The Art of Cybersecurity: Real-World Risk & Compliance Strategies

EXPLORE

Society & Culture

Health & Fitness

© 2024 PodJoint

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/3a/fe/76/3afe76f7-ce2b-7984-fd14-84dcfa90a390/mza_10838360102750420844.jpg/600x600bb.jpg

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

Cheri Hotman

25 episodes

4 days ago

Cybersecurity is as much art as it is science or technology. It must be creatively designed, right-sized, implemented, and sustained—all within stealthy constraints: finite time, budget, resources. Meanwhile, customers demand this framework, that standard, and yet another security questionnaire. It’s a lot to juggle—balancing security that genuinely protects people and data with the theater that often slips into meaningless checkbox exercises. On this podcast, expect sharp, unfiltered conversations about the realities of cyber and what it truly takes to do it right—and make it actually matter.

Show more...

All content for The Art of Cybersecurity: Real-World Risk & Compliance Strategies is the property of Cheri Hotman and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Cybersecurity is as much art as it is science or technology. It must be creatively designed, right-sized, implemented, and sustained—all within stealthy constraints: finite time, budget, resources. Meanwhile, customers demand this framework, that standard, and yet another security questionnaire. It’s a lot to juggle—balancing security that genuinely protects people and data with the theater that often slips into meaningless checkbox exercises. On this podcast, expect sharp, unfiltered conversations about the realities of cyber and what it truly takes to do it right—and make it actually matter.

Show more...

Episodes (20/25)

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

Beyond the Checklist CMMC with Integrity

In this episode, Cheri Hotman unpacks the real story behind CMMC—and why it’s far more than a compliance checklist. Drawing on highlights from her recent Dallas talk, Cheri emphasizes that passing an audit is never the end goal. Instead, CMMC is about protecting sensitive government data, earning customer trust, and building integrity into every layer of your security program.

Cheri breaks down the biggest pitfalls she sees—like over- or under-scoping, documentation theater, and trying to “DIY” without the right expertise. She shares why companies must approach CMMC as an ongoing cycle of protection, monitoring, and improvement—not a one-time project.

If you’re navigating CMMC, you’ll walk away with:

Clear insight into what the DoD really expects (hint: it’s not just a perfect score).
Strategies to scope effectively and avoid wasted effort.
How to balance third-party support with true internal ownership.
The importance of building trust and integrity over “just passing.”

CMMC is a chance to strengthen your security posture and stand out in the market—don’t miss it.

1 month ago

36 minutes 37 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

CMMC Demystified Scoping Compliance and Avoiding Costly Mistakes

In this episode, Cheri Hotman and Paula Biggs break down the realities of CMMC compliance, with a special focus on scoping and avoiding common missteps. They explain how CMMC builds on existing NIST 800-171 requirements and why scoping—deciding which systems, people, and vendors fall under compliance—is the first and most critical step. Paula emphasizes that smaller companies can often save significant cost and risk by narrowing their scope strategically, while Cheri highlights how poor scoping leads to inflated audits, unnecessary licensing fees, and added risk exposure. Together, they stress the importance of understanding vendor responsibilities, building accurate and detailed System Security Plans (SSPs), and treating audits as confidence-building exercises rather than checkbox events. The conversation reinforces that CMMC isn’t just about passing an audit—it’s about sustaining secure, risk-aware practices that protect sensitive data and long-term business trust.

2 months ago

43 minutes 44 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

Beyond the Audit: Making Continuous Compliance Work

Cheri Hotman and Tanya Wade cut through the checkbox mentality of audits to show why real compliance is about building programs that protect your people, data, and reputation year-round. From SOC 2 readiness to the pitfalls of over-relying on GRC tools, they share practical steps for prioritizing controls, assigning ownership, and reducing audit stress. If you’ve ever thought “we passed the audit—now what?”, this episode gives you the roadmap to continuous compliance with less chaos and more confidence.

2 months ago

23 minutes 29 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

Episode 0: Why Cybersecurity Is as Much Art as Science

In this kickoff episode of The Art of Cybersecurity, host Cheri Hotman shares why this podcast exists and what listeners can expect. Cyber isn’t just science or technology — it’s art. It’s messy, constrained, people-driven, and ultimately about mitigating risk to protect people and data.

Cheri cuts through the noise of “easy button” tools, audit-passing mentalities, and checkbox compliance to talk about what security really is: designing programs that work, tackling people and process challenges, and aligning solutions to business goals.

Expect honest, unfiltered conversations, real-world stories, and practical insights that go beyond buzzwords. If you’re ready to say what needs to be said and push for cybersecurity that truly matters, subscribe now and join the fight.

2 months ago

21 minutes 40 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

5 Tactics to Protect the Cloud Pt. 2

Take these 5 tactics given by Cheri Hotman to help better protect the cloud.

