In this episode, we take you behind the scenes of how our team helped a client successfully achieve CMMC Level 2 certification. From assessing gaps and aligning controls to overcoming legacy system challenges and navigating the audit process, we break down each step of the journey. You’ll hear how collaboration, governance, and a clear security roadmap turned a complex compliance goal into a milestone achievement. Whether you’re preparing for your own certification or just curious about how CMMC impacts business resilience, this episode offers practical insights and lessons learned straight from the field.

On this episode, we have a special guest, Sourabh Moharil, Managing Director and Co-Founder of the Global Capability Center (GCC) company Agilite. Seiso CEO Joe Wynn joins our co-hosts, Lauren Shaffer and Eric Lansbery, to navigate the value behind establishing a GCC while integrating with a vGRC model to develop, maintain, and continuously improve compliance at that scale of business growth operations. Listen in on this very special episode and learn more about how GCC and vGRC can help to simplify security while upscaling your company strategically - for start-ups and well-established businesses alike.

In this episode, we'll review the proposed updates to the HIPAA Security Rule and discuss the challenges that organizations encounter when becoming HIPAA compliant or maintaining HIPAA compliance through these changes. We also dive into the complexities and differences between HIPAA compliance in the cloud, versus on-prem, and how compliance automation can be a game changer in keeping up with these changes. #vGRC #HIPAA #cybersecurity #riskmanagement

Listen in as we discuss the Seiso vGRC model with CEO Joe Wynn and COO Eric Lansbery. We'll cover topics from various angles of the Governance, Risk, and Compliance needs of Seiso customers, tell some real-life stories about how the vGRC model can benefit your organization, and even have a friendly debate about the efficacy of what we all come to know as vCISO, in the modern information security services industry.

Listen in as our podcast host, Lauren Shaffer, our special guest Travis Buckinham, along with Seiso Co-Founder Jon Zeolla discuss the advancements in AI and the security concerns related to AI in healthcare, finance, and other industries.  What is the industry doing to address these concerns? What can the world expect from AI in healthcare now, and in the near future? How helpful is AI when introduced into the supply-chain? Referenced article: https://www.techspot.com/news/106289-medical-misinformation-ai-training-data-poses-significant-risks.html  

During this episode, we're joined by Seiso engineers and consultants to discuss their individual paths to breaking into the cybersecurity industry and how they lay out their ongoing knowledge growth. We also discuss our recommendations for new and upcoming cybersecurity engineers in developing their skills. Finally, we round out the episode with a conversation on the ins and outs of being master of one or jack of all trades (or somewhere in between). 

In this episode, we kick off season 2 of the podcast with a recap of a few episodes from 2024. 

In this episode, we invited special guest Ken Presutti, an Agile coach and sports endurance coach, to discuss the value behind intrinsic motivation and how it can tie both personal and professional goals together. It's that time of year where organizations and individuals seek to establish their annual objectives and goals to meet the needs of the business, and in our industry, look to the year ahead to improve their cybersecurity strategy. We'll also discuss ways that Seiso enables a better work-life harmony for our workforce, and ways you can align your personal values with your professional milestones and initiatives.

In this episode, GRC Engineer Justin Fearon and CEO Joe Wynn discuss the importance of ethics and integrity in cybersecurity.  Join us on the Seiso Side Up Podcast as Justin and Joe deep-dive into the intent behind the book The Code of Honor - Embracing Ethics in Cybersecurity, written by Paul J Maurer and Ed Skoudis. You can purchase your copy of the book here: https://www.amazon.com/Code-Honor-Embracing-Ethics-Cybersecurity/dp/1394275862 Look for more information on this topic, as presented by Simon Simek, in this video: https://youtu.be/zP9jpxitfb4?si=9Cvr0ZYTlFepaln3

On this episode of the Seiso Side Up podcast, we welcome two guests - Jake Mayhew and Justin Leapline. Jake has decades of experience performing and teaching the ins and outs of penetration testing, at times performing tests for companies that handle cardholder data, and Justin is a subject matter expert in the world of PCI (Payment Card Industry) security & compliance. Join us as we dive into the gotchas of becoming PCI compliant and how to best approach penetration testing as part of the PCI compliance journey.

On this episode, CTO Jon Zeolla and Sr. Security Engineer Keith Holland discuss the inner-workings of the Seiso open source project, easy_infra. easy_infra is a docker container that simplifies and secures Infrastructure as Code deployments by running security scans prior to running IaC tools. It supports three main use cases: Experimentation by supporting interactive use and secure troubleshooting. Continuous Integration as a part of Pull/Merge Request validation. Continuous Deployment as an automated deployment tool. https://github.com/SeisoLLC/easy_infra

Listen in as Seiso GRC Engineers discuss the evolution of the practice through a commonly known set of informations security and risk scenarios that focus on security best practices, resiliency, and the overarching guardrails to keep everything operating in harmony. 

Joe Wynn (CEO) and Jon Zeolla (CTO) tell us about how and why they started https://seisollc.com and even more about where Seiso is headed through continuous innovation, constant learning, and bringing creative, frictionless information security / risk management practices to the Seiso customers.  Tune in to hear all about Seiso origin stories and some special segments that give you the insight into what makes Seiso a great business partner.

Senior Security Engineer Keith Holland and Lead Security Engineer Sean Cavanaugh talk about the intricacies and challenges facing application security practitioners in today's modern cloud-based software development world. The Original Rebel Scrum team was formed as Seiso adopted the Agile methodology to project management, lead by co-host Lauren Shaffer. Throughout their time at Seiso, both Sean and Keith have helped grow the DevSecOps, Web Application Pentesting, and Product Security practices.

Senior GRC Engineer Heidi Patrick and Security Consultant Justin Fearon talk all things CMMC. In this episode, we discuss the gotcha's when approaching CMMC compliance and how Seiso facilitates a process to reach CMMC readiness with creativity, allowing our customers to achieve their cybersecurity goals and eventually move towards the assessment process against CMMC requirements.

In this episode, our Seiso Side-Up co-hosts talk about what this podcast is all about, segments that we’ll showcase, and a little background on our co-hosts themselves.