September: Asking Compliance and InfoSec Experts Almost Anything
by Elliot Volkman
At times, the world of cyber security or InfoSec can feel like a mystery. The most important conversations seem to happen behind closed doors, among close-knit communities, or occasionally in the bars around RSA and Black Hat. Compliance isn’t too dissimilar, except the differences are that you practically need to speak another language to understand the raw regulations, requirements, or privacy acts associated with it. At Drata, we embrace transparency and constantly strive to open more doors to those interested in learning about our industry. In fact, this is one of the primary goals behind the launch of Secured, the Drata community.
With this in mind, our team has developed a lineup of amazing experts in their field who have been kind enough to open their door to you and answer almost anything. Our first Ask Me Almost Anything (AMAA) kicked off with the beta launch of Secured, where Lemonade’s CISO was kind enough to be our first test subject guest.What exactly is an Ask Me Almost Anything (AMAA)? AMAAs give you the opportunity to ask experts nearly anything, within reason, and it’s as simple as that.
Jonathan Jaffe Answers Almost Anything
Meet Jonathan Jaffe, the CISO of Lemonade and a wonderful partner to Drata.
What his thoughts are on the latest InfoSec buzzwords, including a colorful explanation of Zero Trust in the form of a zombie invasion.
His perspective on shifting from a security practitioner to a security leader.
The role security plays at Lemonade.
Why he went into law and swung back to InfoSec.
And much more.
Kelli Wisuri Answers Your Questions About Security Reviews
If you’ve ever wondered what it takes to build a solution dedicated to resolving one of the more painful aspects of vendor security reviews, Kelli Wisuri has you covered. Kelli is the Head of Product at HyperComply. She is a product leader and engineer with 10 years of experience helping businesses work better.So far, the community has come up with some interesting questions such as:
As a threat intelligence analyst, what is the best way to support due diligence efforts?
What are the repercussions of providing an answer that the vendor doesn’t like?
Any advice for our small team as we don’t have an official security person—I’m IT and an engineer.
Care to join in? Signup for Secured and drop your question in the discussion thread.
Your Questions Answered About Security Awareness
Check Secured in just over a week when we post Nick’s thread.