Non-compliant Clients: Righting the Ship Before Regulators Pounce – Brian Johnson – CFH #27
Try as they might to keep their clients in compliance with privacy and security regulations, managed services providers are still at the mercy of the organizations they serve. Unfortunately, companies don't always follow the MSSP's or vCISO's advice on items like responsible data stewardship, privacy policies and breach notification. If an attack does transpire and the company draws the ire of regulators, the security services provider could even end up a scapegoat, or even embroiled in a liability case. This Q&A discussion will look at what resource an MSSP or vCISO service has when their customer fails to make basic compliance a priority.
Guest
Brian brings more than 20 years of experience in leadership, founding, and building to his role as Co-founder and CEO at Crucyble. Previously, Brian was CSO of Armorblox (Acq by Cisco), CISO at Lending Club (LC) and Upwork (UPWK). Brian has held leadership positions at Uber, Netflix (NFLX), and ForeScout (FSCT). Brian has helped design, build and secure systems for the US Department of Defense, Global Finance, and Technology companies at scale. He has enjoyed speaking on innovation and maturing security organizations at the RSA Conference and National Press Club. Brian is regularly asked to speak at security conferences, as well as, brief Board of Directors and Executive Management teams. Brian has worked with Federal Agencies and Policy Advisors to influence actionable change in national security policy. Brian is an active advisor and mentor to several startups and founders in Silicon Valley where he resides with his wife and two children.
Hosts