3 years ago

7 minutes 39 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

5 Tactics to Protect the Cloud Pt. 1

Take these 5 tactics given by Cheri Hotman to help better protect the cloud.

3 years ago

8 minutes 24 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

Cybersecurity is a Problem of People

Cybersecurity is a Problem of People

➜ Hit the LIKE button

➜ SHARE the video with someone who might need it

➜ POST your questions in the comments for future video topics

➜ SUBSCRIBE for notifications of new episodes

#cybersecurity #security #soc2 #vciso #compliance #risk #riskmanagement #grc #itrm #video #fintech #healthcare #healthcaretechnology #healthcaretech #software #saassecurity #ceo #ciso #phi #pii #pi #softwareindustry #dataprivacy #dataprotection #womenincybersecurity #womenincyber #womeninfintech #womenintech

3 years ago

10 minutes 59 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

Pen Test to Remove Security Blindness

Pen Test to Remove Security Blindness

➜ Hit the LIKE button

➜ SHARE the video with someone who might need it

➜ POST your questions in the comments for future video topics

➜ SUBSCRIBE for notifications of new episodes

#cybersecurity #security #soc2 #vciso #compliance #risk #riskmanagement #grc #itrm #video #fintech #healthcare #healthcaretechnology #healthcaretech #software #saassecurity #ceo #ciso #phi #pii #pi #softwareindustry #dataprivacy #dataprotection #womenincybersecurity #womenincyber #womeninfintech #womenintech

3 years ago

8 minutes 31 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

SaaS Tools Cover My Security, Right?

SaaS Tools Cover My Security, Right?

➜ Hit the LIKE button

➜ SHARE the video with someone who might need it

➜ POST your questions in the comments for future video topics

➜ SUBSCRIBE for notifications of new episodes

#cybersecurity #security #soc2 #vciso #compliance #risk #riskmanagement #grc #itrm #video #fintech #healthcare #healthcaretechnology #healthcaretech #software #saassecurity #ceo #ciso #phi #pii #pi #softwareindustry #dataprivacy #dataprotection #womenincybersecurity #womenincyber #womeninfintech #womenintech

3 years ago

7 minutes 58 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

Even Policies Are Not Set-It-And-Forget-It

Even Policies Are Not Set-It-And-Forget-It

➜ Hit the LIKE button

➜ SHARE the video with someone who might need it

➜ POST your questions in the comments for future video topics

➜ SUBSCRIBE for notifications of new episodes

#cybersecurity #security #soc2 #vciso #compliance #risk #riskmanagement #grc #itrm #video #fintech #healthcare #healthcaretechnology #healthcaretech #software #saassecurity #ceo #ciso #phi #pii #pi #softwareindustry #dataprivacy #dataprotection #womenincybersecurity #womenincyber #womeninfintech #womenintech

3 years ago

5 minutes 53 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

Don't Solve for the Wrong Problem

Don't Solve for the Wrong Problem

➜ Hit the LIKE button

➜ SHARE the video with someone who might need it

➜ POST your questions in the comments for future video topics

➜ SUBSCRIBE for notifications of new episodes

#cybersecurity #security #soc2 #vciso #compliance #risk #riskmanagement #grc #itrm #video #fintech #healthcare #healthcaretechnology #healthcaretech #software #saassecurity #ceo #ciso #phi #pii #pi #softwareindustry #dataprivacy #dataprotection #womenincybersecurity #womenincyber #womeninfintech #womenintech

3 years ago

9 minutes 4 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

Cybersecurity Does Not Equal Cool Tools

Cybersecurity Does Not Equal Cool Tools

➜ Hit the LIKE button

➜ SHARE the video with someone who might need it

➜ POST your questions in the comments for future video topics

➜ SUBSCRIBE for notifications of new episodes

#cybersecurity #security #soc2 #vciso #compliance #risk #riskmanagement #grc #itrm #video #fintech #healthcare #healthcaretechnology #healthcaretech #software #saassecurity #ceo #ciso #phi #pii #pi #softwareindustry #dataprivacy #dataprotection #womenincybersecurity #womenincyber #womeninfintech #womenintech

3 years ago

8 minutes 52 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

CEO's, Watch Your Assets

CEO's, Watch Your Assets

➜ Hit the LIKE button

➜ SHARE the video with someone who might need it

➜ POST your questions in the comments for future video topics

➜ SUBSCRIBE for notifications of new episodes

#cybersecurity #security #soc2 #vciso #compliance #risk #riskmanagement #grc #itrm #video #fintech #healthcare #healthcaretechnology #healthcaretech #software #saassecurity #ceo #ciso #phi #pii #pi #softwareindustry #dataprivacy #dataprotection #womenincybersecurity #womenincyber #womeninfintech #womenintech

3 years ago

5 minutes 19 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

How to Respond to Security Questionnaires?

