of automation in reducing costs and improving compliance.
- Tim shares insights on the role of consultants and technology partners in helping organizations navigate compliance challenges.
Practical Steps for Small Businesses
- Scott asks about practical steps for...