Categories
Compliance Into the Weeds

Cyber Security Failures Alleged in Mudge Whistleblower Compliant

Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject. In this episode, we mine the whistleblower allegations by Peiter Zatko, AKA “Mudge,” made against Twitter for lessons for the cyber-security professional and wide compliance discipline. Highlights and questions posed include:

·      The allegations made by Mudge.

·      Why does an organization need a CISO (or CCO or CECO)?

·      How did Twitter get hacked, its employees duped, and its controls bypassed?

·      What is pedestrian yet telling in this saga?

·      Why is data mapping mandatory if not critical?

·      Where were the external auditors?

·      Is there a Caremark claim here?

Resources

Matt in Radical Compliance