Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject. In this episode, we mine the whistleblower allegations by Peiter Zatko, AKA “Mudge,” made against Twitter for lessons for the cyber-security professional and wide compliance discipline. Highlights and questions posed include:
· The allegations made by Mudge.
· Why does an organization need a CISO (or CCO or CECO)?
· How did Twitter get hacked, its employees duped, and its controls bypassed?
· What is pedestrian yet telling in this saga?
· Why is data mapping mandatory if not critical?
· Where were the external auditors?
· Is there a Caremark claim here?
Resources
Matt in Radical Compliance