How to Respond to Security Questionnaires?

➜ Hit the LIKE button

➜ SHARE the video with someone who might need it

➜ POST your questions in the comments for future video topics

➜ SUBSCRIBE for notifications of new episodes

#cybersecurity #security #soc2 #vciso #compliance #risk #riskmanagement #grc #itrm #video #fintech #healthcare #healthcaretechnology #healthcaretech #software #saassecurity #ceo #ciso #phi #pii #pi #softwareindustry #dataprivacy #dataprotection #womenincybersecurity #womenincyber #womeninfintech #womenintech

3 years ago

6 minutes 6 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

Why Can't I Just Download Policy?

Why Can't I Just Download Policy?

➜ Hit the LIKE button

➜ SHARE the video with someone who might need it

➜ POST your questions in the comments for future video topics

➜ SUBSCRIBE for notifications of new episodes

#cybersecurity #security #soc2 #vciso #compliance #risk #riskmanagement #grc #itrm #video #fintech #healthcare #healthcaretechnology #healthcaretech #software #saassecurity #ceo #ciso #phi #pii #pi #softwareindustry #dataprivacy #dataprotection #womenincybersecurity #womenincyber #womeninfintech #womenintech

3 years ago

5 minutes 51 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

Got Asked for It, But Don't Have SOC 2?

Got Asked for It, But Don't Have SOC 2?

➜ Hit the LIKE button

➜ SHARE the video with someone who might need it

➜ POST your questions in the comments for future video topics

➜ SUBSCRIBE for notifications of new episodes

#cybersecurity #security #soc2 #vciso #compliance #risk #riskmanagement #grc #itrm #video #fintech #healthcare #healthcaretechnology #healthcaretech #software #saassecurity #ceo #ciso #phi #pii #pi #softwareindustry #dataprivacy #dataprotection #womenincybersecurity #womenincyber #womeninfintech #womenintech

3 years ago

6 minutes 50 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

Minimal Security You Need for Cyber War

Minimal Security You Need for Cyber War

➜ Hit the LIKE button

➜ SHARE the video with someone who might need it

➜ POST your questions in the comments for future video topics

➜ SUBSCRIBE for notifications of new episodes

#cybersecurity #security #soc2 #vciso #compliance #risk #riskmanagement #grc #itrm #video #fintech #healthcare #healthcaretechnology #healthcaretech #software #saassecurity #ceo #ciso #phi #pii #pi #softwareindustry #dataprivacy #dataprotection #womenincybersecurity #womenincyber #womeninfintech #womenintech

3 years ago

9 minutes 56 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

5 Questions CEOs Should Ask on Cybersecurity

5 Questions CEOs Should Ask on Cybersecurity

➜ Hit the LIKE button

➜ SHARE the video with someone who might need it

➜ POST your questions in the comments for future video topics

➜ SUBSCRIBE for notifications of new episodes

#cybersecurity #security #soc2 #vciso #compliance #risk #riskmanagement #grc #itrm #video #fintech #healthcare #healthcaretechnology #healthcaretech #software #saassecurity #ceo #ciso #phi #pii #pi #softwareindustry #dataprivacy #dataprotection #womenincybersecurity #womenincyber #womeninfintech #womenintech

3 years ago

12 minutes 34 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

The Longer the Better Password

The Longer the Better Password

➜ Hit the LIKE button

➜ SHARE the video with someone who might need it

➜ POST your questions in the comments for future video topics

➜ SUBSCRIBE for notifications of new episodes

#cybersecurity #security #soc2 #vciso #compliance #risk #riskmanagement #grc #itrm #video #fintech #healthcare #healthcaretechnology #healthcaretech #software #saassecurity #ceo #ciso #phi #pii #pi #softwareindustry #dataprivacy #dataprotection #womenincybersecurity #womenincyber #womeninfintech #womenintech

3 years ago

9 minutes 42 seconds

The Art of Cybersecurity: Real-World Risk & Compliance Strategies

Don't be Overwhelmed (on Security), Start Here

Don't be Overwhelmed (on Security), Start Here

➜ Hit the LIKE button

➜ SHARE the video with someone who might need it

➜ POST your questions in the comments for future video topics

➜ SUBSCRIBE for notifications of new episodes

#cybersecurity #security #soc2 #vciso #compliance #risk #riskmanagement #grc #itrm #video #fintech #healthcare #healthcaretechnology #healthcaretech #software #saassecurity #ceo #ciso #phi #pii #pi #softwareindustry #dataprivacy #dataprotection #womenincybersecurity #womenincyber #womeninfintech #womenintech

3 years ago

10 minutes 26 seconds